blog.hugepixels web . internet . design . computer . gadget

30Jun/09Off

Security measures for Gumblar attack and similar

It's been discussed several times by different hosting provider that the most common reasons for website vulnerabilities aside from poor server security of some provider is the security implementation of the website owner/administrator.

Most of the attack are gained through stolen FTP login username and password.  It transmits FTP information to an IP address from an infected machine.  This FTP information is used to log on to the web server and infect the hosted website.

It is recommend that you DO NOT store your FTP passwords in your FTP software.  Virus like Gumblar has potential capability to grab stored passwords on the FTP applications.

These are some of the recommendations from the experts:

  1. If you think that your website is infected by this virus, please contact your hosting provider and request assistance.
  2. It is recommended that you install and scan your system using your updated antivirus, antispyware or even firewall.  You can download some of these applications for free.  Please visit www.download.com for their listing.
  3. Once your done and you think that you have a clean system; change your password and make a strong one.  Check my other post on how to make a strong password.
  4. You may also ask your hosting provider if they support SFTP (Secure File Transfer Protocol) .  Most of the hosting provider do not provide this information outright but you need to request or ask.  Using SFTP will provide you security using encryption for the transmitting files over the network.
  5. And lastly, learn to backup your web files (everything, emails, database, scripts etc...).  You have to remember that all hosting provider has a legal clause on their terms and condition  disclaiming all the possible damages of your website even they provide security and backup system.  The word BACKUP is one of the basic lesson in the world of computing.   It's always better to be safe than sorry.  So, backup your backup :)

I hope you can use the above information for prevention rather than fixing your website while reading this ;)

Share on TwitterShare on LinkedInShare on TumblrSubmit to StumbleUponSave on DeliciousShare via email
Filed under: Web & Internet No Comments
   

Recent Posts

Categories

Recommended

Tags

'Gumblar' attacks spreading quickly Differences in SSL Certificates GoDaddy For Sale? Happy New Year 2011 How a Digital Bible Became a Breakout Business How to Use cPanel Account Level Filtering How to Use Cpanel Backup Wizard I Love SugarSync LimeWire Shut Down Permanently Mailfoundry Hosted Anti-Spam Make a Strong Password Online Backup for Desktop and/or Notebook OSX Lion PC Speed and Security Samsung Galaxy Tab Unveiled Season's Greetings 2010 Security measures for Gumblar attack and similar Selective Browsing SkyDrive SkyDrive Windows Live SpamAssassin in cPanel T r u e C r y p t Unable to Send Email using (Email Client) Understanding HTML Color Codes Using Blog PR to Promote Your Site Ways to check if your website is really down Webmaster Tips Web vs. Internet What is a Hard Refresh What is a Nine Ball Attack? What is a website? What is Offsite Backup? Windows 8 World IPv6 Day

RSS WordPress Blog

  • WordPress Takes SXSW 2012!
    The South by Southwest Interactive Festival (SXSW) holds a special place in the history and heart of WordPress. Though the conference has changed in the years since I first met Matt in the hallway in 2003 — before WordPress even had a name — it’s still arguably one of the most influential events in our […]

RSS Joomla Security News

  • [20120304] - Core - Password Change
    Project: Joomla! SubProject: All Severity: High Versions: 2.5.2, 2.5.1, 2.5.0, and all 1.7.x and 1.6.x releases Exploit type: Password Change Reported Date: 2012-March-8 Fixed Date: 2012-March-15 Description Insufficient randomness leads to password reset vulnerability. Affected Installs Joomla! versions 2.5.2, 2.5.1, 2.5.0, and all 1.7.x and 1.6.x versions […]

Affiliate




Feeds Subscription

Enter your email address:

DISCLAIMER

Any person, products, services, brands and information shared on this blog are not in any way related to us or guaranteed updated unless stated.

We strongly suggest that you confirm the details to the official website of the person, products, services or brands if available.

Corporate names and trademarks stated herein are the property of their respective companies.

For any feedback / suggestion / concern, please use the contact page.