I've run my software from a number of dedicated servers in the past without any issues but over the past few weeks I believe one of the servers has been accessed by an unauthorised user.
However, on speaking to the hosts (a reputable company with a large market share) they (a) give me no method of checking which IP addresses have accessed my server and (b) tell me that any security issues are my own responsibility.
I've been paying around £70 a month for each of my servers and expected a better level of support and I've therefore cancelled my contract with them.
So, my warning is this - if you have a dedicated server, make sure you put in place some sort of method of tracking IP access and also build in as many security features as possible.
For those with dedicated servers - A WARNING
Moderator: 2020vision
16 posts
• Page 1 of 2 • 1, 2
For those with dedicated servers - A WARNING
by doris_day » Thu Jul 29, 2010 2:20 pm
'He was looking for the card so high and wild he'd never need to deal another' - Leonard Cohen
-
doris_day - Posts: 968
- Joined: Fri Nov 02, 2007 12:34 am
by jokerjoe » Thu Jul 29, 2010 5:13 pm
Sorry to hear that, do you think they got in via RDP?
For people's general interest, the top link has some good tips on securing RDP http://www.google.co.uk/search?&q=securing+RDP. Other links have guides to enabling SSL to prevent snooping.
For people's general interest, the top link has some good tips on securing RDP http://www.google.co.uk/search?&q=securing+RDP. Other links have guides to enabling SSL to prevent snooping.
-
jokerjoe - Posts: 122
- Joined: Wed May 09, 2007 12:00 pm
- Steve Voltage
by doris_day » Thu Jul 29, 2010 7:08 pm
Joker, thanks for the helpful link.
Arnold, well it was pretty straightforward really. Unless I'm completely losing my marbles, all my settings in Gruss had been altered and so had some of the cells in one of my Excel files.
Is this possible without interference of some sort ? They didn't hack into my Betfair account but I've changed my password in case.
What pissed me off more than anything however was the attitude of my hosts which was not to accept any responsibility or liability.
Arnold, well it was pretty straightforward really. Unless I'm completely losing my marbles, all my settings in Gruss had been altered and so had some of the cells in one of my Excel files.
Is this possible without interference of some sort ? They didn't hack into my Betfair account but I've changed my password in case.
What pissed me off more than anything however was the attitude of my hosts which was not to accept any responsibility or liability.
'He was looking for the card so high and wild he'd never need to deal another' - Leonard Cohen
-
doris_day - Posts: 968
- Joined: Fri Nov 02, 2007 12:34 am
by Steve Voltage » Thu Jul 29, 2010 7:57 pm
doris_day wrote:Joker, thanks for the helpful link.
Arnold, well it was pretty straightforward really. Unless I'm completely losing my marbles, all my settings in Gruss had been altered and so had some of the cells in one of my Excel files.
Is this possible without interference of some sort ? They didn't hack into my Betfair account but I've changed my password in case.
What pissed me off more than anything however was the attitude of my hosts which was not to accept any responsibility or liability.
Best stick clear imo. Probably some server in somebody's bedroom in Pakistan.
- Steve Voltage
by doris_day » Thu Jul 29, 2010 8:40 pm
Well, the server's actually in a data centre in Gloucester but I don't like their attitude regarding security.....
'He was looking for the card so high and wild he'd never need to deal another' - Leonard Cohen
-
doris_day - Posts: 968
- Joined: Fri Nov 02, 2007 12:34 am
by Steve Voltage » Thu Jul 29, 2010 9:05 pm
doris_day wrote:Well, the server's actually in a data centre in Gloucester but I don't like their attitude regarding security.....
Time to name and shame "Fasthosts"
- Steve Voltage
by Craig » Mon Aug 02, 2010 1:39 pm
Doris, this is the very fear that has prevented me from considering a dedicated server.
The possibility of an external hacker is worrying enough, but I'd be at least as concerned about the possibility of an internal hacker.
A technician at one of the server providers might choose to take a very keen interest in servers that access Betfair all day, every day. He'd likely figure that if someone was happy to pay £70 per month for the facility, they were probably doing something right on the exchange.
Any Excel files could be copied — and passwords broken — without too much difficulty. Then, all of your hard work is being shared with a nerdy tea-leaf.
Perhaps my imagination is running wild? Let's hope so.
Is it possible to secure a server against an inside job?
The possibility of an external hacker is worrying enough, but I'd be at least as concerned about the possibility of an internal hacker.
A technician at one of the server providers might choose to take a very keen interest in servers that access Betfair all day, every day. He'd likely figure that if someone was happy to pay £70 per month for the facility, they were probably doing something right on the exchange.
Any Excel files could be copied — and passwords broken — without too much difficulty. Then, all of your hard work is being shared with a nerdy tea-leaf.
