network image

You may be under the impression that your server will never be the target for malware. It may contains no data of any value to anyone. Your server may only host a few personal backups and no website. As far as you are concerned, your server has no public footprint.

What many people don’t realize is that malware uses automatic scanners that are constantly scanning the internet on ALL public IP addresses. As soon as they find an IP address that responds in ANY form, they start trying to get in. Usually by attempting thousands of guesses on username and passwords.

Why?

Once they gain entry, they use your server as a staging point to launch their campaigns. These may be junk-mail/spam floods or Denial of Service attacks. Running botnets or Malware responders or setting up Phishing sites. These could look like your internet banking site, but are designed to capture and harvest personal data, PIN info and account numbers. Bitcoin miners are the other popular applications. These will use all your resources and leave you wondering where all that CPU and RAM went to. These unscrupulous people want to use your server as an anonymous staging point to make their criminal activity untraceable, or use its resources free of charge.

The Downside

You could have your IP address Blacklisted (no mail will be accepted from your server). In extreme cases, your hosting provider could have ALL their IP addresses blacklisted. They and all their other clients could even have a case against you, as this negligence in security could cause many others on the same network to lose revenue. Your server could become slow and unresponsive, potentially losing you customers.

What to do

Keep a keen eye on your server. Secure it as much as you can, even pay a security specialist a once off fee if you do not have access to the skills. Follow our “Secure your server” articles. Install a monitoring system which alerts you when something changes (i.e. Tripwire on Linux).

If you do discover an intrusion, or your service provider alerts you to abuse committed by your server, shut down all services. (assuming your provider has not already done so) Block ALL outbound connections except those that are part of an existing link (iptables – RELATED, ESTABLISHED) for example your ssh connection. Above all, do what it takes to keep your server secured. Run regular updates. Keep your code simple – it does not help coding on the bleeding edge if it will break at the first update. Allow only the minimum access needed to your server.

Happy Hosting 🙂

we're happy to help!

Talk to a hosting specialist today and discover which options will work best for you.


Call us on +27 21 554 3096
Copyright © 2020 HOSTAFRICA - All rights reserved.

By visiting this website, you agree to its terms of use, which can be accessed by clicking on the following link: Website Terms of use
We Accept: EFT, Debit Cards, Credit Cards and Mobile Payments
Accepted payment methods