Postmortem Countermeasures

The techniques demonstrated in this chapter can be lethal to a Web site, providing one-stroke, instant administrative access to it. But without an elite hacker finding and creating the exploit, these attacks are rare and difficult to discover.

The difficult part comes when suggesting countermeasures for these attacks, because the problem resides in commercial software (which, for the most part, is out of your direct control). Of course, the best countermeasure is staying current with regard to patches and updates from vendors such as Microsoft and Apache. But even if you keep up with the onslaught of patches and fixes throughout the year it still wouldn't prevent all attacks. One of the only ways to truly protect the Web servers you support is to install some form of intrusion prevention software, such as Entercept (http://www.entercept.com), on your critical servers.