What To Do When Your Web Server Gets Hacked

web-server-hackedThis question keeps being asked repeatedly by the victims of hackers breaking into their web server. The answers very rarely change, but people keep asking the question. I’m not sure why. Perhaps people just don’t like the answers they’ve seen when searching for help, or they can’t find someone they trust to give them advice. Or perhaps people read an answer to this question and focus too much on the 5% of why their case is special and different from the answers they can find online and miss the 95% of the question and answer where their case is near enough the same as the one they read online.

That brings me to my first important nugget of information. I really do appreciate that you are a special unique snowflake. I appreciate that your website is too, as it’s a reflection of you and your business or at the very least, your hard work on behalf of an employer. But to someone on the outside looking in, whether a computer security person looking at the problem to try and help you or even the attacker himself, it is very likely that your problem will be at least 95% identical to every other case they’ve ever looked at.

Don’t take the attack personally, and don’t take the recommendations that follow here or that you get from other people personally. If you are reading this after just becoming the victim of a website hack then I really am sorry, and I really hope you can find something helpful here, but this is not the time to let your ego get in the way of what you need to do.
You have just found out that your server(s) got hacked. Now what?

Do not panic. Absolutely do not act in haste, and absolutely do not try and pretend things never happened and not act at all.

If you’ve read my previous post about risk management, or any of the much better articles about risk management out on the web, you’ll understand that the disaster has already happened. This is not the time for denial; it is the time to accept what has happened, to be realistic about it, and to take steps to manage the consequences of the impact.

Some of these steps are going to hurt, and (unless your website holds a copy of my details) I really don’t care if you ignore all or some of these steps but doing so will make things better in the end. The medicine might taste awful but sometimes you have to overlook that if you really want the cure to work.

Stop the problem from becoming worse than it already is:

1. The first thing you should do is disconnect the affected systems from the Internet. Whatever other problems you have, leaving the system connected to the web will only allow the attack to continue. I mean this quite literally; get someone to physically visit the server and unplug network cables if that is what it takes, but disconnect the victim from its muggers before you try to do anything else.

2. Change all your passwords for all accounts on all computers that are on the same network as the compromised systems. No really. All accounts. All computers. Yes, you’re right, this might be overkill; on the other hand, it might not. You don’t know either way, do you?

3. Check your other systems. Pay special attention to other Internet facing services, and to those that hold financial or other commercially sensitive data.

4. If the system holds anyone’s personal data, make a full and frank disclosure to anyone potentially affected at once. I know this one is tough. I know this one is going to hurt. I know that many businesses want to sweep this kind of problem under the carpet but I’m afraid you’re just going to have to deal with it.

Still hesitating to take this last step? I understand, I do. Nevertheless, let me break this down for you Robert-style:

In some places you might well have a legal requirement to inform the authorities and/or the victims of this kind of privacy breach. However annoyed your customers might be to have you tell them about a problem, they’ll be far more annoyed if you don’t tell them, and they only find out for themselves after someone charges $8,000 worth of goods using the credit card details they stole from your site.

Remember what I said in the previous section? The bad thing has already happened. The only question now is how well you deal with it.

Tags: , , , , ,

Network Integration, Network Protection Comments Off on What To Do When Your Web Server Gets Hacked

Should You Use Cloud Backup Services For Your Business?

carbonite-business-backupIf you haven’t considered backing up your files, now is the best time to get informed about why you should. The drastic impact losing personal or business data because of software crashing isn’t a fun thing to experience, trust me, I’ve been there. It was something I thought wouldn’t happen to me because I do constant updates on my computer, I don’t drink or eat near it and it’s in an office away from the kids being able to access anything related or near my computer.

Even with all that preparation you have no way of knowing when something bad will happen, for me it was a hard drive crashing. As a writer, my free time is devoted to story writing and editing. Hundreds of stories washed away in a blink of an eye. We don’t really think about how much information is in our computer, from work related files, pictures, music and other information that is useful to you. What would you do if it just disappeared today?

The Right Backup for Your Business

There are many cloud backup services available to choose from so how do you know which is the right one? It’s not as complicated as it sounds when it comes to finding information about the right software, there are top rated companies that provide easy software to use, reliable and excellent customer service to back up your computer. Along with many reviews that can show you’re making the right decision when choosing that program.

