Hacker threats and invasions

Portal Home > Knowledgebase > Articles Database > Hacker threats and invasions

Posted by oceans44, 09-26-2012, 03:23 PM
Should one just come to expect that if you own a hosting company, that eventually your servers will get hacked? Do people have nothing better to do with their time than to try to bring down someone's hosting network that can be home to thousands of people's websites? What makes a company more prone to hackers than others?
Posted by KMyers, 09-26-2012, 03:54 PM
Hello, Unfortunately there will always be script kiddies who like to go around defacing sites with the latest exploit of the month. It has gotten quite normal unfortunately in this industry. I will not say that eventually your server will be hacked, but I can say that eventually someone will try to test your server's security.
Posted by oceans44, 09-26-2012, 04:23 PM
Unfortunate to be sure but what you state sounds like reality in a nut shell. Thanks for the response.
Posted by XeSupport, 09-26-2012, 10:22 PM
As long as you are pro-active and up-to-date with your server's security, you should not need to worry too much about hackers
Posted by ireshagun, 09-26-2012, 11:50 PM
if by server you mean your linux servers, then, they are pretty hack resistant.
Posted by kpmedia, 09-27-2012, 12:17 AM
Not even close. Linux deploys with zero security. None. The same can be said for PHP, MySQL, Apache, and several other things. It takes a competent admin to secure (and continue securing) sites, services and servers. The "invincible Linux" attitude is easily knocked on its butt.
Posted by snapstart-chris, 09-27-2012, 12:47 AM
That completely depends on your config, software versions, etc. CentOS installs and activates SELinux by default on new installs. While not perfect by any means, with the out of the box config, it's a heck of a lot better than some other distros. Now, writing from my info sec side... There are two types of attacks, the drive by, and the targeted. The drive by is typically what you'll find. Some script kiddie picked up a sploit and is going to run it on every host until their ISP shuts them down. These are usually easy to protect against. Get a half decent firewall, IPS, webapp firewall. Get a pentest done of any externally facing services, and hold your vendors accountable. And above all else, just use common sense. Now, if you're being targeted, that's a different story. It's fairly common knowledge that if someone (with any decent level of skill) wants to get into your systems, they will get in. Anyways, a few things: -Use 2 firewalls, one at your network edge, another on each host (iptables) -Allow expected traffic, block everything else (vs blocking unexpected traffic, and allowing everything else) -Monitor your systems, and react (install and configure fail2ban or similar) -Separate your front end (web server) and back end (SQL server) systems, and firewall the connection between them -Configure daemons to not include the version in the banner (nobody needs to know what version of apache you're running) -NIST releases pretty good OS hardening guides. Read them, and follow any reasonable recommendations -Have any in-house code audited. It's not exactly cheap, but it's amazing what good people will find. The guys at inguardians.com are great. If you can afford them, use them. -Make sure file, daemon, and SQL permissions are set to be as restrictive as possible. Always run with the minimum requirements. The list goes on. But if you want to be "secure" don't ignore security.
Posted by RRWH, 09-27-2012, 02:09 AM
If you do not consider that anything you put online is going to be a target then you are already at a disadvantage. You are a target within minutes of being online, so, as has already been alluded to, you need to make yoursef a hard target to the drive-by script kiddies. Security is not just 1 thing it is all about layers. You cannot simply do a default build and hope you are secure - you need a competent system admin to be able to lock it down and put the layers in place. I have put together a honeypot system a few years ago. Within the first 90 seconds of the IP being online the machine was port-scanned, it was hacked within 17 minutes. Before it was owned, it was scanned at least 100 times - and yes, that was in just under 17 minutes of the machine being put online on a never-before used IP address! The net is a nasty place!
Posted by any410pin, 09-27-2012, 02:38 AM
I agree. Without a decent firewall with some strong policy filtering, modsec, SSH key auth, etc. etc., Linux is vulnerable.
Posted by brianoz, 09-29-2012, 10:06 PM
While "linux" by itself, without web server software, is actually pretty hack resistant, linux with web server software needs constant maintenance to stay safe. If you don't get your servers hardened, the sites on them will be hacked, and then the server will be hacked. In fact, whatever you do, the sites on your server will probably be hacked - that's just a fact of life.
Posted by WII-Aaron, 09-29-2012, 11:23 PM
I can make any server completely unhackable. For just $5 ill turn off its power and cut its network cable for you. You'll never have to worry about hackers again.
Posted by NHRoel, 09-29-2012, 11:27 PM
Welcome to fiverr . --Roel.
Posted by pmabraham, 09-30-2012, 09:53 AM
Good day: No electronic device is hacker proof. All operating systems are insecure unless secured (where secured means increasing hacker resistance). All server applications are insecure unless secured. All end user applications are insecure unless secured. Security is a way of life; there's no such thing as a one time securing -- it is ongoing. Security in hosting is a dance (a partnership). The data center needs to have proper security practices, the hosting provider proper security practices, and the customers proper security practices in order to have the highest level of hacker resistance. Thank you.

Add to Favourites Print this Article

Knowledgebase

Hacker threats and invasions

Our Services

Client Menu

Legal