Hello!
I'm not sure if this is the right place to post a question like this,

This is a questions mainly for the hosts out there,
What do you guys do about firewalls?

Do you guys install a firewall on your servers? and what are the ways you protect yourself (and your clients) from Hackers??

Seeing how ADDR.COM just went out of business (at least I think they did) after a hacker hacked into their system and stole more than 14,000 cc numbers, it's usually wise to protect yourself one way or another.

Any thoughts??

Just keep your system upto date with patches, and DONT store credit card information on your network.

Once someone has given you their CC number remove it from the internet and store it in a stand alone network.

Or if you dont need to keep it then get rid of it!

Routers normally have a built in firewall on them and computers have IPCHAINS or IPTABLES which allows firewalling. BUT you have to configure it correctly, and most internet mechines need to have alot of poerts open anyways to allow communication.

Let's say that you don't store cc numbers on your server (using your common sense!)

but of course, hackers can still get in and fiddle around your server, make some adjustments or even worst.. delete your clients' data, then of course, you'll be in deep strife with your clients.

Getting hacked even once and your clients finds out about it, they'll be sure to pack their bags and split.

yes, thats why you have to ensure you have the most upto date software.

the people that know enough to hack your systems before an exploit has been made public will probably not bother doing so, therefore that leaves ONE alley of attack, KNOWN exploits, if you keep upto date with patches it makes it alot more difficult for people to get in.

make a list of all the software on your server, and search around constantly making sure there are no new exploits available for anything on your list.

Firstly, Addr.com never went out of business and they likely won't be going out of business. That email and rumor was sent out by some scum bag that's been trying anything he can to con people to come to his service.

Secondly, of course there's a lot to be worried about as per security. It's more than CC info, it's more than deleting user's files, etc. Everything someone can possibly do beyond breaking into a server and posting a message for the administrator on how to secure the manner in which they gained access, is something to be concerned about.

People can do different kinds of damage, which varies. Information can be obtained or stolen. Not just CC information, but source code, ideas, private files, etc. Surely, this is a concern and needs attention -- and surely not enough providers care about, give enough attention to, or have the knowledge to prevent such things -- and there's many things.

Firewalls are a good step, but hardly much help if you don't take many other steps in addition. Definately a good idea, but not the ba all, end all -- and nothing ever is. There's also remote and local exploits people can make use of to compromise a server. The are more ways into a server, than there are things to do to or on them once you do gain access, if that gives you any idea how bad it can be (and often is).

Addr.com were blatantly stupid to have stored CC information on a public accessable server -- once that had thousands of client's on -- one that had it's drive linked to every single other server on their network. Hence, each server that housed a few hundred to a couple of thousand users, all had access to the other servers drives. Add that total up. Add the fact that this file didn't even have permission to deny user's from viewing or downlaoding it -- nor the directory it was in.

In fact, this "hacking" incident wasn't even a matter of their servers being insecure, per se (although they certainly were), but a matter of simply not setting proper permissions and owership on it or the directory to keep out even the most ammature system cracker -- evenm if they did store this file, it didn't need to be an issue caused by some dork with no talent grabbing it -- and in fact, almost any user on this board could have done that much.

Of course, there's certainly more to it than permissions and ownership, but the point is, people worry so much about patching exploits that would allow a user to gain only non-priviledged account access, that they don't worry about what access the users _on_ the system have. Further, Addr.com (used as a further example) had many old accounts compromised for a very long time (and very well might still) that allowed anyone access without a valid account. All someone had to do, was simply log into one of those accounts, create some PHP or CGI script to browse the directories or execute a shell command, find or stumble across this file and view or download it. So, firewall issues and Addr.com's issue of having a cracker steal their CC info, are completely different issues. However, it's always good to see people have a concern about such things and the desire to avoid them.

There are many decent books and web sites on the Internet, free to read, download and utilize. There are many good books in many books stores or from ordering online via Amazon.com and other such sites. Basically, if you have the time and desire, you can find all the information you'd need to know, for free, off the Internet via simple web searches using the relevant key words and phrases. Get yourself the OS you want (and maybe some you don't) and start using them, start testing theories, techniques and sound/known practices that will better secure a server and/or a network. Maybe get a cheap 133 MHZ (used, of course) system, put a network card in each, buy a cheap HUB and just go off, try everything and enjoy doing it. You'll learn a lot and you won't need to try and ask questions on a web board that are far too vast of a subject to dare even try and cover. There's really too much to know and explain in regards to protecting a system and/or network -- too many ways, too many tools, too many ideas, too much... too much...

WOW, extremely well worded Tim_Greer.

I agree 100% with everything you said, part of what i was typing about security patches etc... i think im finally awake now and realise what i was typing, after a quick shower a re read of my messages can make them look far from adequate.