Disclosure

My Server’s been hacked – What do I do now? Pt 3.

Wednesday, March 14, 2018

Finally. Finishing up after Part 1 and Part 2, this is the end of my updated thoughts on an old Server Fault post with some final thoughts on reducing risks in the future. Reducing the risk in the future. The first thing you need to understand is that security is a process that you have to apply throughout the entire life-cycle of designing, deploying and maintaining an Internet-facing system, not something you can slap a few layers over your code afterwards like cheap paint.

Continue reading →

My Server's been hacked - What do I do now? Pt 1.'

Wednesday, March 14, 2018

Introduction In this series of posts I’m revisiting an answer to a question that appeared on Server Fault way back in 2011. I’m pleased to say that it’s been viewed over 100,000 times, and I like to think its helped a few of them. But it’s time to look again. Since I wrote that post, there have been some huge intrusions, such as the well known Ashely Madison, Anthem Medical Data and JP Morgan breaches that affected millions of people.

Continue reading →