Securing your emails

IT.com

marsh

Active Member
Most, if not all businesses, rely on emails for their day-to-day operations. There a huge chance that sensitive information is also exchanged in this way. I hear stories of email servers being hacked and wonder how can any business avoid this? Is encryption always enough?
 
Encryption is not enough by itself. My email server is constantly bombarded hackers. I have a stringent policy against hack attempts. My main protection is cPHULK Brute Force protection. I also require users to have very high strength passwords including length, special characters, numbers, lower and uppercase passwords. It is a real pain but so far it has worked for my server.
 
Do you have sites with a shopping cart or anything else you feel is drawing the attention of hackers? I hate that it's happening to you both, but it sounds like you're dealing with it better than most others. It was discerning to find out that Amazon had malware on its server, mining bitcoins. Just odd to see a big business like that, not catching issues sooner.
 
Do you have sites with a shopping cart or anything else you feel is drawing the attention of hackers?
That is what is so surprising to me. Other than one site that has domain names for sale and no real shopping cart, no other site on my server has anything that I thought would attract a hacker. There are so many other, better targets than what my server would have to offer. Maybe I'm just getting the small time hackers trying to learn how. Either way, it's very annoying!
 
Most, if not all businesses, rely on emails for their day-to-day operations. There a huge chance that sensitive information is also exchanged in this way. I hear stories of email servers being hacked and wonder how can any business avoid this? Is encryption always enough?
I just had to check online to understand what 'brute force' is all about. Apparently, this is a hacking method that uses an automated system to try and guess the password(s) to the many web services. Is there a chance that most of these hackers are creating bots to target the numerous websites?
 
Is there a chance that most of these hackers are creating bots to target the numerous websites?
That's correct. Most that are attacking my server are using bots. In the log files I see the attempts and before using cPHULK there would be as many as two attempts per second to guess passwords and the attempts would last for an hour or more. And as you can imagine it also slows down the server when these attacks were happening. Now, invalid login attempts are limited to 5 then the users ip address is block for 360 minutes Some hackers even use multiple ip addresses so I also get an email for each of these blocks and if I see multiple attempts from the same subnet then I can blacklist the entire subnet.
 
And as you can imagine it also slows down the server when these attacks were happening.
This is exactly what I was going to comment on because no business, with a huge online presence, would ever want to experience slowed down server speeds. I can imagine how these bots have an easy time, especially with the easy passwords. Can this software still be used to monitor hackers trying to access a PC?
 
cPHULK is only for servers running cPanel. I am sure there are other software programs available for the pc, I just haven't used any as I maintain a strict firewall with my AntiVirus software.
 
That is what is so surprising to me. Other than one site that has domain names for sale and no real shopping cart, no other site on my server has anything that I thought would attract a hacker. There are so many other, better targets than what my server would have to offer. Maybe I'm just getting the small time hackers trying to learn how. Either way, it's very annoying!
I wonder if they're attempting to use your server power to mine for bitcoins? The payoff is certainly there. Some of Amazon's servers were hacked for that reason. Allegedly, computer forensics showed that the hackers never attempted to even look at the buyers' and sellers' payment information.
 
I guess that could be the case. Either to mine for bitcoins or to use the server resources for spamming. Or maybe even both. I just know that you have to be constantly on your guard to block them.
 
I just had this discussion with a business friend of mine who had his website hacked and it just reminded me of the importance of being vigilant in blocking all the 'bad' elements online. Hackers are always devising new ways of beating technology.
 

whois



Forums dedicated to Indian domain names, including buying, selling, appraising, developing, and monetizing.

About Us

Threads
29,388
Messages
76,792
Members
7,945
Latest member
nilamburfurniture
Top Bottom