securitycompliance – Page 24

How would you know if your website was targeted by hackers?

The _only_ way is to test your site…

review your potential services and programs running on the website

Use the alpha service evaluation sample

Or try the Sigma (∑) service evaluation sample

either way you will have a better picture of your hacker liability today.

Sample report

we have placed a sample evaluation on our fixvirus.com site (the alpha-A scan)

Here we have scanned a server and found it had a few services turned on that should not have been. (Telnet and ftp should be replaced with a secure version, such as ssh and scp)

The web services need to be tested further for potential application vulnerabilities (with the Sigma-∑ scan)

Port 20000, and 2222 are not typical ports used by legitimate applications, in fact 2222 has been known to be a BackDoor trojan: Speedguide.net has some information. This machine has to be investigated for malicious software.

This is the reason for the Alpha scan – so that unknown ports running on your machines will be uncovered.

Keep an eye on CERT – New website look

CERT – Community Emergency Response Center for computers was created in 1988 in response to the Morris worm.

The CERT organization I am talking about is based out of Carnegie Mellon(Software Engineering Institute), and has helped the computer industry with their insight and tools

The CERT tools link. There are some good tools to use in combating various issues, including finding insecure application instances,

forensic tools, virtual machine reboot recovery, and more.

The security dilemma

Information Security has a dilemma:

the problem is that we don’t want to be seen(interfere) with whatever the user wants to do, but yet there

need to be secure transactions. The security of our network and applications need to be part of Information technology actions.

The website, email and network traffic needs to get where it is supposed to go without interference or eavesdropping.

But in network security we have many types of grey areas.

False positives, negatives, and many Heisenberg principle issues (i.e. if you want to view network traffic you may be altering the traffic itself)

Are all viruses detectable with AntiVirus?

If all viruses were detectable with antivirus then malware would be easily found and no more hacks would happen.

Some viruses are hard to detect on purpose. They evade antivirus software, system administrators and other software.

But a scan of a system will show a port open which requires further analysis. Because the virus or malware wants to phone home, well it has to have a port open to do that.

Now we can find it: with Sigma

or Alpha