Understanding and responding to CVEs
I've already mentioned some of the things you can do in order to protect your server from some common threats, and I'll give you more tips later on in this chapter. But how does one know when there's a vulnerability that needs to be patched? How do you know when to take action? The best practices I'll mention in this chapter will only go so far; at some point, there may be some sort of security issue that will require you to do something beyond generating a strong password or locking down a port.
The most important thing to do is to keep up with the news. Subscribe to sites that report news on security vulnerabilities, and I'll even place a few of these in the Further reading section of this chapter. When a security flaw is revealed, it's typically reported on these sites, and given a CVE number where security researchers will document their findings.
CVEs are found in special online catalogs detailing security...