Last weekend my company's site was hacked.
They did the nicest thing of doing that on a Friday evening so we only noticed the attack on Monday morning.. The funny thing is that we switched from Windows to Linux recently because it was supposed to be more stable and secure. Go figure. And yes, we got us blacklisted on Firefox and Chrome.
Since I am not a Linux expert, I am looking for advice on how to avoid problems like this in the future. What steps do you take to protect your systems? It seems we had weak passwords, but shouldn't Linux block the account after a few failed logins? They tried more than 20 combinations...
In addition to that, I am looking for a tool (or service) similar to pingdom but applied to security. If my site is ever hacked, alert me. Is that such a thing? A Hacking monitor? :)
Another thing, how do you notify your clients about such issues? Do you just ignore and hope no one noticed? Email explaining what happened?
*posting as anonymous to avoid more bad exposure to my company, which is bad already...
Answer
As far as a service similar to pingdom, but applied to security, I will suggest Sucuri's free Network integrity monitor.
What it does? It monitors your web site (and domains) on real time and alert you if they are
ever defaced, blacklisted, hacked, etc. Link: http://sucuri.net
As the name implies, it monitors the integrity of your 'internet' presence.
*disclaimer: I developed it.
No comments:
Post a Comment