Whether it is difficult to crack the server? It directly depends on the taken measures of protection. It is almost impossible to avoid cracking attempts, however the administrator quite can maintain safety of the server at the appropriate level.
Instruction
1. Effectively to protect the server, his administrator should represent the cracking methods used by hackers at least in general. In this case it will be able to block the holes existing in its system and is effective to interfere with any attempts of penetration on the computer.
2. The hacker can get on the server, having used vulnerabilities of scripts. If you use standard scripts, view information on their vulnerabilities in network. In case of detection of those immediately put the current version of a script or use "patch", usually they are created very quickly.
3. Your website can be scanned on vulnerable services – that is such in which vulnerabilities are found and under which exploits are created. The exploit is the program code allowing to use the existing vulnerability for receiving control over the computer. Pay attention to versions of the services working for you, at emergence in network of information on the found vulnerabilities quickly eliminate them. Do not forget that after emergence of information on new vulnerability within the first two-three days in the world millions of computers are cracked.
4. Regularly check the server for open ports. For convenience of work with the cracked machine the hackers often load into a system a rootkit – the program opening a certain port and allowing to be connected easily to the computer. For audit of your system you can use the XSpider program allowing to find various vulnerabilities.
5. Remember that the more on your server of the websites, the risk of cracking is higher. The hacker can crack one of the websites and to try to get access to the server through it. Enable the ban on execution of console commands by the ordinary user, register rules for a firewall. Accurately register access rights to files. Regularly check a system programs for search of spyware. Delete information on the used services.
6. You monitor logs of the server, you can find information on cracking or attempts of its implementation in them. Use everywhere where it is possible, passwords, at the same time do them difficult. Never use normal words for the password, it is easy to pick up or restore such password from a hash. The password should be long, with use of letters, digits and special characters.