howard
11-10-2005, 04:42 PM
Thanks again to all who replied to an earlier post ( http://forums.westhost.com/showthread.php?t=8542 ).
The group I mentioned before is moving ahead with their website. They have a member who has created a 3-page information site. They have a regular hosting account (not WestHost) with features such as cPanel, and FTP access.
They asked me some questions, which they say their group will be asking them, and wanted to know my answers, so they will be ready when the questions are asked.
Here is a list of ten questions, and my answers. Please look at them to see if I would be giving any incomplete or incorrect responses.
--
Q. How will we know if our site security has been compromised and that someone has hijacked our site?
A. Look at the pages. Are they defaced? Do the links lead to porn or gambling sites instead of where they should go? Are there any extra links or pages you did not write?
Q. What do we do if that happens?
A. Change the password (contact the host if the hijacker has already changed it) and restore backups.
Q. Is it possible that the web author could have a virus on her own computer, and accidentally load that virus on one of their pages so that, when someone else visits the pagre, they get the virus?
A. Theoretically possible, but viruses can't really be hidden in plain html pages the web author may upload from her computer.
Q. Same question for if the site is hijacked.
A. I guess it is possible for a hijacker to upload such content if the site were hijacked.
Q. How do we know if that has happened?
A. When you check your site, and view the infected page, the AV program on your computer shold alert you.
Q. Can the pages on the server be scanned on the server, the way we scan our hard drives?
A. It would be more appropriate to FTP them down to your own hard drive and scan them there, if you are concerned about that.
Q. Don't the people that own the server where we are hosted have anti-virus programs for their servers?
A. Probably, but only for the software that runs the server, which just delivers files to the viewer. That's all it does. I'm not sure that answers your question.
Q. If email addresses are set up under our domain name, is it possible for a member to get a virus by someone sending him or her an email?
A. Yes, just as it is possible with any email.
Q. And then he or she could pass that virus on to others?
A. Yes, just like any email system.
Q. But hotmail checks for viruses, will our site do that?
A. No, but, since you are going to be forwarding any emails received, rather than giving webmail access, if someone is fearful of that, they can set up a hotmail account to have their email forwarded to.
--
The group I mentioned before is moving ahead with their website. They have a member who has created a 3-page information site. They have a regular hosting account (not WestHost) with features such as cPanel, and FTP access.
They asked me some questions, which they say their group will be asking them, and wanted to know my answers, so they will be ready when the questions are asked.
Here is a list of ten questions, and my answers. Please look at them to see if I would be giving any incomplete or incorrect responses.
--
Q. How will we know if our site security has been compromised and that someone has hijacked our site?
A. Look at the pages. Are they defaced? Do the links lead to porn or gambling sites instead of where they should go? Are there any extra links or pages you did not write?
Q. What do we do if that happens?
A. Change the password (contact the host if the hijacker has already changed it) and restore backups.
Q. Is it possible that the web author could have a virus on her own computer, and accidentally load that virus on one of their pages so that, when someone else visits the pagre, they get the virus?
A. Theoretically possible, but viruses can't really be hidden in plain html pages the web author may upload from her computer.
Q. Same question for if the site is hijacked.
A. I guess it is possible for a hijacker to upload such content if the site were hijacked.
Q. How do we know if that has happened?
A. When you check your site, and view the infected page, the AV program on your computer shold alert you.
Q. Can the pages on the server be scanned on the server, the way we scan our hard drives?
A. It would be more appropriate to FTP them down to your own hard drive and scan them there, if you are concerned about that.
Q. Don't the people that own the server where we are hosted have anti-virus programs for their servers?
A. Probably, but only for the software that runs the server, which just delivers files to the viewer. That's all it does. I'm not sure that answers your question.
Q. If email addresses are set up under our domain name, is it possible for a member to get a virus by someone sending him or her an email?
A. Yes, just as it is possible with any email.
Q. And then he or she could pass that virus on to others?
A. Yes, just like any email system.
Q. But hotmail checks for viruses, will our site do that?
A. No, but, since you are going to be forwarding any emails received, rather than giving webmail access, if someone is fearful of that, they can set up a hotmail account to have their email forwarded to.
--