Follow the three steps in case administrators finds any hacking threats. They can protect themselves from system attack easily..
1. Harden your systems (also known as “security tightening” or “lock-down” ) by
- Configuring necessary software for better security
- Deactivating unnecessary software – disable any daemons that aren’t needed or seldom used, as they’re the most vulnerable to attacks
-Configuring the base operating system for increased security
2. Patch all your systems – Intruders always looks for vulnerabilities in your system to gain root access, so keep track of “patches” by updating your programs frequently (once the security flaw is found, manufacturers usually offer patches and fixes them quickly before anyone can take advantage of the security holes to any large extent), and avoiding using new applications or those with previously documented vulnerabilities.
3. Install a firewall on the system, or at least on the network – Firewalls refer to either software (ex. ZoneAlarm) and/or hardware (ex. Symantec-Axent’s Firewall/VPN 100 Appliance) that blocks incoming or outgoing network traffic, and give permission to transmit and receive only to the kind of traffic that are authorized. They work at the packet level and can not only detect scan attempts but also block them.
To avoid spending a lot of money on Firewalls one can use open source software available freely over the Internet.
At the very least, you should have a packet-filtering firewall as it is the quickest way to enforce security at the border to the Internet.
EPLS offers the following suggestions/services for Stopping Unauthorized Access, using firewalls:
- Tighten the Routers at your border to the Internet in terms of packets that can be admitted or let out.
- Deploy Strong Packet Filtering Firewalls in your network (either by bridge- or routing mode)
- Setup Proxy Servers for services you allow through your packet-filtering firewalls (can be client- or server-side/reverse proxy servers)
- Develop Special Custom Made Server or Internet services client and server software
4. Assess your network security and degree of exposure to the Internet. You can do this by following the suggestions made by EPLS.
-portscan your own network from outside to see the exposed services (TCP/IP service that shouldn’t be exposed, such as FTP)
- run a vulnerability scanner against your servers (commercial and free scanners are available)
- monitor your network traffic (external and internal to your border firewalls)
- refer to your system log – it will reveal (unauthorized) services run on the system and hacking attempts based on format string overflow usually leave traces here
- check your firewall logs – border firewalls log all packets dropped or rejected and persistent attempts should be visible
Portmapper, NetBIOS port 137-139 and other dangerous services exposed to the Internet, should trigger some actions if you check all the above.
Also, more complex security checks will show whether your system is exposed through uncontrolled Internet Control Message Protocol (ICMP) packets or if it can be controlled as part of DDoS slaves through ICMP.
5. When using passwords don’t use
- real words or combinations thereof
- numbers of significance (eg birthdates)
- similar/same password for all your accounts
6. Use encrypted connections – encryption between client and server requires that both ends support the encryption method
- don’t use Telnet, POP, or FTP programs unless strongly encrypted passwords are passed over the Internet; encrypt remote shell sessions (like Telnet) if switching to other userIDs/root ID
- use SSH (instead of Telnet or FTP)
- never send sensitive information over email
7. Do not install software from little known sites – as these programs can hide “trojans”; if you have to download a program, use a checksum, typically PGP or MD5 encoded, to verify its authenticity prior to installation
8. Limit access to your server(s) – limit other users to certain areas of the filesystem or what applications they can run
9. Stop using systems that have already been compromised by hackers – reformat the hard disk(s) and re-install the operating system
10. Use Anti-Virus Software (ex. Norton Anti-Virus or McAffee) and keep your virus definitions up-to-date. Also, scan your system regularly for viruses.
Some of the ways by which Web hosting providers’ Security Officers Face Challenges are:
- looking at new products/hacks
- regularly reviewing policies/procedures
- constant monitoring of well known ports, like port 80, that are opened in firewalls
- timely installation of patches
- customized setup of servers that isolate customers from each other – “In a hosting environment the biggest threat comes from inside – the customers themselves try to break into the system or into other customers’ files”
- investment in firewall, VPN devices, and other security measures, including encrypted Secure Sockets Layer (SSL) communication in the server management and account management systems
- installation of secure certificates on web sites
-purchase and deployment of products according to identified needs
- monitoring suspicious traffic patterns and based on the customer’s service plan, either shunting away such traffic as bad, or handling it through a content-distribution system that spreads across the network.
