Network Security
close

on 11th November 2016 / by Safia.F.Mohiuddin
Data losses and financial information theft happen at astounding rates and costs in millions. In fact, US alone records $525 million in losses as per Statista estimates. The proliferation of mobile applications has uncovered additional vulnerabilities, with poor security practices of users compounding the rate of occurrence of cyber crime. How Vulnerable are E-commerce Transactions Online hacking attacks and fraud rates recorded $32 billion in cost in 2014, as per Business Intelligence estimates. Moreover, with 27 fraud attacks attached to every 1000 transactions (BI data – last quarter 2015), and a 215% increase from the first to the fourth quarter, the vulnerability of e-commerce transactions is clearly visible. Although customers feel safe shopping online, personal information and financial data theft from SQL Injection, Path Traversal, Malware, Hijacking or Cross-Site scripting are not uncommon. Cyber criminal activity can cause partial or complete interruption of business services, denial of service and lost revenue. All these effects can proliferate to more severe losses related to customers, search engine ranking and brand reputation. Why E-commerce Websites are Prone to Cyber Criminal Activity Unprotected Web Services can be taken over by malicious applications, leaking confidential information or performing unauthorized tasks on e-commerce websites Insecure SSL - CSS, JavaScript, images, or invalid certificates can make your SLL page insecure Inadequate Transport Layer Protection – Data that is exchanged over an unprotected transport layer is prone to sniffing attacks from a number of network points including proxies, routers, and cell towers How Can you Prevent Cyber Attacks Secure transactions can prevent tangible and intangible losses to your business, through a few security measures: Choose a sophisticated OOPS platform with good website design, real-time analytics, malicious software removal and regular PCI scanning Ensure secure SSL throughout your customer experience, including secure SSL checkout, SSL web and data authentication, encryption for data in transit, PCI compliant EV SSL, URL green bar security seal for maximum customer trust and AVS / CVV on checkout Implement a layered security model, with a firewall, contact forms, search forms, to protect against SQL injections and cross-site scripting (XSS) Implement Payment Card Industry Security Standards Council (PCI DSS) for secure transactions and accompany orders with tracking numbers to prevent chargeback fraud As per PCI standards, sensitive customer data, especially credit card information must not be stored on file Empower customers to protect their information with complex passwords to prevent cybercriminals from attacking from the front-end Eliminate human error, through secure access to confidential information and close surveillance Enable system alerts for suspicious activity including multiple orders with different credit cards, phone numbers from different areas, and when incorrect recipient name is detected Choosing the right service provider for your websites ensures success in the e-Commerce marketplace. Zyxware ensures compliance to major security standards that will eliminate any possibilities of financial or customer information theft, backing your business to become immune to cyber criminals and deliver zero vulnerability digital and customer experiences every time. To learn more about how we can help you, get in touch with us! References:Cyber Crime on RiseStatista:Cyber CrimeBusiness Insider Data for 2016 Ecommerce Network Security Leave a reply Your email address will not be published. Required fields are marker *
close

on 04th July 2013 / by sandeep.sasikumar
On certain servers, there are chances of our IP addresses getting blocked when we accidentally enter the wrong password multiple times or when we unintentionally try to ssh via the wrong port multiple times. The IP will be blocked for a certain period of time. If you have faced the same issue then read on to know how to block blacklisted IP addresses on a WHM based GNU/Linux server. Before trying to solve the problem we have to check the following things to identify where we went wrong: Check whether the username and password you entered is correct Check whether your passwords have unnecessary spaces. Check the default ssh-port Now lets see how to remove the blocked IP from WHM Login to WHM with the username and password [The funny part about the initial step is that now you won't be able to log into WHM because your IP is blocked, so try from any another connection with a different IP :) ]. After logging in to WHM the next step is to find out the 'Plugins' option. In the 'Plugins' option select 'ConfigServer Security&Firewall' In this option you will see a list of different features and from this list note the feature titled 'Temporary allow/deny', under this you can see your IP address. To unblock your IP address simply remove that IP from the IP address field. Now try connecting with your IP address and you should be able to acess it:) Linux System Administration Server Administration WHM Network Security Web Security Leave a reply Your email address will not be published. Required fields are marker * Alaa (not verified) access_time 23 Feb 2019 - 07:53 Thanks for the info. Anonymous (not verified) access_time 23 Feb 2019 - 07:53 i am using putty but not working my ip. Anonymous (not verified) access_time 23 Feb 2019 - 07:53 This is just what i have been looking for long. Got most of my routers ip blacklisted on whm. I read the tute, logged in the vps and cleared them up. Thanks Michelle (not verified) access_time 23 Feb 2019 - 07:53 It seems this normally happens when you make a change to a website or email on a diffrerent i.p. Either way thanks for the help. Jeffery (not verified) access_time 23 Feb 2019 - 07:53 May I know how to remove our IP from the Gmail blacklist? I need to know the reason why I was blacklisted. Here is my blog maxautoglass.com and I need help to configure a static IP address from Windows 7. Add new comment
more_horiz
close

on 16th November 2012 / by sandeep.sasikumar
Most web developers & system administrators have to do SSH logins to WHM based servers to make the necessary changes there. The default port used for ssh logins is port 22. However there might be unusual circumstances where port 22 is not the default port. In such a scenario we need to identify the default ssh-port used by the server. If you are facing a similar situation then read on to know how to find out the current port being used by SSH on a WHM based server. Here are the steps to identify the default ssh-port from WHM: First Login to the WHM with your username and password. In the 'Plugins' option click on the 'ConfigServer Explorer' option. From the list of folders select the 'etc' folder. In the next list of folders select the 'ssh' folder. Within this list click on the 'ssh config' file. The ssh config file consists of the details of the ssh-port which is selected as the default. In most cases the port will be 22. However if you are having any problem with your ssh connection, follow the steps mentioned above and find out which is the default ssh-port used and then try to ssh using that port. Linux Networking WHM Network Security cPanel Web Security SSH Leave a reply Your email address will not be published. Required fields are marker * Talu (not verified) access_time 23 Feb 2019 - 00:20 Hi: Thanks for this article, I was forgoten the port of my ssh but in the last version of WHM (11.38.2 build 7) or on my server, the 'ConfigServer Explorer' option is not available so I find the port on the firewall settings 'ConfigServer Security & Firewall' under 'Allow incoming TCP ports' and descarting the default know ports such as ftp, web, etc. http://www.talu.me/ Add new comment
more_horiz
close

on 25th May 2012 / by Anoop John
Nmap is a Free Software tool that can be used for a variety of network network exploration tasks and security auditing. Nmap ("Network Mapper") scans IP packets to determine a lot of different aspects about hosts available on the network and also about services these hosts are offering. It can help you find a lot of information about these hosts including reverse DNS names, operating system guesses, device types, and MAC addresses. Here is a simple command to find all active IPs in your local area network using nmap nmap -sP 192.168.1.0/24 You can install nmap in Ubuntu / Debian by running sudo apt-get install nmap Alternatively you can also use sudo arp-scan -I eth0 192.168.1.0/24 Networking Ubuntu Debian Linux Shell Network Security Leave a reply Your email address will not be published. Required fields are marker *