Your public Website is your
sales, marketing, customer service, and fulfillment haven; it is
also an avenue for malicious and "just-for-fun" hackers. Hackers can
have several goals in mind, including: compromising the operating system,
software, firewalls, and the routers that protect your internal LAN.
And no one is immune from Internet Service Providers to corporations
- they are all targets if a Web server is connected to the World
Wide Web.
Hackers have done everything from changing website content, to
deleting files, to destroying entire websites. This article takes a
first look at the importance of protecting your web server
Why this is important
If your organization hosts its own website you have to prepare
yourself before attacks occur. The reputation of your company and
it's long-term viability could be at stake. Following are a few measures
you could take:
1. Use public resources to find updates and security
announcements.
There are many organizations that research local area and wide
area network security and make this information available to the
public. In addition, they provide information on unforeseen
vulnerabilities in software and may provide the patches to fix such
security breeches.
"Professional" hackers often publish the scripts used to take
advantage of security gaps in software. Take time to review these
resources - they will be invaluable in helping you maintain an
up-to-date state of readiness.
2. Keep your systems security updated.
In addition to previously described guidelines, update your
detection and prevention tools so that you can readily see new
attacks and threats. You may have to temporarily disable specific
devises and services that may be vulnerable to attack.
3. Make sure that all security personnel can be alerted
immediately.
Ensure that your public Web server administrators
and firewall administrators are involved and in close communication
during the investigation of an attack.
4. Work with your network provider to determine how your
organization can mitigate damages due to distributed denial of
service attacks.
Distributed Denial of Service (DDOS) attacks can adversely affect
you, even if you have taken the necessary steps to protect your
company's systems. The lack of adequate measures by your service
providers, can allow DDOS attacks to reach your organization.
It is common for DDOS attacks to leverage IP spoofing (a
technique used to gain unauthorized access to computers, whereby the
intruder sends messages to a computer with an IP address indicating
that the message is coming from a trusted host. To engage in IP
spoofing, a hacker must first use a variety of techniques to find an
IP address of a trusted host and then modify the
packet
headers so that it appears that the packets are coming from that
host). Protecting against IP spoofing at the inter/intra
connection point of your network will help protect against DDOS.
Take the time to talk with your ISP and other service providers
to understand what precautions they have taken against DDOS attacks.
