{"id":1119,"date":"2015-05-16T07:45:54","date_gmt":"2015-05-16T12:45:54","guid":{"rendered":"http:\/\/www.d2-designs.net\/?p=1119"},"modified":"2015-05-16T09:00:55","modified_gmt":"2015-05-16T14:00:55","slug":"server-security","status":"publish","type":"post","link":"https:\/\/www.d2-designs.net\/?p=1119","title":{"rendered":"Server Security"},"content":{"rendered":"

\"serverattacks\"Today’s top trend on server management is security. Every day there are millions of attacks on webservers across the world. I dare to use the term “hacking” because typically they aren’t. Let’s take a quick look at the definition of “Hacking”. It’s defined as\u00a0gaining<\/span> access<\/span> to (a computer<\/span> file<\/span> or network)<\/span> illegally<\/span> or without<\/span> authorization. For instance, “The Sony E-mail Hack<\/a>” was true hacking,\u00a0because the hackers gained access to Sony’s network and stole private e-mails from top executives. <\/span><\/p>\n

What happens more often to webservers isn’t (to me) defined as true hacking. What commonly happens are DDOS attacks, e-mail spoofing\u00a0and code injection. This isn’t “hacking” as defined as above, it’s more childs play than anything. Basically, the “attacker” exploits server weaknesses to inject malware or spyware on a system, which then infects complete random computers. This is the lowest form of “hacking” and shouldn’t be given any credit because any\u00a0person with a computer and very little know how can do these sort of deeds. However, this is the trend right now and it has been the trend for some time now. <\/span><\/p>\n

Here’s an example of what most server administrators see on a daily basis. Basically an automated “bot” (short for robot) sends out\u00a0a predefined series of commands to random IP addresses until it \"Capture\"can successfully connect and upload it’s files to their system. The picture to the right was blocked and logged just today. As you can see, D2-Designs had a couple of options it could take once we were notified of the situation at hand. Keep in mind that the Origin Country plays absolutely no hand in these attacks because they come from all over the world, even here in the U.S. The example also shows us\u00a0that they attempted to connect(unsuccessfully) to our FTP protocol to upload their files to one of our clients. What their “bot” can’t decipher is, we make our clients use complex passwords to log into their accounts, as well as complete random usernames. Sure, this information\u00a0may give a potential attacker a hands up but trust us when we say “We’re watching our server.” Most attacks are stopped by our automated systems, but lets say for instance that an attacker was successful – they gained access and uploaded their files. This is why antivirus software was made! Every server administrator should use software, as well as every end user (you reading this are the end user in this case). Even antivirus software isn’t fool proof, eventually some sneaky code does get through. In this case you should always have a backup of your files. I always preach, backup your backups and then back them up. We’ve used backups before, though not due to an attacker “yet” but systems fail on their own from time to time. More than that(you server administrators), should have a system in place to restore your backups, because without that a backup is just a series of\u00a0files taking up space.\u00a0Most hosting companies (hopefully all hosting companies) offer some sort of backup for their users. Most companies make it the responsibility of their clients to back up their files, which is fine, except how many times have you heard that there are no backups?…\u00a0Exactly …<\/p>\n

Attacks like the\u00a0one illustrated here are nothing more than words on a screen. They’re information and knowledge to the administrator. They tell you that “Hey, someone’s knocking ..\u00a0They didn’t get in, but just so you know there was an attempt.” Use it to your advantage, take everything you can out of your logs and apply\u00a0it\u00a0into protecting your server. It’s not just a\u00a0space\u00a0on a hard drive for your clients,\u00a0it’s their on-line home.\u00a0It’s\u00a0a place for the world to come and see them personally. You\u00a0should take pride in trying to protect them from the intruders, don’t just expect them to have the skill set\u00a0that you have and let them fend for themselves.\u00a0I’m not saying every\u00a0client is the ideal client, but guess what, they ARE\u00a0YOUR clients, and they deserve the protection on your servers. I like to have the mindset that if this were my house and you’re not invited, don’t just come and try to barge into my place like you own it. The more clients you have, the more\u00a0protection you and your staff should give them. Larger companies may\u00a0have automated systems to check over their\u00a0clients,\u00a0which is fine I suppose but I like having MY eyes on my logs and files and clients.<\/p>\n

David D.
\nD2-Designs\/Owner
\nGet Known!\u2122<\/p>\n","protected":false},"excerpt":{"rendered":"

Today’s top trend on server management is security. Every day there are millions of attacks on webservers across the world. I dare to use the term “hacking” because typically they aren’t. Let’s take a quick look at the definition of “Hacking”. It’s defined as\u00a0gaining access to (a computer file or network) illegally or without authorization. […]<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"closed","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[1,25],"tags":[48,49,45,44,46,27,30,29,47],"class_list":["post-1119","post","type-post","status-publish","format-standard","hentry","category-info","category-servers","tag-bot","tag-robot","tag-security","tag-server","tag-server-security","tag-servers-2","tag-webhost","tag-webhosting","tag-websites"],"_links":{"self":[{"href":"https:\/\/www.d2-designs.net\/index.php?rest_route=\/wp\/v2\/posts\/1119","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.d2-designs.net\/index.php?rest_route=\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.d2-designs.net\/index.php?rest_route=\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.d2-designs.net\/index.php?rest_route=\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/www.d2-designs.net\/index.php?rest_route=%2Fwp%2Fv2%2Fcomments&post=1119"}],"version-history":[{"count":12,"href":"https:\/\/www.d2-designs.net\/index.php?rest_route=\/wp\/v2\/posts\/1119\/revisions"}],"predecessor-version":[{"id":1134,"href":"https:\/\/www.d2-designs.net\/index.php?rest_route=\/wp\/v2\/posts\/1119\/revisions\/1134"}],"wp:attachment":[{"href":"https:\/\/www.d2-designs.net\/index.php?rest_route=%2Fwp%2Fv2%2Fmedia&parent=1119"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.d2-designs.net\/index.php?rest_route=%2Fwp%2Fv2%2Fcategories&post=1119"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.d2-designs.net\/index.php?rest_route=%2Fwp%2Fv2%2Ftags&post=1119"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}