If you are concerned about denial of service (DOS)
Attacks on your web site, then you'll want to read this article. You may not think you are at risk of a DOS attack, especially if you operate a small web site, but if you cross paths with the wrong person, you could end up in the cross hairs of someone who could take your site down. Many smaller sites are finding themselves under attack these days because they are most vulnerable. In this article, I'm going to talk about why you should protect your sites, how to prevent attacks, and what you can do to block attacks.
One of the more popularDOS attacks is the "list manager" attack. This type of attack differs from the large number of smaller sites that become prey to this specific DOS attack.
How are lists of servers put together, and how do they get put together?
They are typically compiled using a database of system values (such as system preferences or the like), in order to display the services available on a specific server. Using this information, the list is sorted to display the most popular servers first, and then alphabetically. Sometimes other information may be used to assist in the selection, such as the IP address of the server, or the name of the most popular programs on the system.
Why would someone want to break into a list of servers to view their configuration?
The configuration is often left pretty much alone, considering the importance of the data and the potential value of the information to the intruder. But there are a few things you can do to protect your sites and make it harder for an intruder to cause havoc.
1.)Protect your server data.Update your web server software (such asSymptomsBayNow) and then check your server for any updates. Sometimes an intruder will just try to attack your site to see what suites likeMetArt orSpybot are providing. If you find one or more instances of these, update the relevant entries in your list of protected servers.
2.)Protect your .htaccess file.The.htaccess file is the gatekeeper of your website. It is a hidden file that is parsed by Apache. Your username.passphrase line directs where the file opens. There are some exceptions, but this is a very basic form of protection. You can protect it by working on your cURL configuration to prevent someone from opening files with certain extensions. You can also block access to certain IP addresses by placing another "block list" on your list of protected servers.
3.)Protect your Windows domain lock.Microsoft provides an option to protect your Windows domain name and data on their corporate website. It can be set up to not allow any network traffic to pass through your computer or domain if a firewall is active. On a different note, you can also prevent others from launching malicious Windows anti-virus programs by editing the Windows Firewall settings.
A simple note to self...
Do a little research before deciding on one particular company. I happen to know a few trusted, experienced IT professionals that work for one of the nation's largest employers and they are absolutely correct. They will not only help you get the right software, they will also expand your options for keeping your network protected. I urge you to find one of these firms today...
){kind=link}
0 Comments