Disaster Recovery Planning for Websites: Resources

Current Technical Vulnerabilities

  • Zone H Defacements Archive
    Website defacements don't make news any more unless a major site is inolved. This site offers a league table of defaced sites. If you've been hacked, you're definitely not alone...
  • Phishing Attacks
    If you hold sensitive information on your site users, this is a risk you should be concerned about.
  • Recent Alert Page
    A sampling of recent security alerts from SecurityTracker etc...
  • Internet Storm Center
    Live information on current attacks, including trends and pretty graphics.
  • SecurityTracker
    Information on the latest vulnerability alerts.
  • SANS Top 20 Vulnerability List
    20 major vulnerabilities.
  • Viruses and Worms
    Even if they aren't a direct threat to your website, they are to your developers ...

Email Identity Theft

Just had your email address "borrowed" by someone else? Our Email Identity Theft article may console you as well as offer you some practical advice. Also check out our Email Address Obfuscator if you need to include email addresses on a website.

Image Leeching?

Sometimes other web sites decide to use images from your website as inline content. You can block them, or you can use them as a source of innocent fun. See Sex Sells: A Note on Image Leeching.

Glossary of Terms

Not sure what a term means? Try the Risk and DRP Glossary.

Business Continuity Books

It's nowhere near complete yet, but here's the start of a listing of business continuity books from Amazon here.

Legal Risks

  • Meta Tag Lawsuits
    Think using your competitor's trademarks in your website META tags is a great idea? Read the legal precedents. (Most search engines ignore the META keywords tag anyway).

Crime Prevention & Reporting

  • Internet Fraud Complaint Center
    An FBI-run center where you can complain about internet fraud. Looked like the site was down last time I checked &mdash- perhaps the victim of a denial of service attack?
  • National White Collar Crime Center
    Training for law-enforcement on "white collar" crime, including forensic computer analysis. Apparently you can't commit some crimes unless you are wearing the right type of shirt:-).

Securing Websites

  • WWW Security FAQ
    The basics of securing a website.
  • NSA Security Coniguration Guides
    This is good advice given by the National Security Agency to other US Government agencies. Covers configuration of a wide variety of operating systems and network hardware.
  • Hardening Windows 2000 (PDF)
    A step-by-step guide to what should be switched on or off in a new Windows 2000 installation.
  • IIS Lockdown Tool
    Microsoft's tool to help get IIS's security settings right. (Look for IIS Lockdown tool on this page - the exact URL changes occasionally.)
  • Microsoft Security Toolkit
    Microsoft's guides and tools for securing Windows 2000 and Windows NT4.

Newsletters

Books

See our Suggested Books area.


Albion Research Ltd. is based in Ottawa, Canada. Please contact us for more information about our services.


© Albion Research Ltd. 2010