5 steps to take if your cloud server’s been hacked
February 27, 2014
Grazed from TechPageOnce. Author: Dennis Smith.
Cloud computing and cloud servers rely on browser technology, which itself relies on Domain Name Systems (DNS) and secure DNS management to send users to the right site. But what happens when users are sent to the wrong site — a malicious site? DNS servers can be vulnerable to hijacking — obtaining administrator credentials and redirecting traffic to another server — which can also interject malicious code or send traffic to questionable sites, including phishing sites. You may have read about recent attacks on internet sites, including LinkedIn and NYTimes.com. The work of “hacktivists”, DNS hijacking has serious implications for cloud computing. Here are five ways to better secure your DNS servers and avoid or mitigate potential damage from an attack:
Separate DNS servers from applications and data
Whether you manage DNS in-house or outsource, separating your DNS servers from applications and data is a business continuity best practice. It enables you to perform a DNS redirect to a site that informs users of an outage. Without the separation, the DNS will fall should an enterprise or ISP server go down. Separating the DNS minimizes potential data loss in the event of an attack…
Monitor and alert your cloud server
Monitoring your network’s domain lookups can help you identify if it has been compromised, or if it may already be infected with malware. While this can be somewhat challenging, monitoring domain lookups can complement existing network monitoring activity. Look for the telltale signs – such as a system which looks up domains that are less than a week old. Malicious domains pop up daily, and if your monitoring activity turns up with one or two new sites, it could be a sign that a machine has fallen victim to malware. Your system administrator can block access to these newly established sites and prevent further damage…
Read more from the source @ http://techpageone.dell.com/technology/5-steps-take-cloud-servers-hacked/#.Uw9v5vRdWRM
Subscribe to the CloudCow bi-monthly newsletter @ http://eepurl.com/smZeb