Security is not a product; it is a state of mind. Just because your software has a reputation for being secure does not make it secure. You and your users can be attacked by crackers, script kiddies, spammers, and thieves. You must have a pro-active approach towards defense!
No system is perfectly secure. You must constantly work to improve security. The more users and the more important your data is, the more effort attackers will spend to harm you. On the other hand, the more security you add, the more difficult the system becomes to use. For example, if you make your firewall too secure, you might lock yourself out.
Security is extremely important for IRCNow's reputation. Here are some possible disasters when you don't secure your servers:
- All our servers could be DDoSed offline
- Customer emails, passwords, credit card info, private chats, and files are stolen
- Your personal IP and name are leaked on the Internet
- Your website is vandalized or loaded with illegal files for filesharing
- Your server is used for phishing, DDoS attacks, or shell injection attacks?
- A rootkit? is planted in your server and backdoors? are placed in your source code
- Phishing: An attacker does not have to use advanced high-tech hacking skills. It's much easier for him to lie to you or pretend to be someone you trust. He can use a fake nick or use a fake email to impersonate one of our teammates. This is called phishing.
- Denial of Service?: An attacker can cause your systems to fail and deny service. This doesn't require as much work as exploiting bugs or vulnerabilities in code.
- Spamming?: An attacker can spam your network, it is similar to a denial of service.
- 0days?: An attacker may exploit 0days
- Rootkits?: Planting rootkits
- Are your public services secure??
- If the software is not secure, have you taken basic mitigation steps? For example, you can set up a chroot or consider pledge? and unveil?
- Are your public services properly configured?
- Do you have a firewall enabled to block private services?
- Can an intruder read files, write to files, or execute files he is not supposed to?
- Can they read databases? they should not have access to?
- Can they steal your password or ssh keys??
- Are your web apps secure??
- Do you have proper logging? An intrusion detection system? in place?
- Who can you trust??
Even if you have a single dial up PPP account, or just a small site, this does not mean intruders won't be interested in your systems. Large, high-profile sites are not the only targets -- many intruders simply want to exploit as many sites as possible, regardless of their size. Additionally, they may use a security hole in your site to gain access to other sites you're connected to.
Intruders have a lot of time on their hands, and can avoid guessing how you've obscured your system just by trying all the possibilities. There are also a number of reasons an intruder may be interested in your systems, which we will discuss later. 2.5.1. Host Security
Perhaps the area of security on which administrators concentrate most is host-based security. This typically involves making sure your own system is secure, and hoping everyone else on your network does the same. Choosing good passwords, securing your host's local network services, keeping good accounting records, and upgrading programs with known security exploits are among the things the local security administrator is responsible for doing. Although this is absolutely necessary, it can become a daunting task once your network becomes larger than a few machines. 2.5.2. Local Network Security
Network security is as necessary as local host security. With hundreds, thousands, or more computers on the same network, you can't rely on each one of those systems being secure. Ensuring that only authorized users can use your network, building firewalls, using strong encryption, and ensuring there are no "rogue" (that is, unsecured) machines on your network are all part of the network security administrator's duties.
This document will discuss some of the techniques used to secure your site, and hopefully show you some of the ways to prevent an intruder from gaining access to what you are trying to protect. 2.5.3. Security Through Obscurity
One type of security that must be discussed is "security through obscurity". This means, for example, moving a service that has known security vulnerabilities to a non-standard port in hopes that attackers won't notice it's there and thus won't exploit it. Rest assured that they can determine that it's there and will exploit it. Security through obscurity is no security at all. Simply because you may have a small site, or a relatively low profile, does not mean an intruder won't be interested in what you have. We'll discuss what you're protecting in the next sections.
2.5.4 Hardening Guides