One of the leading companies that provide a backup service and it’s certainly one of the most popular ones as well, is Carbonite. I turned to Carbonite as soon as I put in a new hard drive on my computer three years ago, and it’s been so easy to use and the sense of security that no matter what happens to my computer my files are safe is priceless. Carbonite like many other cloud backup services is easy to use, safe and it is constantly working. The way it works is after the installation occurs, it begins to scan through your important files storing them in the cloud, once it’s done scanning it will run invisibly in the background saving all future important files in the cloud.

It will backup any file, of any size; you can count on cloud backup storage for your home or business computer(s), with the ultimate encryption service available for commercial security it scans the files and encrypts them before storing them.

While it sounds a little complicated, you have an account with them and you can remotely access any information that you have stored, from any device, anywhere as long as you have internet connection. It is a lifesaver if you happen to be out of town, lost your computer and had to buy a new one, while still having to send out a report by the end of the week. I’ve been there.

One more thing that I like with Carbonite is that they offer some great discounts every now and then to their business customers. These discount are great cause it creates savings and the money I save can be used for other other business expenses. You can make use of some valid Carbonite offer code discounts  to get a significant discount on this online backup solution.

Other Cloud-Backup Solutions

Other back up providers are BackBlaze, CrashPlan, SpiderOak, and Bitcasa Infinite Drive, these online backup software operate a similar way and store the information in the cloud. Because they are similar you’ll see different options but for top of the line service and backup, I recommend Carbonite.

Do you have all your computer and business data stored in the cloud?

Tags: , , , ,

Network Protection, Online Backup Comments Off on Should You Use Cloud Backup Services For Your Business?

Carbonite Backup Works With Your Network

carbonite-backup-solutionTechnology has broken down the walls of time and space. With all the latest technological breakthroughs, time is no longer a limit to get anything done and space goes way beyond what the human eye can see. One good example of this is Carbonite.

Good Riddance To The Hassle Of Backing Up

There was time when backing up was done manually. Flash drives, CDs, and other external devices were in demand. But the problem with external devices was that they could only protect all the files for some time. The files could get corrupted or in worse case scenarios, external devices could be misplaced or damaged. Either way, there was no long term guarantee of file protection. There wasn’t much of a choice then. Hence, everybody went through the trouble of backing up files. There was so much time wasted doing something as menial as backing up. But the times have changed and they have changed for the better. Now there are online backup solutions for us to use. Specifically, there’s Carbonite. It’s a much better way to back up files.

No Need To Do Anything With Carbonite

With Carbonite, every computer user won’t have to take some time to back up their files. The reason being is that Carbonite has an automatic setting. With this setting option, all the files are automatically transferred online. So while the computer user is busy working, Carbonite is doing its sole task to back up all the files. The automatic setting of Carbonite makes backing up very easy. Gone are the days when people spend so much time backing up their files to external devices.

Carbonite also offers another back up setting for computer users. They can opt for a scheduled backup. The files are backed up only at a particular time. Just the same, the backup for this particular setting is automatic. Again, the computer user is spared from all the trouble of backing up their files. Carbonite does that for them.

Carbonite is also very affordable. Gone are the days of expensive backup solutions or high cost investments in backup infrastructure for businesses as well as homes. Using a Carbonite offer code provides a great discount and makes this online backup solution much more affordable.

Get The Best Protection From Carbonite

Carbonite not only backs up all the computer files online but it protects them as well. This is because all computer files are encrypted first before transferring online. The only way to access the computer files online is by logging into a Carbonite account.

After being transmitted online, all computer files are housed in state-of-the-art data centers of Carbonite. These data centers are located in remote areas across the country and are well guarded. They also have a good reserve of fuel in case a natural disaster strikes. So no matter what happens all the files are safe and sound.

The People That Trust Carbonite

Carbonite is perfect for all computer users. Office workers now have more time to work. Parents have peace of mind that all their files are safe. Kids have stopped bugging their parents about their deleted files. Now, every computer user has more time to do the things that are more important to them. People find this online backup software the best way to save time and the best way to protect all valuable files. The people that use Carbonite are very happy with it.

