Case study

I was helping a friend with his web hosting software.  Some things needed tweaking.  There were some issues with a couple of email addresses.  So we have a lot of experience trouble-shooting mail servers and web servers.  We found some really technical configuration things that got the problems cleared up.  But what we stumbled upon that we weren’t looking for is what was interesting.

Our friend pays for technical support and service from his hosting provider.  They help him with a support desk when he has technical and configuration issues.  They didn’t seem to be getting the job done with this one- at least not quickly enough.  This is why he called us.  What we found that was discouraging was the way this “out of the box” service was configured.  A lot of things, that were secured with good passwords and 2-factor authentication, didn’t need to be open to the Internet at all!  There’s no reason to have an email server being hacked on all day long, even if they’re not going to get in, when the email service isn’t being used.

What might be lurking on your network that someone is trying to get to?