You may have the best website, the most successful business, and the latest, greatest technology, but all of that might be in jeopardy if you do not adequately secure your server. Anything connected to the Internet must have some level of security, but servers that host websites must be especially careful. The following are five threats every system administrator should know and be prepared to fight.
1. DoS Attack – While the name sounds harmless enough, DoS stands for “Denial of Service”, and it means that your users will not be able to access your sites when your server is under attack.
2. XSS (Cross-site scripting) – This clever intrusion method uses a website’s own scripts against it. When a web application has a vulnerability or security hole, an attacker may be able to exploit it using XSS.
3. Malware – “Mal” means “bad”, and this category covers any sort of software that people with malicious intent use to bring harm to your server or others. Common malware threats include viruses, trojans, rootkits, botnets, and worms.
4. Brute Force Attack – Out of all the threats on this list, this one sounds the worst, but it is actually one of the easier ones to prevent and fight. In a brute force attack, the hacker attempts to gain root access to your server by using software to guess the password. It may use weaknesses in your SSH server or Mail server.
5. User Error – This is by far the most serious threat to any server. Computers are only as strong as the people who create and manage them, and servers are no exception. Users who make weak passwords, fail to update their software, and carelessly spread viruses and other malware through email and social networking are much more dangerous than external hackers. Keeping users educated and security-conscious can help prevent most other security threats. credit: thehostingnews