Tell me more ×
Answers OnStartups is a question and answer site for entrepreneurs looking to start or run a new business. It's 100% free, no registration required.
up vote 2 down vote favorite
1

Last Saturday my site received an unusually high volume of brute force attacks. Yep, those darn teens from Western Europe or smart scripts from academic towns in Siberia, trying tirelessly to break into my site authentication.

Now, I'm thrilled with this development. That means I'm finally getting out of obscurity. Yey!

I spend an entire day restarting my server and applying solutions that would deflect those attacks. It seems to be under control. I am not going to disclose here my defense strategy but I would like to probe and see what others have done to defend their properties.

share|improve this question

3 Answers

up vote 2 down vote accepted

Here are four simple things you can do:

  1. Keep everything updated, as Nir mentioned.
  2. Use strong passwords.
  3. Disable all services not in use. For example, if you don't need FTP, disable it. Every service you have running is another attack point.
  4. Run your services with as little priviledges as needed.

Also, keep regular backups just incase you need to reload your data on a fresh server.

share|improve this answer
Good advice. IP-based blocking at your load-balancer should be your first step solution for anything that isn't a distributed attack. – Winfield Oct 13 '10 at 23:41
I don't use load-balancers, yet. – usabilitest Oct 15 '10 at 13:22
up vote 2 down vote

The single most important thing you should do is make sure the OS, all servers and all web applications are always up to date.

Everything else is specific to the attack (I've recently added a completely trivial to bypass "security" check on one of my comments forms, it's stupid but it stops the specific spam bot that is hitting that page)

share|improve this answer
up vote 1 down vote

I've read an article about an open source security package for web servers on http://www.untwistedvortex.com/ You'll have to look for the article yourself, was about a month ago.

Haven't tried it myself yet, but I will after the next attack on my site :-)

share|improve this answer
Yep, isn't it funny how we all get security conscience right after security attacks. ;) – usabilitest Oct 19 '10 at 16:30

Your Answer

 
discard

By posting your answer, you agree to the privacy policy and terms of service.

Not the answer you're looking for? Browse other questions tagged or ask your own question.