The Year 2010 for Websites Defacements300000250000200000150000 Defacements100000 50000 0 Jan Feb Mar Apr May Jun Jul Aug Sep Oct Nov Dec
The Year 2010 for Websites• Over 1.4 million websites were defaced.• Over 81% websites were hosted on Linux/Unix platforms.• Over 85% websites were using Apache. 1200000 1000000 800000 600000 Attacks 400000 200000 0 IIS 6.0/5.0 Apache IIS 7.0/7.5
What does it mean?• Defacements are more prone on Linux/Unix platforms. – Not because they are insecure, but because they are used more.• The “Attack-Surface” is widening due to increase in web users. – With an ever-increasing ratio of mobile web users, this will be even greater by 2012.
Why can my website be defaced?Hosting Flaws Development Flaws Unprotected Network Coding Errors Unpatched Servers Unhandled Exceptions Legacy/Broken Software Web Vulnerabilities The solution is to keep the hosting environment updated with the latest patches/antivirus/software and to incorporate security testing in the SDLC
Net Canine – Your Website Watchdog• Net Canine watches your websites and alerts you if “things are not okay”.• Since you are the first one to know about the problems with your website, you can quickly correct them before the news spread!
About Net CanineThe system uses advanced machine learning technology to check your website for Downtime • Notifies you whenever the website is unavailable, and also when it is available back again. Defacement • Notifies you whenever the website is defaced or disintegrated, so that you can reset it quickly. Hijacking • Notifies you of DNS and Domain Hijacking attacks on your website. Phishing • Informs you about the links on your website which lead to phishing websites. Malware • Alerts you about ‘drive-by-download’ malware attacks by scanning your website for malicious software and scripts
How it works • Sees yourScan website like a normal visitor • Finds Detect anomalies on the website • Informs the Alert webmaster about the anomaly