Definitions

Discussion in 'General Website Security' started by David, Oct 2, 2016.

  1. David

    David New Member

    Joined:
    Sep 21, 2016
    Messages:
    24
    Likes Received:
    0
    Trophy Points:
    1
    To gain a better understanding of website security and how the world of cyber crime and prevention works, here is a list of commonly used terms and definitions.

    Malicious Websites
    Sites that host software that is covertly downloaded to a user’s machine to collect information and monitor user activity. Websites that are infected with destructive or malicious software, specifically designed to damage, disrupt, attack or manipulate computer systems without the user’s consent, such as virus or trojan horse.

    Phishing Attackss
    These are counterfeit web pages that duplicate legitimate business web pages for the purpose of eliciting financial, personal or other private information from the users.

    Spam Urls
    Websites or web pages whose URLs are found in spam emails. These web pages often advertise sex sites, fraudulent wares, and other potentially offensive materials.

    IP Address
    An IP address is the unique number assigned to every network that can access the internet.

    WHOIS Information
    Using the WHOIS Internet directory provides owner information for all registered domains. The Internet Corporation monitors this with unique numbers and names assigned (ICANN) to all registered domains. This database houses all important owner information and dates of registration for safe record keeping.

    The easiest way to find out who is hosting a website for a client that doesn’t know is whoishosting.com

    DNS (Domain Name System)
    DNS information is used by computers to talk to one another. It is used to turn a websites name into an (IP) Internet Protocol. While we read a website name, the computer reads a DNS that looks like a series of numbers (122.45.678.912). Monitoring your website’s DNS number that is associated to your unique domain.

    SSL Certificates
    SSL Certificates allow you to transmit secure information over Http. The certificates contain your site information, and some of your company information.

    Cross Site Scripting
    A method used by hackers to infect trusted websites with malicious scripts. Hackers often do this by taking advantage of browser security flaws that are very wide spread. Hackers take advantage of user input and the output it makes. When user output is generated it is not encrypted and can be easily be stolen by a hacker. This gives a hacker access to your cookies, session tokens, and other sensitive information about your browser that works with a particular website. This is a wide spread website security issue that can happen to even the most secure websites

    Obfuscated JavaScript injections
    Website security experts often run into obfuscated JavaScript injections in websites. Obfuscation is simply trying to mask the meaning of JavaScript by encrypting the code. There are a number of ways to encrypt the information and are unique to how a hacker wants to setup a key to encrypt the code. Obfuscation makes it difficult to uncover what a particular hack is trying to execute.

    Website Defacement
    Usually website defacement is politically or cause motivated. Hackers will often deface the main pages of government or corporate websites and leave their hacker signature or calling card for everyone to see. Website security experts agree that this is mainly done to gain notoriety amongst hacking community peers.

    Hidden and Malicious iFrames
    iFrames are used in legitimate websites to hide a document within a websites HTML code. This gives a hacker access to try to execute malicious attacks and remain hidden. In website security terms iFrames are used to launch redirects to spam, exploit kits, and phishing attacks from a legitimate website that looks to have no issues going on with its security.

    Malicious Redirects
    In the website security world is a tactic employed by hackers to simplify phishing attacks. Instead of sending a fake email in hopes that you open it and follow a link to an infected site, they simply hide a redirect in the http command to an infected website. Lets say you wanted to go to ebay.com. You Google search ebay to find the link to the website and click on it. Instead of being taken to ebay a hacker redirects you to an ebay look a like site that asks you to update your log in information. The hacker than simply saves your new information and logs into your real ebay account.

    Backdoors
    A back door for website security purposes is an undocumented way to gain access to a website or computer system. Hackers will usually leave these pieces of code behind in a website along with malicious code to gain access to a site that has been cleaned up, or has changed its log in credentials. If a backdoor is left in a website there is nothing that can be done to protect the site until all backdoors have been removed.

    Phishing Attempts
    Phishing is when emails are sent out falsely on behalf of established organizations. These emails will direct customers to a fake website that was setup by a hacker that requests that log in credentials or other vital information be updated. Once the unsuspecting customer updates their information the hacker simply saves the information and logs into customers accounts to steal whatever they can from the customers accounts. As far as website security is concerned phishing is the number one reason for rampant identity fraud globally.

    Social Engineering Attacks
    Social engineering is a non-technical kind of hacking that tricks computer users to break normal security procedures. Hackers gain access to computers, websites, and personal bank information by getting users to download malicious emails, software’s, or by calling directly to employees posing to be a customer with an urgent matter. As a result unsuspecting employees often fall victim to these tactics revealing information about accounts, networks, and other vital information. This is a website security nightmare as employees are usually tricked into giving up sensitive company information.

    Drive By Downloads
    A drive by download is when a hacker creates a computer bot to scan the internet looking for websites to infect. He does this by creating a list of known website security issues and software vulnerabilities. A hacker use this bot until he finds websites with exploitable software within a website. Once the software’s are found the hackers program will try to use the known exploit or vulnerability to try to inject malicious code into the website. This is called a drive by download. Drive by downloading has become the preferred method of hackers to mass infect websites. They do not concern themselves with the type of websites or size. It is simply a numbers game to find and infect as many websites as possible. From there hackers can move into home computers of visitors to these sites to spread their infections.

    Unblacklisting Servicess
    This service is also provided with our website insurance packages. Unblacklisting service is helpful because there are blacklisting authorities that monitor all websites for malware. Once your website is found to be infected by these authorities they will take your site down. This is called blacklisting. This has a huge impact on your site and it’s ranking on the search engines. Every time your site is taken offline it hurts your chances of coming up high for your desired search terms.

    iLockout’s website insurance options minimize your down time when this happens. We have most blacklisted sites back online within 10 hours. Websites that already have our coverage when they get infected typically can be fixed before they even get taken down.

