Need Help With Security

[15levels]

If any experienced programmer / hacker is around, I would really appreciate if you get in touch with me, I get some signals that turks are planning to compromise our site at http://Armeniangenocideposters.org and I just wish to find out how easy will it be for them to do it. I have had some threats posted on the guestbook and I do have the IP of the poster, but tracert produced no result. I dont know what needs to be done, so I would appreciate some help with it. Many thanks in advance.

[Sip]

1) Keep a backup of your site. Whatever they do, it'll take you very little effort to undo it if you have a backup! Just restore

 

2) Keep up with the latest security patches for whatever operating system the server is using. If the server is maintained by you, that can be a complicated task. But if the server is maintained by some company, they are probably taking care of it.

 

3) Disable all unused services on the server. If it is a web server, then disable FTP, Telnet, etc ... all other things that are not required. That will really minimize the holes for any "hacker" to exploit.

 

4) ANY transaction you do with the server to maintain it, i.e. uploading files, logging in to change things, etc should be done through SSH. Even for file transfer, it should be wrapped inside SSH ... such as SFTP. Regular FTP and TELNET are not encrypted in any way. Passwords are transmitted as plain text!

 

So if you telnet into any server, anyone listening in on the connection can easily see your password!

 

 

That's pretty much it. Don't worry much ... "hackers" talk a lot but in the end, what can they really do to your website? Just hack in and deface it and restoring it to original condition would be a trivial task.

[Jewish Friend]

This is a job for Mossad. I will be watching carefully! YidKid