Servers are hacked in 3 basic ways. The first is a person gaining information about the server, such as, a password or any customer information. This type of attack is known as Social Engineering
A good example of a Social Engineering attack is when someone calls our help desk pretending to be the client in order to gain any information that might help them. This is why we always ask for a security question before giving any sensitive data or making any changes. Do not let anyone except the account owner know the answer to the security question on the account.
Often, an disgruntled employee or an ex-employee of our customers will call, knowing all the necessary information to make changes to the account. Remember to practice good security habits and change passwords when employees live your company.
The second form of attack is called a Brute Force Attack. This attack uses an automated program to try and guess the password. This type of attack can be used on FTP account, Remote Desktop Accounts, even SSH or email accounts. Often brute force attacks rely on a dictionary of words, so you do not want your password to be based on a real word in the dictionary. The best way to prevent a successful brute force attack is to have complex passwords. Below is a comprehensive guide to creating a strong password:
- The passwords should be over 8 characters in length.
- The passwords should have upper and lower case characters
- The password should have at least one number and one special character: ( # * $ ! ~ )
The final form of attack that will be covered in this guide is an Injection Attack on contact forms or any database driven application (like phpBB, wordpress, or even custom php/mySQL applications).
Applications like phpBB are notorious for being exploited. If you have any PHP based sites, make sure to keep your software up to date with the latest patches.
Below is a screen shot of a site that can easily be exploited:
The above contact script is vulnerable to attack. There is nothing preventing a script from submitting data directly to the server to use the mail server however they please.
To secure this script, you should add a CAPTCHA script. Below is an example of CAPTCHA:
Notice the box towards the bottom of the script that requires the user to enter F1I5uQ into the box. This makes it harder for someone to write code to exploit your contact form.
To know if your server has been exploited please see the article titled "I think my server is hacked, how can I check?"
This article has been provided by Codero Hosting, the leading provider of reliable dedicated, managed and cloud hosting services. Need more information on this topic or to learn more about Codero’s hosting services please visit www.codero.com, chat with us online or give us a call at 866-2-CODERO.