Can anyone recommend any good security consultants to do some remote tests on some off our customers servers? Just want to make sure that everything is secure.

Thanks
Dave Geoghegan
daveg@webworld.ie

Wish I knew someone ....

In the meantime, why not try to run nmap on your server. See what ports are open, then search for security issues concerning those pieces of software, try to update things that have widely know security issues.

Wish I could recommend, but there seems to be a lot you can do your self. Iptables is really good also at closing doors. For example, not only could you block IP in your /etc/ssh_config, but all entries to port 22 that are not coming from your office, or home. Therefore, if there was a security issue with ssh, you would still be ok ,cause only you could get to the listening port anyways. It would give you time to run updates....


That is, asuming that your are running linux :)

Yes there are companies who would charge some big $$$ to do security tests :) Try searching through google, may be you can find a number of such companies.

However I would recommend that you should layout your own security policies for your servers. There are many aspects of security: network security, DOS attacks, root compromises, OS related issues and more.

Most of these things are very basic. You just have to take care of them.

http://www.counterpane.com
http://www.riptech.com
http://www.netsec.net

None are cheap :).

As someone mentioned, you can run your own security tests as well but PLEASE let your provider know before you do it. If they are monitoring for security attacks, they may black hole your addresses and prevent you from reaching your servers.

Hi.

Maybe I can help.
4+ years experience as sr. unix system admin.

Contact Me.

Our admins are security experts with years of experience.

If you need us to find exploits and secure your boxs please do not hesitate to contact us!

Hmm... shouldn't these offers go in private or through advertising forum ;)

On another note, if I plan to test my servers for security through a third party. And the server is hacked or craches or whatever, who is going to pay for the losses? :rolleyes:

Me or the company who tested the server? :eek:

I guess noone will allow their production and live servers to be tested and cracked. Must be a new server, so that even if it is cracked/hacked, they will know about it and that knowledge will be used in the next reinstallation with the necessary security/patch applied.


Just a thought !


:angel:

Originally posted by masood

On another note, if I plan to test my servers for security through a third party. And the server is hacked or craches or whatever, who is going to pay for the losses? :rolleyes:

Me or the company who tested the server? :eek:

Depends on the agreement, and the service. Many companies will also provide ongoing monitoring services that should catch an intruder before something happens...I think in cases like that, they will compensate you if they miss something (contracts vary).

On the other hand, if a one-time analysis is performed they will absolve themselves of any issues that occur after the analysis is complete. The company has no way of knowing if you implemented their recommendations, made other changes the configuration, or if a new security hole was introduced after the testing.

Originally posted by masood

On another note, if I plan to test my servers for security through a third party. And the server is hacked or craches or whatever, who is going to pay for the losses? :rolleyes:



Hopefully the company you contract with will garuntee the server. Well they better.....

I mean I can hit your rack with a hammer and say you have some security problems (Well you would anyway since I could hit your rack anyway... Offtopic anyhow)...

ISS (http://www.iss.net) is a great security company. I use some of their freeware auditing tools to check my security.