Securing your emails

marsh

Active Member
Most, if not all businesses, rely on emails for their day-to-day operations. There a huge chance that sensitive information is also exchanged in this way. I hear stories of email servers being hacked and wonder how can any business avoid this? Is encryption always enough?
 

JackD

Active Member
Country flag
Encryption is not enough by itself. My email server is constantly bombarded hackers. I have a stringent policy against hack attempts. My main protection is cPHULK Brute Force protection. I also require users to have very high strength passwords including length, special characters, numbers, lower and uppercase passwords. It is a real pain but so far it has worked for my server.
 

Foroux

Member
Do you have sites with a shopping cart or anything else you feel is drawing the attention of hackers? I hate that it's happening to you both, but it sounds like you're dealing with it better than most others. It was discerning to find out that Amazon had malware on its server, mining bitcoins. Just odd to see a big business like that, not catching issues sooner.
 

JackD

Active Member
Country flag
Do you have sites with a shopping cart or anything else you feel is drawing the attention of hackers?
That is what is so surprising to me. Other than one site that has domain names for sale and no real shopping cart, no other site on my server has anything that I thought would attract a hacker. There are so many other, better targets than what my server would have to offer. Maybe I'm just getting the small time hackers trying to learn how. Either way, it's very annoying!
 

ritchie

Active Member
Most, if not all businesses, rely on emails for their day-to-day operations. There a huge chance that sensitive information is also exchanged in this way. I hear stories of email servers being hacked and wonder how can any business avoid this? Is encryption always enough?
I just had to check online to understand what 'brute force' is all about. Apparently, this is a hacking method that uses an automated system to try and guess the password(s) to the many web services. Is there a chance that most of these hackers are creating bots to target the numerous websites?
 

JackD

Active Member
Country flag
Is there a chance that most of these hackers are creating bots to target the numerous websites?
That's correct. Most that are attacking my server are using bots. In the log files I see the attempts and before using cPHULK there would be as many as two attempts per second to guess passwords and the attempts would last for an hour or more. And as you can imagine it also slows down the server when these attacks were happening. Now, invalid login attempts are limited to 5 then the users ip address is block for 360 minutes Some hackers even use multiple ip addresses so I also get an email for each of these blocks and if I see multiple attempts from the same subnet then I can blacklist the entire subnet.
 

marsh

Active Member
And as you can imagine it also slows down the server when these attacks were happening.
This is exactly what I was going to comment on because no business, with a huge online presence, would ever want to experience slowed down server speeds. I can imagine how these bots have an easy time, especially with the easy passwords. Can this software still be used to monitor hackers trying to access a PC?
 

JackD

Active Member
Country flag
cPHULK is only for servers running cPanel. I am sure there are other software programs available for the pc, I just haven't used any as I maintain a strict firewall with my AntiVirus software.
 

Foroux

Member
That is what is so surprising to me. Other than one site that has domain names for sale and no real shopping cart, no other site on my server has anything that I thought would attract a hacker. There are so many other, better targets than what my server would have to offer. Maybe I'm just getting the small time hackers trying to learn how. Either way, it's very annoying!
I wonder if they're attempting to use your server power to mine for bitcoins? The payoff is certainly there. Some of Amazon's servers were hacked for that reason. Allegedly, computer forensics showed that the hackers never attempted to even look at the buyers' and sellers' payment information.
 

JackD

Active Member
Country flag
I guess that could be the case. Either to mine for bitcoins or to use the server resources for spamming. Or maybe even both. I just know that you have to be constantly on your guard to block them.
 

ritchie

Active Member
I just had this discussion with a business friend of mine who had his website hacked and it just reminded me of the importance of being vigilant in blocking all the 'bad' elements online. Hackers are always devising new ways of beating technology.
 
Thread starter Similar threads Forum Replies Date
Prashant Sharan Elliot Silver on why he doesn't give price in outbound emails Resources 0
Prashant Sharan May be a text can illicit response faster than emails Resources 0
Prashant Sharan Switching emails is a big problem when it comes to changing domain names Resources 0
Prashant Sharan Forward purchase inquiry emails directly into your Uniregistry Market account Registrars 0
Prashant Sharan Registrars to send out more Whois accuracy emails Resources 0
D Registrars not sending authorization emails for domain transfer Registrars 3
JulienJ Used Canned Responses to make common emails faster in Gmail Resources 0
D How to end daily spam emails from our.in General Indian Domain Name Discussion 2
Roshni How often to send marketing emails? Webmaster Forum 4
domainking131 ICANN hacked—emails and passwords stolen Non-Indian Domains 0
domainking131 Beware of the spam emails Non-Indian Domains 0
domainking131 Tips to send better emails Resources 2
D Resellerclub/Directi not responding to emails, support requests Registrars 0
domainking131 Domainers getting spam emails from SiteBinge.com Non-Indian Domains 0
domainking131 Emails from Gmail may not be reaching to your probable buyers in China Non-Indian Domains 1
D Indian Newspaper, magazine advertisers emails lists available For Sale / Advertising 0
D How to trace missing or delayed emails? Webmaster Forum 0
ebiz4india Domain + Unlimited Hosting, Emails, MySQL, 24/7 Support on Phone/Chat/Email. Hurry Up For Sale / Advertising 3
T Sending Mass Emails Marketing Your Website 7
ebiz4india Unlimited Hosting, Bandwidth, Emails, Database, 365 Money Back Gurantee. $3.45/pm For Sale / Advertising 1
N Netandhost.com Spamming And Sending Misleading Emails General Indian Domain Name Discussion 9

Similar threads

whois



Forums dedicated to Indian domain names, including buying, selling, appraising, developing, and monetizing.

About Us

Threads
26,714
Messages
73,642
Members
7,630
Latest member
leovincent
Top Bottom