2011-03-09 by  Josh Ewin

Share |Submit |RSS|Print|Comments

Loading...

If you are running a very popular site, you can be certain that at some point you will become the target of some sort of attack – the question is whether or not your site will be ready for it. Therefore, it is important to take some active measures that continuously look for the latest known security issues and monitor your server environment for any new vulnerabilities.

Server security is a topic that has to be high on the list of any online business or site operator because of the sheer volume of attacks levied at virtually every server on the Internet today.  Those not familiar with the topic would probably be shocked to learn of the number of times per day their IP addresses are hit by rogue port scanning software or other “hacker” tools, looking for known vulnerabilities.  While it is somewhat relieving to know that many of these scans are automated and information is filed away with no real action being taken, this is really only good news to businesses who aren’t processing payment transactions online or for those whose online presence isn’t a matter of business life-and-death.  This is because these types of sites probably will not be the target of a malicious attack, simply because it offers no advantages in terms of data acquisition or publicity.  However, if you are running a very popular site, you can be certain that at some point you will become the target of some sort of attack – the question is whether or not your site will be ready for it. 

Many site operators assume that if they have gone as far as doing the due diligence to harden a server upon initial setup and they have gone the extra mile and added in good firewall protection between their servers and the internet that they are now safe.  This is not necessarily accurate.  The issue is that depending on your hardware and software stack the list of issues and new vulnerabilities change on nearly a daily basis.  Therefore, it is important to take some active measures that continuously look for the latest known security issues and monitor your server environment for any new vulnerabilities.  One of these products – Nessus (http://www.nessus.org/nessus/) from Tenable Network Security is an enterprise-class perimeter security scanning solution that can be deployed as either a software product on your servers or can be accessed via a cloud-based service that hits your servers remotely.  A subset of the security audits supported by Nessus are as follows:  port scanning, network-based vulnerability scanning, credential-based patch audits for Windows and most UNIX platforms, SQL database configuration scanning, and Cisco Router configuration auditing. 

Another popular product is SAINT from SAINT Corporation (http://www.saintcorporation.com/).  Like Nessus, SAINT is a vulnerability scanner that performs port scanning, operating system audits, and infrastructure (router, database, etc.) audits to ensure your environment is in good shape.  SAINT can also be used to perform compliance audience – for PCI certification, for example – to make sure your environment meets the critical criteria required for industry certifications such as PCI, SCAP, FISMA, CAG 20, SOX, and HIPAA, among others.  SAINT classifies found vulnerabilities in terms of priority and suggests fixes for each issue, allowing a network or system administrator to proactively solve issues before they become real-world problems. 

If you are not actively scanning your server infrastructure for vulnerabilities, now is the time to take action and begin to implement this as part of a managed server hosting plan…before it is too late! 

Del.icio.us 

Digg 

Reddit 

Propeller 

Mixx It 

Hosting Bookmarks 

Share