Security from the Cloud

Similar documents
ReadySpace Limited Unit J, 16/F Reason Group Tower, Castle PeakRoad, Kwai Chung, N.T.

The anatomy of an online banking fraud

Nine Steps to Smart Security for Small Businesses

Cyber Security. An Executive Imperative for Business Owners. 77 Westport Plaza, St. Louis, MO p f

Phone Fax

GlobalSign Malware Monitoring

ENISA s Study on the Evolving Threat Landscape. European Network and Information Security Agency

Web Vulnerability Scanner by Using HTTP Method

Website Security: What do I need to know? What do I need to do?

This session was presented by Jim Stickley of TraceSecurity on Wednesday, October 23 rd at the Cyber Security Summit.

NCS 330. Information Assurance Policies, Ethics and Disaster Recovery. NYC University Polices and Standards 4/15/15.

Enterprise-Grade Security from the Cloud

NEW JERSEY STATE POLICE EXAMPLES OF CRIMINAL INTENT

A practical guide to IT security

SECURITY TRENDS & VULNERABILITIES REVIEW 2015

Simplifying Security & Compliance Innovating IT Managed Services. Data Security Threat Landscape and IT General Controls

WordPress Security Scan Configuration

WEB ATTACKS AND COUNTERMEASURES

The risks borne by one are shared by all: web site compromises

WHY DOES MY SPEED MONITORING GRAPH SHOW -1 IN THE TOOLTIP? 2 HOW CAN I CHANGE MY PREFERENCES FOR UPTIME AND SPEED MONITORING 2

The current version installed on your server is el6.x86_64 and it's the latest available.

SESSION 507 Thursday, March 26, 11:15 AM - 12:15 PM Track: Desktop Support

FERPA: Data & Transport Security Best Practices

Internet Security Protecting Your Business. Hayden Johnston & Rik Perry WYSCOM

Information Security Organizations trends are becoming increasingly reliant upon information technology in

What s Wrong with Information Security Today? You are looking in the wrong places for the wrong things.

SiteLock. Internet Security: Big Threats for Small Business. Presented by: Neill Feather, President

ZNetLive Malware Monitoring

ETHICAL HACKING APPLICATIO WIRELESS110 00NETWORK APPLICATION MOBILE MOBILE0001

With so many web applications, universities have a huge attack surface often without the IT security budgets or influence to back it up.

Seven Things To Consider When Evaluating Privileged Account Security Solutions

WHITE PAPER: Cyber Crime and the Critical Need for Endpoint Security

Antivirus Best Practices

The webinar will begin shortly

How can I keep my account safe from hackers, scammers and spammers?

Introduction: 1. Daily 360 Website Scanning for Malware

WHITEPAPER. How a DNS Firewall Helps in the Battle against Advanced Persistent Threat and Similar Malware

DEFENSE THROUGHOUT THE VULNERABILITY LIFE CYCLE WITH ALERT LOGIC THREAT AND LOG MANAGER

Bad Romance: Three Reasons Hackers <3 Your Web Apps & How to Break Them Up

Comprehensive Malware Detection with SecurityCenter Continuous View and Nessus. February 3, 2015 (Revision 4)

Securing Cloud-Based

Hope for the best, prepare for the worst:

What Do You Mean My Cloud Data Isn t Secure?

Topic 1 Lesson 1: Importance of network security

Hacking the WordpressEcosystem

SecurityMetrics Vision whitepaper

Presented by Evan Sylvester, CISSP

Joomla Security Report

Finding Security in the Cloud

Trust the Innovator to Simplify Cloud Security

EMERGING THREATS & STRATEGIES FOR DEFENSE. Stephen Coty Chief Security

Attacks from the Inside

Advanced Persistent Threats

State of the Web 2015: Vulnerability Report. March Menlo Security Alright Reserved

What you need to know to keep your computer safe on the Internet

Host Hardening. Presented by. Douglas Couch & Nathan Heck Security Analysts for ITaP 1

Integrated Network Vulnerability Scanning & Penetration Testing SAINTcorporation.com

Doyourwebsitebot defensesaddressthe changingthreat landscape?

