SERVER COMPROMISED What to do in the event of a security breach, and how to prevent them in the first place. by Adam C. Greenfield 22 <strong>Ping</strong>! <strong>Zine</strong> <strong>Web</strong> Hosting <strong>Magazine</strong>
[featured article] Major security breaches can be disastrous to a web hosting firm. Besides the obvious “black eye” that a security issue creates, you also have to consider the resulting downtime, potential exposure of customer data, customer service time (explaining the situation and helping clients repair any damage), and potential client loss that result for almost any major security breach. The total cost of these incidents is difficult to accurately calculate, and often takes weeks to fully realize. It’s thus unsurprising that security is an area of high concern for most hosting providers. Keeping a server secure, while maintaining a high level of usability with the wealth of software offered on a modern hosting server, is a delicate balance to strike. Your server may be extremely secure, but if that security negatively impacts features important to your customer, it won’t matter, because your customers will leave. Similarly, offering a “Wild West” server with no security considerations at all will result in angry customers when the downtime due to re-installs starts piling up. As your company grows, scale becomes a major concern too; spending ten minutes per day on each server for installing updates and fixing security issues may be acceptable when you only have half a dozen servers, however you will quickly find such a time commitment is not acceptable when you’re talking about three hundred servers. When making decisions about how best to secure your systems, you should first consider the nature of the beast. Security is not some sort of isolated goal that can be addressed in a vacuum; It needs to be considered in conjunction with all the other operational decisions you make on a daily basis. New flaws, exploitation methods, and software updates literally occur minute by minute. If you’re going to keep up, you need to make sure that you can quickly address potential security problems as they are discovered. One of the most critical systems to put in place is the ability to deploy updates and fixes across your fleet of servers. The most efficient method I’ve found for this is utilizing existing package management tools. Almost every major operating system offers some solution for deploying updates on a regular schedule (i.e. daily). Properly leveraging this ability is crucial. I also recommend not only subscribing your machines to trusted updated sources (such as those from your software vendors), but also creating your own means for deploying, at will, updates that you deem critical. This will enable you to deploy customized fixes and potentially release critical security updates prior to your vendor making them available for you. Another critical system to implement is one that allows you to quickly verify the integrity of the software installed on your servers. Again, most package management utilities offer the ability to verify installed packages, however you must bear in mind that if you consider a machine to be suspect, the output of any software on that machine should also be considered suspect as well. If someone has gained root (or Administrator) access to your machine, they could potentially alter any component of the system, causing it to present whatever data they wished. Monitoring baseline trends of system resource usage (such as memory usage, processor usage, and disk space) can also provide an invaluable first warning system to alert you to a potential security breach. Often, the person breaking into your system wants to utilize your system resources to further another goal (such as trading warez, sending spam, and potentially even compromising additional systems). If you notice a spike in resource usage, it may alert you to a problem before you receive any complaints, or before you notice anything has been changed. These systems are a solid asset to server security, not only because they yield tangible benefits in the form of improved www.pingzine.com 23