Online Security.
In the last couple of months there has been a very interesting change of focus going on at our company. Where we started out helping mom and pop shops get online, then continued with Ecommerce solutions based on open source software that in some cased were hugely successful, lately we have been helping some of these customers in their defense. Defense against what you say? Other “entrepreneurs”…
Here is a rundown of the most common security issues we encounter and some common solutions. Obviously these tips should not make up the entire body of your own online security and preventive measures, nor do we want to act as if we are the definitive resource on this matter. What we do however, and what we do well, is finding the right people to fix your problems, ask the right questions and put things in perspective.
DOS
A Denial of Service attack basically is an attempt to make a computer or network resource unavailable to its intended users. Although the means to carry out, motives for, and targets of a DoS attack may vary, it generally consists of the concerted efforts of a person, or multiple people to prevent an Internet site or service from functioning efficiently or at all, temporarily or indefinitely. In laymans terms, someone is trying to knock your site off of the net, and prevent you from selling, or expressing your opinions.
The way this works in its simplest form is a simple site, pure html, running on some cheap shared hosting for a local football team. A rival team hates them so much they intend to make the site inaccessible. What do they do? They send so many requests to load that page to the server that it congests, with the server becoming unresponsive. No one can visit the site anymore, it is offline for all practical purposes. The solution to this is simple, just filter out that specific IP that is sending all these requests, in effect making it impossible for the attacked to take out the site.
The next level of sophistication is not actually attacking yourself, but doing so with other PC’s or Servers. An attack thus becomes a Distributed Denial of Service attack and it becomes much harder for people to defend themselves since there is a large range of IP addresses attacking now, and the IP addresses can be changed on the fly.
Next to this attacks can focus on other parts of the TCP protocol, such as SYN/ ACK floods, ICMP, LDoS, etc. More information on those can be found here:
http://en.wikipedia.org/wiki/DDOS#Distributed_attack
Defending yourself against DDOS can be a difficult and time consuming affair, especially is your attackers have enough funds to match or exceed your bandwidth or filtering solution. Respected anti DDOS hosting is available everywhere, but if you really need the best, our proposed solution is Prolexic. This is also a very expensive solution, and only an option if you have 5 to 15k to spend on servers a month. Another cheaper and easier way to deal with DDOS, especially if the attacks are relatively small is using Cloudflare.
Cloudflare is basically the aggregated wisdom of loads of webmasters, administrators etc, and these all contribute to Cloudflare, in the same way virus scanners draw from a central pool of information on viruses. Cloudflare looks at all the traffic coming in and because of its information back end is able to indentify and mitigate most of the smaller attacks and problems you may encounter. Cloudflare has quickly become a good solution for smaller businesses that run into smaller problems. The below video explains it better:
Us in 90 Seconds from CloudFlare on Vimeo.
SQL Injection
SQL injection is more akin to a person walking up to a guarded door, not knowing the magic word, but being able to deduce it by chatting up the guards. SQL injection in many cases make use of poor coding and allow for the retrieval of passwords, content and at its worst customer information including credit card details. SQL injection can be as simple as entering some code in a searchbox or a password field, and the php code behind it sending back the admin password. Yes, really, this happens. Below you will a link to the most common mistakes in programming that can be avoided easily and prevent attacks like this. I have seen customers lose 1000’s of customers to competitors through attacks like this, so the threat is very real.
http://dev.mysql.com/tech-resources/articles/guide-to-php-security-ch3.pdf
TrackBack URI for this entry
Subscribe to this comment's feed
