Knowledgebase
Portal Home > Knowledgebase > Articles Database > recommendations for third-party security monitoring?
recommendations for third-party security monitoring?
Posted by stapel, 07-25-2011, 02:21 PM I have a dedicated server on which resides my very small but rather busy web site. The domain is "small" in that the site has very few static pages (five hundred or so) which are small and simple, plus a very quiet forum (one or two posts a day, on average). The domain is "busy" in that eighty or so thousand people visit during the "up" time. (North American summers are the "down" time.) This year, I seem to have passed some Rubicon of perceived size. I am being flooded by requests from advertisers of varying degrees of reputability, and have begun to suffer hacking attacks, largely attempts to serve up malware to my site's visitors. I'm a retired teacher. My site has gotten to be a of a size that it is experiencing issues that I don't know how to handle. I would like =not= to have to deal with security issues after they happen, but I don't have the expertise to "harden" my server, etc, sufficiently to prevent issues, or to "clean" up MySQL databases after the fact. I am interested in recommendations for third-party security services. I am vaguely familiar with WebsiteDefender, Qualys, and Dasient, but don't know enough to be able to say if any of these is even what I'm looking for. Thank you. Eliz.
Posted by WinsNexus, 07-25-2011, 06:09 PM Hello, The tools you have described are more of a monitoring type software for issues that have been created and could give you in depth knowledge as to how to prevent, one having basic penetration testing adapted with the service. IP blacklisting services is more of the most affective type of prevention. Most hack attempts come from users that are proxying their IP in order to prevent identification of their hack attempts. 85% of hack attempts are from hackers proxying or using a vulnerable system that has already been compromised in order to do their work. Both tools, the ones that you have listed and a service that identifies and blacklists identified problematic IP's would be ideal for a website. Just giving an idea of two different paths that can be taken, or both in order to assist with your issue.
Posted by lalog00, 07-26-2011, 02:00 PM Definetely recommend to use a firewall such as configserver firewall (CSF) which is free and very good. ConfigServer also has other security tools such as Xploit Scanner. Or if you prefer, they also have services to secure your server in different ways, check out their website: http://configserver.com/
Add to Favourites 
Print this Article
Also Read