Perhaps my imagination is running wild? Let's hope so.
Is it possible to secure a server against an inside job?
- Craig
- Posts: 50
- Joined: Sun Nov 15, 2009 5:43 pm
- Location: Glasgow, UK
by MatGreenaway » Mon Aug 02, 2010 5:09 pm
If yours is a Windows server, you can always bring up the Event Viewer (from administrative tools) and look at the security log. Specifically, the entries with EventID 682 show who has logged on and from what IP address / local machine name.
The Security Event log as a whole may give you more of an insight into whether you have been hacked or maybe you have connected, then it froze and the server later woke up and sent a load of subsequent mouse clicks and key presses?? (I know, unlikely!)
Good point about internal hackers at the hosting company. I'd say probably unlikely, as somebody would be risking their job constantly looking for Betfair-bound traffic. Plus why would they vandalise settings and spreadsheet? It only advertises the fact that somebody has been on it (when it is only in their interest to be not found out).
And I have had similar in the past over crappy attitude to security when a web server we used to host got hacked. They treat it as very much security is down to you unless you pay to use their firewall services. If you had been hacked, I'd think a typical hacker wouldn't really appreciate what you were running, and would more likely be hacking you to host pirated material (look for any added folders under IIS or see if any additional Windows accounts have been added).
Other good tips include (if Windows Server) creating a new account with complex password and putting that in the Administrator group. Then disable the administrator account. I'm still paranoid that I'd lock myself out, so set up the account and log in as that and prove that is administrative, then disable the admin account from that login.
Hope this helps a little.
Thanks,
Mat
The Security Event log as a whole may give you more of an insight into whether you have been hacked or maybe you have connected, then it froze and the server later woke up and sent a load of subsequent mouse clicks and key presses?? (I know, unlikely!)
Good point about internal hackers at the hosting company. I'd say probably unlikely, as somebody would be risking their job constantly looking for Betfair-bound traffic. Plus why would they vandalise settings and spreadsheet? It only advertises the fact that somebody has been on it (when it is only in their interest to be not found out).
And I have had similar in the past over crappy attitude to security when a web server we used to host got hacked. They treat it as very much security is down to you unless you pay to use their firewall services. If you had been hacked, I'd think a typical hacker wouldn't really appreciate what you were running, and would more likely be hacking you to host pirated material (look for any added folders under IIS or see if any additional Windows accounts have been added).
Other good tips include (if Windows Server) creating a new account with complex password and putting that in the Administrator group. Then disable the administrator account. I'm still paranoid that I'd lock myself out, so set up the account and log in as that and prove that is administrative, then disable the admin account from that login.
Hope this helps a little.
Thanks,
Mat
- MatGreenaway
- Posts: 39
- Joined: Tue Jan 26, 2010 3:00 pm
by Craig » Mon Aug 02, 2010 7:19 pm
Mat, thanks for your knowledgeable input.
I wouldn't be concerned about vandalism by an internal hacker — that indeed would be pointless.
I would, however, be worried about intellectual theft — in other words, somebody reading my Excel files and understanding, then copying, my modus operandi.
Perhaps a lowly technician wouldn't have the opportunity to help themselves to the pick of the Betfair users' secrets, but what about the technical manager or director, or even the head of the company? Everybody's got their price.
Although my betting is now consistently profitable thanks to BA, I'm far from a major player, just a hobbyist really.
However, I'm pretty sure that there are some very successful exchange players using remote servers, including some on this forum. Their spreadsheets could make for very interesting viewing.
I wouldn't be concerned about vandalism by an internal hacker — that indeed would be pointless.
I would, however, be worried about intellectual theft — in other words, somebody reading my Excel files and understanding, then copying, my modus operandi.
Perhaps a lowly technician wouldn't have the opportunity to help themselves to the pick of the Betfair users' secrets, but what about the technical manager or director, or even the head of the company? Everybody's got their price.
Although my betting is now consistently profitable thanks to BA, I'm far from a major player, just a hobbyist really.
However, I'm pretty sure that there are some very successful exchange players using remote servers, including some on this forum. Their spreadsheets could make for very interesting viewing.
- Craig
- Posts: 50
- Joined: Sun Nov 15, 2009 5:43 pm
- Location: Glasgow, UK
by doris_day » Tue Aug 03, 2010 6:59 pm
MatG...thanks a bunch.....very useful info....I did ask my hosts how I could read this stuff and they said they couldn't help me....I thought there would be info like this on the server......