Securing Your Business s Bank Account

Anti Spam Best Practices

Digital Consumer s Online Trends and Risks

Network Security and the Small Business

2015 Vulnerability Statistics Report

IBM Managed Security Services Vulnerability Scanning:

Stephen Coty Director, Threat Research

How To Protect Your Online Banking From Fraud

4 Steps to Effective Mobile Application Security

Redefining SIEM to Real Time Security Intelligence

Monitoring Microsoft Exchange to Improve Performance and Availability

Best Practices for Building a Security Operations Center

Five Steps to Improve Internal Network Security. Chattanooga Information security Professionals

Website Security: How to Avoid a Website Breach. Jeff Bell, CISSP, CPHIMS, ACHE Director, IT Security and Risk Services CareTech Solutions

Addressing APTs and Modern Malware with Security Intelligence Date: September 2013 Author: Jon Oltsik, Senior Principal Analyst

A Case for Managed Security

EXECUTIVE BRIEF. IT and Business Professionals Say Website Attacks are Persistent and Varied. In this Paper

Best Practices Top 10: Keep your e-marketing safe from threats

Are You Ready for PCI 3.1?

IBM X-Force 2012 Cyber Security Threat Landscape

NETWORK PENETRATION TESTS FOR EHR MANAGEMENT SOLUTIONS PROVIDER

Securing Endpoints without a Security Expert

Website Security. End-to-End Application Security from the Cloud. Cloud-Based, Big Data Security Approach. Datasheet: What You Get. Why Incapsula?

defending against advanced persistent threats: strategies for a new era of attacks agility made possible

[WEB HOSTING SECURITY 2014] Crucial Cloud Hosting. Crucial Research

External Supplier Control Requirements

Top five strategies for combating modern threats Is anti-virus dead?

ESET Security Solutions for Your Business

Internet threats: steps to security for your small business

Network Security: 30 Questions Every Manager Should Ask. Author: Dr. Eric Cole Chief Security Strategist Secure Anchor Consulting

Andreas Dittrich, Philipp Reinecke Testing of Network and System Security. example.

Cybercrime myths, challenges and how to protect our business. Vladimir Kantchev Managing Partner Service Centrix

isheriff CLOUD SECURITY

September 20, 2013 Senior IT Examiner Gene Lilienthal

Customer Control Panel Manual

KASPERSKY SECURITY INTELLIGENCE SERVICES. EXPERT SERVICES.

Reducing the Cost and Complexity of Web Vulnerability Management

Keep you computer running Keep your documents safe Identity theft Spreading infection Data Integrity (DPA: Data Protection Act)

THE TOP 4 CONTROLS.

Fraud and Abuse Policy

MONTHLY WEBSITE MAINTENANCE PACKAGES

Transcription:

Security from the Cloud Remote Vulnerability Scanning Writer: Peter Technical Review: David Contact: info@hackertarget.com Published: April 2008 Summary: This white paper describes advantages of using a remote Vulnerability Scanning Service that is contained within the Cloud. A service that is available from anywhere by any systems fully contained as a remote entity and managed by a third party. Using Open Source Vulnerability Analysis tools the Security from the Cloud is peer reviewed, open and world class. While acknowledging that Vulnerability Analysis is only a part of the solution to securing your server, it is clear that a well defined ongoing vulnerability assessment policy is a step in the right direction.

Table of Contents 1. Introduction...1 2. An increasing threat landscape...2 3. Common vectors for exploitation...3 3.1 Poorly Configured Servers...3 3.2 Software that is not updated...3 3.3 Web Scripts...3 3.4 Poor password security...3 3.5 Password Reuse...3 4. Criminal Uses of your Server...4 4.1 Spam...4 4.2 Distribution of Malware...4 4.3 Phishing sites...4 4.4 Warez File Storage...4 5. The Security of Your System...4 6. Security from the Cloud...5 7. Contact HackerTarget.com...6

Security from the Cloud Remote Vulnerability Scanning 1 1. Introduction Vulnerability assessment is an important part of any Security Policy. Increasingly attacks on internet hosts are profit based and therefore more devious and widespread. Protecting internet servers against all but the most determined of attackers is not difficult. Poor server configuration or out of date tools result in the majority of internet server attacks. The reason for this is that they are the easiest to find and exploit. Keeping a server up to date and with no configuration errors is not difficult however these tasks often get pushed aside due to time constraints. A vulnerability assessment is a good way to pick up errors in the security configuration of your server as well as software holes that need to fixed by updated software versions and other security vulnerabilities. By utilizing a remote vulnerability assessment from the Cloud you will achieve a significant cost benefit for your organization. With no specialist knowledge required for the configuration and management of the assessment tools you are able to get back to the running of your organization.

