Hacking prevention, forensics, auditing and counter measures.

Posted by tmow on Server Fault See other posts from Server Fault or by tmow
Published on 2011-01-03T14:46:51Z Indexed on 2011/01/03 14:55 UTC
Read the original article Hit count: 307

Recently (but it is also a recurrent question) we saw 3 interesting threads about hacking and security:

My server's been hacked EMERGENCY.
Finding how a hacked server was hacked
File permissions question

The last one isn't directly related, but it highlights how easy it is to mess up with a web server administration.

As there are several things, that can be done, before something bad happens, I'd like to have your suggestions in terms of good practices to limit backside effects of an attack and how to react in the sad case will happen.

It's not just a matter of securing the server and the code but also of auditing, logging and counter measures.

Do you have any good practices list or do you prefer to rely on software or on experts that continuously analyze your web server(s) (or nothing at all)?

If yes, can you share your list and your ideas/opinions?

© Server Fault or respective owner

Related posts about security

Related posts about logging