Shared server security begins with understanding your enemy. I plan to outline the vast array of techniques hackers use to penetrate servers, steal mission-critical data, and deface websites.
Princeton, NJ (PRWEB) July 10, 2012
CloudLinux (http://www.cloudlinux.com), creators of the only operating system (OS) optimized for shared web hosting, announced today that the team will attend HostingCon 2012 to exhibit and present a speech to industry members on security for shared servers. HostingCon is an annual event that brings together thousands of people from the web hosting industry to network, discover new products, and learn new skills and techniques.
“I am very excited to be returning to HostingCon this year, not only as an exhibitor but also as a speaker,” says Igor Seletskiy, Founder and CEO at CloudLinux. “CloudLinux offers web hosting providers and their customers a number of features designed to improve quality of service and server stability. However, we are determined to support the entire shared web hosting industry on a variety of issues. In my talk, I will be discussing the importance of shared hosting security, including how to defend against common attacks.”
In a shared web hosting setup, security breaches or malicious attacks result in serious loss of earnings for hosting companies. If a single shared server is home to hundreds, or possibly even a thousand individual websites, a single hacker can source vast quantities of confidential data, or take every one of these websites offline. To help web hosting providers mitigate the various threats faced by shared servers, Seletskiy’s speech, titled “Securing Shared Servers Against Attack,” focuses on the most common attacks. These include privilege escalations, information disclosures where a hacker obtains system information, the use of buffer overflows to execute malicious code or malign server performance, denial of service (DoS) attacks, and race conditions to avoid time-of-check-to-time-of-use vulnerabilities. Seletskiy will explain approaches to limiting exposure to these various attacks, and will discuss additional steps hosting providers can take to defend their servers against them.
“Shared server security begins with understanding your enemy,” says Seletskiy. “I plan to outline the vast array of techniques hackers use to penetrate servers, steal mission-critical data, and deface websites. I will also offer advice on dealing with these threats, from server hardening techniques for CloudLinux OS to the built-in features that make CloudLinux a secure, dependable Linux distribution. In addition to these attacks that affect every single server, I will also discuss the specific risks associated with certain types of database-driven applications.”
Increasingly, webmasters and shared web hosting users are launching rich, dynamic content using a server-side scripting language in conjunction with a relational database model. However, these services offer additional points of entry for attackers. Seletskiy’s talk covers various ways to secure PHP hosting services and carefully control how scripts are executed to avoid malicious alteration. The discussion will also explain how hackers use SQL injections to attack databases. SQL injections can not only damage the contents of a database, but also make it possible for confidential data to be downloaded and misused. For any hosting provider or webmaster that uses a database to store private customer data, Seletskiy’s advice is quite simply, indispensable.
“There are a number of reasons CloudLinux will have a strong presence at HostingCon 2012,” says Seletskiy. “We naturally want to tell as many people as possible about our innovative operating system, and how it continues to revolutionize the shared hosting industry. But I hope that, by attending my talk, hosting providers will also be able to improve the security of their shared servers with practical advice and, as a result, deliver the best overall service possible.”
By offering actionable security advice alongside a secure Linux operating system tailored to the needs of shared servers, CloudLinux continues to improve shared web hosting services industry-wide.
HostingCon 2012 takes place in Boston, MA, July 17-18, 2012. CloudLinux will be present throughout the event, and Igor Seletskiy’s speech, “Securing Shared Servers Against Attack,” takes place on Tuesday, July 17th at 2pm.
For more details on CloudLinux and LVE Manager, visit http://www.cloudlinux.com.
CloudLinux was founded in 2009 to address the distinctive needs of web hosting providers. The company’s headquarters are in Princeton, New Jersey, and its development team, composed of employees with an appreciable proficiency in the hosting business, is based in Donetsk, Ukraine. CloudLinux is a stable, privately funded company geared toward providing the ideal operating system (OS) to make even the most intricate and divergent hosting needs more straightforward. The company’s flagship OS is optimized to help hosting providers deliver more stable shared hosting services, with account isolation and resource allocation on an OS level.
For more information on CloudLinux, visit http://www.cloudlinux.com.
CloudLinux (Press: Young Copy)