Design Firm
We're Social!
Resources

Server Vulnerability Scanning: What you Need to Know

By: Josh Ewin at MrEwin

Submitted on Sun, Aug 19th, 2007 12:00 am

Beyond providing a fluid user experience, intuitive navigation, search engine friendly source and a secure transactional environment, website operators also need to concern themselves with preventing the unimaginable; hacking. Every day, new vulnerabilities in server operating systems and software are found - and used, to compromise commercial websites. Although your ISP should provide daily security scans and frequent audits on all of your servers, it behooves every e-commerce company to put its best foot forward by ensuring the security, uptime and redundancy of it’s servers.

Hacking attempts generally fall into three broad categories; DDOS, destructive and data compromising. In a DDOS attack, a hacker or hackers will compromise a group of machines and use them to flood a server with data. The massive amount of data sent to the victim server results in a server load spike and ultimately, the server going offline. Unless a DNS redundancy scheme is set in place, the only resolution for a DDOS attack is to wait until the attack subsides. The purpose of a destructive attack is essentially to bring down a single server or website and destroy the information on the server. Often, the responsible party in such attacks is a hacker vying for bragging rights or a young person just ‘having fun’. Unfortunately, such antics often result in the destruction of irreplaceable data. The third type of attack, data compromising, refers to a breach that is caused in order to gain access to sensitive information. With respect to the latter two types of security breaches, vulnerability scanning can go a long way in ensuring that these attacks do not occur.

Regardless of the purpose of the attack, it is important to understand the nature of the beast and what can and should be done to prevent it. Server vulnerability scanning; that is, the comparison of your server software updates and configuration against a list of known vulnerabilities, is the single best preventative measure that can be taken. Although your ISP may provide such services, I suggest finding another vendor, which deals specifically with vulnerability scanning and offers daily updated vulnerability profiles. Such providers can automatically scan your servers on a daily basis to ensure that they are updated with the latest software patches.

Unfortunately, many executives and companies have a rather adolescent view of vulnerabilities; let’s call it the “it won’t happen to me” syndrome. As an 11 veteran of the hosting and web development segments, I can say that I’ve seen many, many companies succumb to this mentality and suffer the inevitable; downtime and loss of revenue. Learn from their mistakes. Be proactive and ensure the security of your customers’ data and the future of your business.

About the Author

Josh Ewin
MrEwin
MrEwin.com is an E-Business Analysis blog containing up to the minute articles, reviews and interviews with industry leaders regarding the current state and future direction of e-commerce.

Elite Firms

Premier Agency's

Top Design Firms

Directory Sponsors

Write for Us

Are you a creative genius? Do you want to share your gift with others and enjoy recognition as an industry leading author? Write for us and get your voice heard.

Premiere Agencies - Highly Recommended by DesignFirms
Quick Links
Site Sponsors
Recent Echos!

FEATURED WEB AND MOBILE AGENCY OF THE WEEK
Learn more about Hudson Integrated Web Agency and the design services they provide. Browse...

Submit Your Best Work to the DesignFirms Awards Program
Since 2003, we've been hand selecting only the very best in design out of thousands of submissions...

Web Award Winner: Axeela
The Official website for the singer Axeela. View more award winners and submit your design to see...

View the Top 100 Design Firms
Everyone has a list. However, DesignFirms feels that only real customers should be able to decide...

Popular Cities

©2003-2019 DesignFirms™, All Rights Reserved.
A professional web design, mobile development and marketing company directory.

Directory | Get a Quote | Leads | Jobs | Reviews | Portfolios | Design Awards | Blogs | Articles | Echo | Advertise

Page Generated in 0.16 seconds