Cautious Technical Team for Security Breaches
A client might have a security breaches for that it is always suggestive to look for the few technical things like:
i) FTP logs – One of the most common method of attackers it FTP and SSH brute force(succeeding against POP3/IMAP and SMTP accounts), where weak passwords can be serious headaches.
Cpwebhosting technical team is always suggesting to its customers to change their passwords often and use strong passwords. Their password must be atleast of 12 to 16 characters wide, which should be made up of random numbers, uppercase and lowercase letters with some special characters also.
ii) Directory w/777 permissions
iii) Outdated PHP application like phpBB, Joomla, Mambo, phpNuke and other EasyApps applications
iv) checking the directories for suspicious files like
/hsphere/local/var/mnogosearch/cache
/var/spool/cron
/var/spool/samba
/var/spool/vbox
/var/spool/squid
/dev/shm
/tmp
/var/tmp
Technical Administrators frequently check what is running under the http/httpd user id, which they used to do using the following command:-
ps -efl | grep http
Technical Administrators are having very cautious, if they see
/usr/local/apache, that's a hack / malware
If they see CROND/crond or other system applications other than H-Sphere Apache, that's also a hack.
v) Vulnerable cgi/perl scripts which can be targeted for the Web-based injection attacks to inject software into the server.
CPWebHosting technical team is always concerned with tightening security that is why there is more frequency of maintenance.
CPWebHosting provides six Reseller Plans to choose from:
1. Starter Reseller Hosting
2. Beginner Reseller Hosting
3. Professional Reseller Hosting
4. Premium Reseller Hosting
5. Premium Gold Reseller Hosting
6. New Starter Reseller Hosting
i) FTP logs – One of the most common method of attackers it FTP and SSH brute force(succeeding against POP3/IMAP and SMTP accounts), where weak passwords can be serious headaches.
Cpwebhosting technical team is always suggesting to its customers to change their passwords often and use strong passwords. Their password must be atleast of 12 to 16 characters wide, which should be made up of random numbers, uppercase and lowercase letters with some special characters also.
ii) Directory w/777 permissions
iii) Outdated PHP application like phpBB, Joomla, Mambo, phpNuke and other EasyApps applications
iv) checking the directories for suspicious files like
/hsphere/local/var/mnogosearch/cache
/var/spool/cron
/var/spool/samba
/var/spool/vbox
/var/spool/squid
/dev/shm
/tmp
/var/tmp
Technical Administrators frequently check what is running under the http/httpd user id, which they used to do using the following command:-
ps -efl | grep http
Technical Administrators are having very cautious, if they see
/usr/local/apache, that's a hack / malware
If they see CROND/crond or other system applications other than H-Sphere Apache, that's also a hack.
v) Vulnerable cgi/perl scripts which can be targeted for the Web-based injection attacks to inject software into the server.
CPWebHosting technical team is always concerned with tightening security that is why there is more frequency of maintenance.
CPWebHosting provides six Reseller Plans to choose from:
1. Starter Reseller Hosting
2. Beginner Reseller Hosting
3. Professional Reseller Hosting
4. Premium Reseller Hosting
5. Premium Gold Reseller Hosting
6. New Starter Reseller Hosting
