Hacking prevention, forensics, auditing and counter measures.
- by tmow
Recently (but it is also a recurrent question) we saw 3 interesting threads about hacking and security:
My server's been hacked EMERGENCY.
Finding how a hacked server was hacked
File permissions question
The last one isn't directly related, but it highlights how easy it is to mess up with a web server administration.
As there are several things, that can be done, before something bad happens, I'd like to have your suggestions in terms of good practices to limit backside effects of an attack and how to react in the sad case will happen.
It's not just a matter of securing the server and the code but also of auditing, logging and counter measures.
Do you have any good practices list or do you prefer to rely on software or on experts that continuously analyze your web server(s) (or nothing at all)?
If yes, can you share your list and your ideas/opinions?