Security from the Cloud Remote Vulnerability Scanning 2 2. An increasing threat landscape Automated methods of attack and easy access to exploits are the main reasons for the increasing ease that servers are being popped. In fact if you want to prove how easy it is go to http://www.milw0rm.com and select one of the recent web application exploits. Then go to Google and type in the "Google Dork" - such as "powered by scriptname". See how many vulnerable applications on servers all around the web you can find in 5 minutes. Please stop there unless you are testing your own system. Please note that we have nothing personal against the service provided by Milw0rm they are just an example. HackerTarget.com are advocates of full disclosure and openness when it comes to security.

Security from the Cloud Remote Vulnerability Scanning 3 3. Common vectors for exploitation 3.1 Poorly Configured Servers Bad file permissions, a mis-configured web or mail server or a temporary fix that was done when the clock was ticking - poorly configured servers are everywhere and often due to time constraints it doesn't take much for even an expert Systems Administrator to slip up now and then. 3.2 Software that is not updated Server operating systems and applications all need to be updated when security updates are released. This is not optional! Use of Windows Update, Yum and Apt tools for easy updating of servers has been great for reducing the number of vulnerable hosts, however there are still many hosts that get overlooked. It is only a matter of time until vulnerable service is discovered and the system is compromised. 3.3 Web Scripts PHP and ASP applications and scripts are a great way to get dynamic websites working quickly, however that is not the end. Like operating systems and software these must be updated when security updates are made available. An example of this is the popular wordpress blogging software, we pick on wordpress not because it is particularly insecure but because it is such a widespread and popular script that has had some dangerous security holes in the past. Updates for these scripts are constant and they can be easily overlooked - until the day your blog is compromised and starts serving up malicious iframes to your unsuspecting audience. 3.4 Poor password security The use of strong passwords on all internet facing hosts is essential. It is a simple matter to view the logs for any internet facing host and see how often the system is being hit by brute force attacks. Common services that are attacked by brute force include ssh, rdp, ftp, web forms and vnc. 3.5 Password Reuse Using a different password for every login is obviously not practical but using the same password everywhere is incredibly bad practice. Often we have investigated compromised systems that were the result of a server owner using the same password on a poorly configured web forum to the password they use on the web mail and the same password for root on the web host!!

Security from the Cloud Remote Vulnerability Scanning 4 4. Criminal Uses of your Server 4.1 Spam A straight up spamming operation. Using your server to send out hundreds of thousands of spamming emails is a profitable use of your compromised host. This will go on until you stop it or you get blacklisted and the spammer finds another use for your server. 4.2 Distribution of Malware Using your web server to serve up content - just what it was made for right? What if the content is malicious, loading and exploiting your customers or users, spreading nasty key logging malware that is compromising their desktops and eventually emptying their bank accounts. 4.3 Phishing sites Those phony email's we have all seen with a fake paypal page or internet banking page. What if those fake pages are being served up from your web host. 4.4 Warez File Storage Pirated software, movies or other valuable illegal files may be stored and served up from your server. 5. The Security of Your System An attack will cost you server downtime, this could be a significant cost if you run an online business. It will waste your time, getting things fixed. Organizing Incident Response and clearing up the mess. A compromised system should be rebuilt from a clean backup this is not a small task. Your reputation will suffer and you will lose customers.

Security from the Cloud Remote Vulnerability Scanning 5 6. Security from the Cloud Technical management of the security scanning tools is all contained with the cloud. Ongoing updates to the security tools and optimization of the scans is all undertaken by technical specialists rather your overworked information technology staff. Security from the Cloud provides: a non-intrusive scan of your network / host perimeter a simulated attack against your environment similar to what an attacker would do a test of intrusion detection and incident response systems / policies an easy way to add a layer to your security. Security is an ongoing process that requires a variety of layers. a detailed technical report delivered to you by email for further investigation Technical Security Intelligence that will allow follow up remediation by your staff, consultants or if you prefer HackerTarget.com staff. you with time that will allow you to concentrate on doing what you do best - getting on with business an affordable way to ensure your servers are secure - security shouldn't cost the earth

Security from the Cloud Remote Vulnerability Scanning 6 7. Contact HackerTarget.com Further information on the scanning options available can be found at our website. Visit HackerTarget.com today for an immediate vulnerability scan or contact us for a free consulting services quote. Email: info@hackertarget.com web: http://www.hackertarget.com

2024 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information