Carbonite has definitely made it easier for computer users to back up their files. No one has to worry about their files considering the high level security Carbonite promises to all their members. Nowadays, the workplace is more productive and personal home computer users can sleep well at night knowing all their files are safe and sound with Carbonite business. Technology has made the menial process of backing up easy and convenient. Who wouldn’t use this amazing technological breakthrough called Carbonite.

Tags: , , , , ,

Network Protection, Online Backup Comments Off on Carbonite Backup Works With Your Network

How To Integrate Modern Macs To A Windows Network

mac-network-integrationA walk through of the steps needed to join an OS X 10.3 or 10.4 client to a Windows 2000 or Windows 2003 domain.

Any time you see a Star [*] symbol in the text, this is a link to a screenshot of what is being discussed.

  1. Setup (on the Windows DC)
  2. Open Active Directory Users and Computers (ADUC)[*] and decide on a location for the Apple Mac’s computer account. Best practice suggests creating an OU for Apple computer accounts.
  3. Create a computer account, giving it the name that you want to use for the Apple computer on your network – do not assign a GUID to make it a ‘managed’ account.
  4. Close ADUC

Setup (on the OS X client)

  1. Login with an account that has admin access to the computer.
  2. Open System Preferences and open the Sharing tab.
  3. Check that the computer’s name is the same as the one we just used in ADUC. [*]
  4. Click Show All
  5. Click Network. Select your active connection, and click on TCP/IP
  6. (If you are using DHCP then some or all of this information is possibly already delivered by your DHCP server – check with the DHCP admin)
  7. Type in a suitable IP address, subnet mask, router address.
  8. Type in a DNS server address – ENSURE that at least the first DNS server in the list corresponds to an Active Directory DNS server.
  9. Click on Search Domains, Fill in your active directory domain.
  10. Click Apply Now.[*]
  11. Click Accounts, then click Login Options, authenticating with your LOCAL admin account if asked.
  12. “Under Display Login Window As” select “Name and Password”.[*]
  13. Close System Preferences.

Testing that the client computer can “see” the network.

  1. Open the finder, and navigate to the utilities folder inside applications.[*]
  2. Open the terminal, and ping domain controllers by NETWORK NAME to ensure that DNS resolution is working properly within your domain.
  3. Ensure that name and IP are resolved correctly and that the ping actually works. [*]
  4. Stop the ping and close the terminal when done.

DO NOT TRY TO PROCEED IF THE ABOVE STEP DOES NOT WORK!

Binding the Mac client to the Windows Domain

  1. Run the directory access tool, which is also in the utilities folder.
  2. Tick “Active Directory”, then click Configure. [*]
  3. Fill in the Fully Qualified Domain Name of the Active Directory namespace (note, NOT the Active Directory Domain Controller!).
  4. Fill in the Computer name of the Mac. This should be the same as the one we setup earlier in ADUC on the Windows Server, and configured the mac to use in system properties. [*]
  5. Click BIND. Authenticate with your local Admin password if asked to do so.
  6. Next, fill in the details of a Windows User Account with permissions to add computers to the domain. Typically this will be an admin’s account.
  7. IF you DID NOT pre-create a computer account for the Apple Mac, then fill in the Computter OU with the details of where you’d like the account to be created, using standard LDAP notation.
  8. If you HAVE pre-created a computer account, then leave this as it is.
  9. Ensure that both tickboxes are ticked.
  10. Click OK [*]

The client will now attempt to bind to AD and join the domain.

  1. If you HAVE pre-created a computer account then you should be asked if you wish to use an existing computer account. Click OK, because that is exactly what we’re trying to do. [*]
  2. When the operation is finished, you can close Directory Access by clicking OK.
  3. At this time you can also click Advanced Options to inspect and configure custom settings. I strongly suggest leaving these alone if you don’t know what they mean or why you would want to change them. [*]
  4. Logout.

If all goes well you should now be greeted with a login window that expects you to type in your username and password [*] instead of selecting from a list.

You should now be able to log in with an Active Directory account by typing in the username and password in the traditional manner, and you can also login with a local account by specifying their username and password in the same way.

Tags: , , , , , ,

Network Integration Comments Off on How To Integrate Modern Macs To A Windows Network