Scrapabill webmasters Security Recommendations
2.1. Set up SMTP authentication to control user access
SMTP Authentication forces the people who use your server to obtain permission to send mail by first supplying a username and password. This helps to prevent open relay and abuse of your server. If configured the right way, only known accounts can use your servers SMTP to send email. This configuration is highly recommended when your mail server has a routed IP address.
2.2. Limit connections to protect your server against DoS attacks
The number of connections to your SMTP server should be limited. These parameters depend on the specifications of the server hardware (memory, NIC bandwidth, CPU, etc.) and its nominal load per day. The main parameters used to handle connection limits include: total number of connections, total number of simultaneous connections, and maximum connection rate. To maintain optimal values for these parameters may require refinement over time. This could be very helpful to mitigate spam floods and DoS attacks that target your network infrastructure.
2.3. Activate Reverse DNS to block bogus senders
Most messaging systems use DNS lookups to verify the existence of the senders email domain before accepting a message. A reverse lookup is also an interesting option for fighting off bogus mail senders. Once Reverse DNS Lookup is activated, your SMTP verifies that the senders IP address matches both the host and domain names that were submitted by the SMTP client in the EHLO/HELO command. This is very valuable for blocking messages that fail the address matching test.
2.4. Use DNSBL servers to fight incoming email abuse
One of the most important configurations for protecting your email server is to use DNS-based blacklists. Checking if the sender domain or IP is known by DNSBL servers world-wide (e.g., Spamhaus, etc.), could cut down substantially the amount of received spam. Activating this option and using a maximum number of DNSBL servers will greatly reduce the impact of unsolicited incoming email. DNSBL servers list all known spammers IPs and domains for this purpose.
2 Firewall Protection
2.1. Use Strong Passwords
While a firewall can protect from almost every attack by a hacker, this must be kept in mind that if a hacker is able to gain access to your computer by any chance, the firewall can be rendered useless. Let alone hackers, anyone can gain access to your sensitive data if they know your password. For example, if anyone wants to gain unauthorized access to your Application, he or she does not need breach your firewall; rather he or she can guess your password instead. That is why, it is essential that you use strong passwords that are unbreakable.
Creating a strong password basically requires the following things: Length. If the password is short in length, this makes it easier for the hacker to guess the password by simply guessing it. Therefore, it is best to have a password of 6 to 8 characters. Longer passwords can quickly frustrate most hackers, even if they use password breaking tools. Structure. Passwords consisting of combination of digits, characters and symbols provide the best security, even against powerful password breaking software. If you use a simple password instead like “applestreet”, it will then become too easy for even the ones other than the hackers to guess it. Uniqueness. Just as you do not have one key for your door, car, garage, etc, you should never use the same password for all your access codes. Using a commonly used password can be guessed by your friends and colleagues easily. And if they succeed in stealing your password, you can expect them to misuse your online bank account, email accounts.
2.2. Block traffic by default
Start blocking all traffic by default and only allow specific traffic to identified services. This approach provides quality control over the traffic and decreases the possibility of a breach. This behavior can be achieved by configuring the last rule in an access control list to deny all traffic. This can be done explicitly or implicitly, depending on the platform.
4.3. Make sure the firewall device is up to date
The firewall device should always be up to date with patches and firmware. If it is not, then it is vulnerable to attacks and the firewall rules will be useless.
3 SECURING DOMAIN
3.1. Decrease number of domain admin accounts
You need domain admin privilege to manage and administrate the Domain controller servers only, we recommended that “Domain Admin” group contain only users who work on domain controllers. DB admins, SCCM admins, Helpdesk users and services accounts should not add to this group.
3.2. Ensure that privileged accounts don’t have mailboxes
Admins Accounts always be targeted by attacker when brute forcing on OWA or ECP (if enable for external network) using these accounts.