'He was looking for the card so high and wild he'd never need to deal another' - Leonard Cohen
-
doris_day - Posts: 968
- Joined: Fri Nov 02, 2007 12:34 am
by xraymitch » Wed Aug 04, 2010 12:11 pm
Hi Doris_Day,
A month or so ago I had to take down my school's website which had been hacked. I am the only one who has the password so it was all rather worrying. With my system I was able to inspect the access logs etc but to no avail.
Before signing up with a hosting package I would always check out the security options available.
Your experience and mine, does make me wary though of going down the hosted server route - particularily as there are no guarantees of privacy.
Ray
A month or so ago I had to take down my school's website which had been hacked. I am the only one who has the password so it was all rather worrying. With my system I was able to inspect the access logs etc but to no avail.
Before signing up with a hosting package I would always check out the security options available.
Your experience and mine, does make me wary though of going down the hosted server route - particularily as there are no guarantees of privacy.
Ray
- xraymitch
- Posts: 410
- Joined: Wed Jun 25, 2008 7:06 am
- Location: UK
by jokerjoe » Thu Aug 05, 2010 12:30 am
Do you believe the risks from hackers are any more significant using a home-based system rather than a server? It seems to me that they are an inevitable part of being online. With a firewall and regular updates I've never noticed any attempts on my home system, I'm not sure why a server should be different.
-
jokerjoe - Posts: 122
- Joined: Wed May 09, 2007 12:00 pm
by doris_day » Thu Aug 05, 2010 8:01 am
Well, I think a datacentre server is more likely to be hacked because they are on 24 hrs a day, are often rented by people for reasons of anonymity and therefore potentially have more interesting stuff on them and also because datacentres have employees that may have access.
'He was looking for the card so high and wild he'd never need to deal another' - Leonard Cohen
-
doris_day - Posts: 968
- Joined: Fri Nov 02, 2007 12:34 am
by MatGreenaway » Thu Aug 05, 2010 11:02 am
The issue with home PC vs dedicated hosted server is that traditionally, the dedicated server is by default open for a lot of services (web and email access and remote control) so it's default state is with pretty much an open firewall so it's only security is the admin logon.
Your home PC often sits behind a router on a broadband connection. The router will allow communications out (and accept replies from the big bad world if the computer initiated them, such as collecting email from your web server) but it will drop any inbound connections.
A dedicated server accepts traffic on port 80, 443, 25, 3389 etc..
If you pay the additional fee to have a firewall and configure that to drop incoming traffic, you solve many of the problems - the only issues then are internal staff who (like an earlier poster said) may look for betting exchange bound traffic and then go looking at the server.
The advantages of dedicated server are almost impervious to loss of power and internet connectivity due to the redundant supplies they utilise. Not your electricity bill. Easy to upgrade. No accidental turning off the PC by the kids. Faster connection to the internet.
The disadvantages of them are by default they are open to attack and they need to be locked down. Vulnerable to snooping from internal people. They cost money.
I've done a test this month but don't think I am getting much extra value so I may play safe and go back to the home PC model. I then know I haven't got to worry about the Teaboy at the hosting company nicking my ideas!
Hope you all have a good day's profit!
PS - BA is the world's best piece of software! Gruss is the world's best software house! Top notch product. I've been a user for just over 2 years now - so glad I stumbled across a demo tutorial video on Youtube back in January 2008. I'd only ever lost at gambling before that.
Your home PC often sits behind a router on a broadband connection. The router will allow communications out (and accept replies from the big bad world if the computer initiated them, such as collecting email from your web server) but it will drop any inbound connections.
A dedicated server accepts traffic on port 80, 443, 25, 3389 etc..
If you pay the additional fee to have a firewall and configure that to drop incoming traffic, you solve many of the problems - the only issues then are internal staff who (like an earlier poster said) may look for betting exchange bound traffic and then go looking at the server.
The advantages of dedicated server are almost impervious to loss of power and internet connectivity due to the redundant supplies they utilise. Not your electricity bill. Easy to upgrade. No accidental turning off the PC by the kids. Faster connection to the internet.
The disadvantages of them are by default they are open to attack and they need to be locked down. Vulnerable to snooping from internal people. They cost money.
I've done a test this month but don't think I am getting much extra value so I may play safe and go back to the home PC model. I then know I haven't got to worry about the Teaboy at the hosting company nicking my ideas!
Hope you all have a good day's profit!
PS - BA is the world's best piece of software! Gruss is the world's best software house! Top notch product. I've been a user for just over 2 years now - so glad I stumbled across a demo tutorial video on Youtube back in January 2008. I'd only ever lost at gambling before that.
- MatGreenaway
- Posts: 39
- Joined: Tue Jan 26, 2010 3:00 pm
16 posts
• Page 1 of 2 • 1, 2
Who is online
Users browsing this forum: No registered users and 23 guests