1. Harden your systems (also known as “security tightening” or “lock-down” ) by
- Configuring necessary software for better security
- Deactivating unnecessary software – disable any daemons that aren’t needed or seldom used, as they’re the most vulnerable to attacks
-Configuring the base operating system for increased security
2. Patch all your systems – Intruders always looks for vulnerabilities in your system to gain root access, so keep track of “patches” by updating your programs frequently (once the security flaw is found, manufacturers usually offer patches and fixes them quickly before anyone can take advantage of the security holes to any large extent), and avoiding using new applications or those with previously documented vulnerabilities.
3. Install a firewall on the system, or at least on the network – Firewalls refer to either software (ex. ZoneAlarm) and/or hardware (ex. Symantec-Axent’s Firewall/VPN 100 Appliance) that blocks incoming or outgoing network traffic, and give permission to transmit and receive only to the kind of traffic that are authorized. They work at the packet level and can not only detect scan attempts but also block them.
To avoid spending a lot of money on Firewalls one can use open source software available freely over the Internet.
At the very least, you should have a packet-filtering firewall as it is the quickest way to enforce security at the border to the Internet.
EPLS offers the following suggestions/services for Stopping Unauthorized Access, using firewalls:
- Tighten the Routers at your border to the Internet in terms of packets that can be admitted or let out.
- Deploy Strong Packet Filtering Firewalls in your network (either by bridge- or routing mode)
- Setup Proxy Servers for services you allow through your packet-filtering firewalls (can be client- or server-side/reverse proxy servers)
- Develop Special Custom Made Server or Internet services client and server software
4. Assess your network security and degree of exposure to the Internet. You can do this by following the suggestions made by EPLS.
-portscan your own network from outside to see the exposed services (TCP/IP service that shouldn’t be exposed, such as FTP)
- run a vulnerability scanner against your servers (commercial and free scanners are available)
- monitor your network traffic (external and internal to your border firewalls)
- refer to your system log – it will reveal (unauthorized) services run on the system and hacking attempts based on format string overflow usually leave traces here
- check your firewall logs – border firewalls log all packets dropped or rejected and persistent attempts should be visible
Portmapper, NetBIOS port 137-139 and other dangerous services exposed to the Internet, should trigger some actions if you check all the above.
Also, more complex security checks will show whether your system is exposed through uncontrolled Internet Control Message Protocol (ICMP) packets or if it can be controlled as part of DDoS slaves through ICMP.
5. When using passwords don’t use
- real words or combinations thereof
- numbers of significance (eg birthdates)
- similar/same password for all your accounts
6. Use encrypted connections – encryption between client and server requires that both ends support the encryption method
- don’t use Telnet, POP, or FTP programs unless strongly encrypted passwords are passed over the Internet; encrypt remote shell sessions (like Telnet) if switching to other userIDs/root ID
- use SSH (instead of Telnet or FTP)
- never send sensitive information over email
7. Do not install software from little known sites – as these programs can hide “trojans”; if you have to download a program, use a checksum, typically PGP or MD5 encoded, to verify its authenticity prior to installation
8. Limit access to your server(s) – limit other users to certain areas of the filesystem or what applications they can run
9. Stop using systems that have already been compromised by hackers – reformat the hard disk(s) and re-install the operating system
10. Use Anti-Virus Software (ex. Norton Anti-Virus or McAffee) and keep your virus definitions up-to-date. Also, scan your system regularly for viruses.
Some of the ways by which Web hosting providers’ Security Officers Face Challenges are:
- looking at new products/hacks
- regularly reviewing policies/procedures
- constant monitoring of well known ports, like port 80, that are opened in firewalls
- timely installation of patches
- customized setup of servers that isolate customers from each other – “In a hosting environment the biggest threat comes from inside – the customers themselves try to break into the system or into other customers’ files”
- investment in firewall, VPN devices, and other security measures, including encrypted Secure Sockets Layer (SSL) communication in the server management and account management systems
- installation of secure certificates on web sites
-purchase and deployment of products according to identified needs
- monitoring suspicious traffic patterns and based on the customer’s service plan, either shunting away such traffic as bad, or handling it through a content-distribution system that spreads across the network.
Comments
Post a Comment