Protect your corporate IT network from hackers and other unwanted intruders with Proxy Sentinel™. Click here for all the details and get the peace of mind you deserve.
Back to our Homepage Proxy Sentinel™ high performance Internet proxy server and secure firewall solution Firewall Sentinel™ secure & powerful Internet firewall solution About Internet Security.ca and GCIS Frequently Asked Questions on Internet security issues Internet Security Industry News - Stay informed of what's happening Contact Internet Security.ca today and order your Proxy Sentinel™ or Firewall Sentinel™ server now!


Web servers increasingly targeted by hackers

Google

Add to del.icio.us     Digg this story Digg this

February 6, 2007

On average, a Web server connected to the Internet will be attacked by hackers about 92 times an hour, according to a new report published by the James Clark School of Engineering at The University of Maryland. The study reveals that hack attacks now occur at a near-constant rate, and is growing at an alarming rate.

The research, conducted by assistant professor Michel Cukier, profiled the behavior of brute force hackers to determine which usernames and passwords are tried most often, and what hackers do when they gain access to a server.

"On any given day, the majority of these server attacks employ automated scripts that indiscriminately seek out thousands of servers at a time looking for specific vulnerabilities or security holes," Cukier said.

"This data provides quantifiable evidence that attacks are happening all the time to Web servers. On average, the machines in our study were attacked over 2,244 times a day."

Cukier and two of his graduate students, Daniel Ramsbrock and Robin Berthier, set up weak security on four Linux servers, and recorded what happened as the individual machines were attacked.

The greater majority of hack attacks came from relatively unsophisticated people using 'dictionary scripts', a type of software that runs through lists of common usernames and passwords attempting to break into a server.

'Root' was the top username guessed by dictionary scripts, and was attempted twelve times as often as the second-place 'admin'.

Successful root access would open the entire server to the hacker, while 'admin' would grant access to somewhat lesser administrative privileges.

Other top usernames in the hackers' scripts were 'test', 'guest', 'info', 'adm', 'mysql', 'user', 'administrator' and 'oracle'. Cukier advised that all of these should be avoided as usernames.

The researchers that found the most common password-guessing ploy was to re-enter or try variations of the username. Some 43 per cent of all password-guessing attempts simply re-entered the username.

The username followed by '123' was the second most-tried choice. Other common passwords attempted included '123456', 'password', '1234', '12345', 'passwd', '123', 'test' and '1'.

These findings support the warnings of security experts that a password should never be identical or even related to its associated username, according to Cukier.

"The scripts return a list of 'most likely prospect' servers to the hacker, who then attempts to access and compromise as many as possible," he said.

"Often they set up 'back doors', undetected entrances into servers that they control so they can create botnets for profit or disreputable purposes."

Add to del.icio.us     Digg this story Digg this

Source: Vnunet

Google


Save Internet Security.ca's URL to the list of your favorite web sites in your Web browser by clicking here.

Become an authorized reseller of Proxy Sentinel™ and Firewall Sentinel™. Do like the rest of our authorized resellers and have your clients benefit the important security features of our products and solutions, while increasing your sales at the same time. Click here for all the details.


You can link to the Internet Security web site as much as you like. Read our section on how your company can participate in our reciprocal link exchange program and increase your rankings in the major search engines such as
Google and all the others.

Click here to order your Proxy Sentinel™ Internet security server today!

Proxy Sentinel™ is the most secure Internet proxy server on the market today. Click here for more information.
Site optimized by Pagina+™
Powered by Sun Hosting
Search engine keywords by Rank for Sales
Development platform by My Web Services
Internet Security.ca is listed in
Global Business Listing

| Home | Proxy Sentinel™ | Firewall Sentinel™ | FAQ | News | Sitemap | Contact |
Copyright © Internet Security.ca    Terms of use    Privacy agreement    Legal disclaimer