    FTP
    File Transfer Protocol is the standard for exchanging content and data files across an internet network.

    SFTP
    Is an encrypted version of FTP.

    CMS
    CMS stands for Content Management System. It makes it easier to organize website files and media that are displayed on websites. Some examples of CMS systems are WordPress, Joomla, and Druple. While CMS systems make it easier for non webmasters to maintain websites they also leave websites more susceptible to a hacker. Website security experts often find that owners of websites that use CMS systems, and software’s that plug into these CMS systems are not updated or maintained. New versions of CMS systems and their plug in software have new versions come out to fix security flaws as they are discovered. If these updates are not performed on a regular basis and as soon as they come out than you leave your website wide open to many forms of attack by hackers.

    CMS Updates
    CMS updates consist of updating your CMS system to the latest version of your websites CMS system. This is often an easy thing to do and can take as little as an hour to update. Degrees of difficulty vary due to the amount of 3rd party plug ins that a website may have as not all plug ins work for the newest versions of CMS systems. Compatibility issues then arise and custom programming would be needed to make these plug ins compatable with the new CMS version.
     
  2. David

    David New Member

    Joined:
    Sep 21, 2016
    Messages:
    24
    Likes Received:
    0
    Trophy Points:
    1
    CMS Migration
    A CMS move occurs when changing your CMS to an entirely new build version. Take Joomla for example. Joomla has three build versions. 1.5, 2, and 3. For these build versions there are updates that come out to plug website security gaps. If you have a website on the 1.5 software build and want to update to the latest version of 1.5 software then you would do a CMS update to version 1.5.27. If you wanted to switch from your 1.5 software framework and move to the 3 version then this is considered a CMS move. This requires databases to be rebuilt and setup, and transferring all site content and files to the newer version. This can be a time consuming process depending on the size and complexity of the website.

    Website Hardening
    Website hardening is very important in the world of website security. Website hardening is the process of setting up and programming your website to be secure. There are many small changes that can be made when setting up a website that will make it far less likely to get hacked again. Blocking certain scripts, changing file permissions, hiding common file extensions, setting PHP register global’s, hardening htacces, and much more must be completed to deflect the most common types of attacks that will be encountered online. Consult your iLockout account rep for for detailed information on website hardening options.

    FTP Scanning
    FTP scanning is the process of scanning your website files by accessing your website through ftp. Ftp scanning monitors changes made to website files, backdoor detection, and deep scanning of all website files for otherwise undetectable website hacks.

    Front End Scanning
    Front end scanning monitors your website source code that is visible to viewers online. This will pick up hidden iFrames and other hacks that are visible on the front end of your website.

    Vulnerability Scanning
    A scanner that cross references known software vulnerabilities with software that is used in a clients website. This scanner identifies CMS, plug in, and extension vulnerabilities and allows iLockout to plan the best course of attack in securing a compromised website.

    Phishing Scanner
    Uses FTP scans to cross reference lines of code commonly used in phishing attacks. When signatures are detected phishing attacks are flagged.

    IP Filtering
    IP filtering allows you access to block access. Limit IP addresses coming from places that you don’t do business with. Large concentrations of attacks often come from countries that do not do any kind of business with you. Hackers inside the US often use proxie companies that are outside of the US. This means they are buying IP addresses to mask their original IP to try to throw off authorities. Blocking non US and Canada IP addresses from your site is an effective way to shield yourself from attacks before they begin.

    Brute Force and Bad Bot Blocking
    Brute force is a hacking software design to repeatedly guess your password information. Bots are computer programs that hackers use to find websites to hack and profile them for vulnerabilities. iLockout blocks known bad IP addresse’s and known bad bots from your website. In addition, iLockout blocks abnormal hits from the same IP address. If an IP gets blocked that you need to give access to then you can add that IP to a white list to unblock them from your website.

    Hosting Company
    The hosting company such as Blue Host and Godaddy is the company that is paid to put your website up on their servers so people can view your website online. Hosting companies have the FTP information to access the website. They are solely responsible for making sure that your server and website remains up and visible online. Any website maintenance, fixes, hacking detection and repair is outsourced to third party affiliate companies.

    Botnets
    Are networks are computers that a hacker has infected and is now using to carry out attacks on websites and computers. Botnets of hundred’s even thousands of computers can be remotely controlled by a hacker to do their bidding.

    Online Reputation Protection
    Online reputation protection is having clearly visible certification that a website security company is monitoring your website daily. This puts customers at ease that your website is being checked daily, updated when needed, and free of any known malicious code. Having a website security badge displayed on your website has been proven to have positive results on customer conversions resulting in more sales.

    How Hackers Make Money
    Stealing website traffic from reputable websites is a lucrative way to make money off of legitimate businesses. Each customer that a hacker is able to redirect to a bad site gets paid a commission by an advertiser. It may only be a few pennies per customer but hackers build networks of redirects that send thousands of customers to spam websites. Selling client information or proprietary information can fetch large sums in the cyber crime arena. Anything from email addresses, social security numbers, credit card numbers, patent information, and other company proprietary data fetches billions of dollars yearly on the cyber black market. Website security experts estimate that over a trillion dollars in damages were caused last year due to stolen information online.
     
  3. Taylor

    Taylor New Member

    Joined:
    Oct 25, 2016
    Messages:
    25
    Likes Received:
    0
    Trophy Points:
    1
    Gender:
    Female
    Thank you for this. Some of these I actually didn't even know what they meant. It was nice that I now know more of them so that I make sure I"m aware of everything on my site and how to run it.
     

Share This Page