Posts Mentioning RSS Toggle Comment Threads | Keyboard Shortcuts

  • admin 10:25 am on 12 January, 2010 Permalink | Reply  

    How to secure a VPS 

    SECURING CPANEL – WHM – AND ROOT on a VPS

    This will help but as mentioned in previous posts, with a VPS you do not have access to your kernal. That is good in some ways, because if you don’t have access to it, neither to hackers or spammers (which limits what they can do). Its bad in ways, because you lose control and if you secure your box as much as possible, you are still at risk because you cannot control your kernal.

    At any rate, here are some helpful hints

    =========================================
    Checking for formmail
    =========================================

    Form mail is used by hackers to send out spam email, by relay and injection methods. If you are using matts script or a version of it, you may be in jeopardy. (More …)

     

  • admin 2:37 pm on 9 November, 2009 Permalink | Reply  

    Practical IT Security – part 1 

    Korica1.indd

    In my previous CIO articles I tried to focus on several problems simultaneously – clearly there has been a better approach. So I am beginning a series of articles devoted to the consistent, practical side of IT security – or more precisely the things that can be used immediately, or can be included in an Action Plan.

    Contrary to popular belief, ITSEC does not begin by protecting the perimeter. Firewalls, security systems – this should be the last concern when building any protection. Our goal is to protect the information, not make the providers of different “solutions” rich, right? (More …)

     

  • admin 10:00 am on 22 October, 2009 Permalink | Reply  

    The cost of “State of the Art” security 

    There is nothing special to it, really.
    Would you think I’m going to spend hours in describing costs for different IPS/IDS systems, the cost of monitoring etc? No.
    I love simple solutions, and this post will be just as simple.

    The cost of the “State of the Art” security is exactly the cost of one cheap computer for each employee, and the cost of a completely separate network, tied to the cheap computers.

    I’ll explain now.

    How do most security breaches occur? Via browsing, via е-mail attachments, and via social engineering in social networks (today, yesterday it was mostly the phone).

    So… in order to protect your company, what did you do until now? Yes, you purchased all these security systems, and your computers/servers/users are still being “owned” by attackers. Why? because you’re doing the silliest thing one can do in a modern dangerous world – you’re exposing your most critical IT resources to the Internet.

    Separate them.

    Let your users have 1 computer (or it could be virtual if your workstations are good enough) for browsing, reading e-mail, chat, etc. And let them use another computer, for access to company critical IT systems. (I will write a detailed article on this for CIO, so stay tuned for more details).

    Does it cost much? No. Basically, it’s just a monitor and a cheap PC – say… 400 USD per seat, including the cost of building the separate netwrok. That is a small cost, compared to what you could lose in a breach. To be honest, I would prefer the virtual solution – but it completely depends on your environment. Just keep in mind that for the virtual one – you will need to add one additional network card in each pc or server, and still need to build the completely separated network – and use that network for the virtual machines.

     

  • admin 11:21 am on 11 August, 2009 Permalink | Reply  

    Когато защитите паднат 

    Рано или късно, някой ще придобие достъп до вътрешната ви мрежа. Дали чрез social engineering, или чрез браузър експлоит, чрез пробив в уязвим сървър, приложение или просто като постъпи на ниска позиция в компанията за да открадне данни – това ще се случи

    Александър Свердлов

    Това твърдение се базира на солиден опит и много, много случаи в които съм виждал компрометирани защити. Нека разгледаме най-добрия възможен вариант на добре защитена компания. (More …)

     

  • admin 11:24 am on 10 June, 2009 Permalink | Reply  

    Тигрови мерки 

    Те могат да бъдат използвани както от държавни агенции за сигурност, така и от големи, средни, малки компании. Наричат ги “тигрови екипи”, защото начинът по който работят заедно прилича на лов – лов за слаби точки в компютърни системи. В случая обаче, те работят за вас – защото обикновено “tiger team” е вътрешен екип, борещ се с вътрешни уязвимости, постоянно атакуващ собствената си мрежа, плътно до персоналните компютри, лаптопи, фирмени смартфони на служителите в компанията

    Александър Свердлов (More …)

     

  • admin 4:42 pm on 31 May, 2009 Permalink | Reply  

    Incident response gone Wild 

    Today a friend of mine called me and asked for help. His website apparently was hacked, but he did not know how, why… when… Ok, so I open up my browser, and see… “This site has been reported of malware” red screen of death, the Firefox one. If you try to Google for this page, same thing happens – Google had forbidden access to his site, although he was ranked №1 there. Strange? Not really. But it was devastating to his business, and a solution had to be found asap. His Twitter account got suspended for the same reason, too..

    Ok… our next steps? Source code audit. A quick browse through the source code revealed a home-grown CMS, where NONE of the variables were protected, and a few files were infected with a known chinese web worm. Clean the worm? Not so fast security-boy! The CMS apparently was written in such a way, that if you try to strip out JS functionality, the whole system breaks up. If you try to clean the JS file, the whole system breaks up. In the end, I ended up manully modifying the core code of the CMS just to prevent future infections and clean it up. Not nice… not your regular virus/worm infection.

    A quick remote check on his computer revealed trojans too – so who knows where the infection originated from. A complete reinstall was suggested, as well as thorough follow-up on the videos on this site in order to prevent the same thing from happening agian.

    Update: his site is restored in Google and Firefox rankings after the clean-up, just 24 hours later.

     

  • admin 12:53 am on 30 May, 2009 Permalink | Reply  

    Workbench 

    I’m working on a all-in-one server for small/medium businesses, that will cover all the needs of a small office – spam filtering, web site filtering, PDC, file sharing, dns service etc.

    From what my testing shows, it’s amazing in performance and will serve more than well almost everybody.

    Stay tuned!

     

Older Posts →

c
compose new post
j
next post/next comment
k
previous post/previous comment
r
reply
e
edit
o
show/hide comments
t
go to top
l
go to login
h
show/hide help
esc
cancel