MadPPC

There’s been more and more reports of peoples servers getting jacked from things like mal-ware ganking your FTP user-names and passwords.  I can’t find the original article that I read about the subject, but regardless, you should take precautions to keep yourself safe.  Or you’ll end up in one of these headlines: Trojan plunders $480k from online bank account.  Another article just surfaced: Thousands of sites loaded with potent malware cocktail.

Chances are the system your working on right now is not safe.  Chances are it’s crawling with some sort of mal-ware (especially if your a Windows user).  Chances are your at major risk of suffering the same fate, having your credentials stolen and your servers breached (not to mention all the other nasty things that could happen, see articles above).

So what should you do?  Simple.  Create a ‘clean box’.  I literally just coined the term under the thought of what a ‘clean room’ is like.

Now the clean box in itself is abstract, because it’s really up to the end user how they want to set it up.  What your doing is basically sandboxing the things that could cause your system to be compromised.  Here’s the jist of it:

Note:  These directions are assuming your only use one computer.  If you are going to use two or more computers the overall is the same, but instead of partitions think of it as different hard drives on different computers.

Setup two partitions on your hard drive.

Use one partitions for all your normal use:  watching porn, downloading warez, playing games, what ever.  Never login to any kind of sensitive website or service where the data obtained from the source could hurt your business or whatnot.  Such examples would be: your own servers, online banking, business email, etc…

Install an OS on the other partition, and get it up to date, download some virtual machine software, like Virtual Box (it’s free!).  With software like Virtual Box, you can install a virtual OS and run it right from your desktop.  Even better you can create different snapshots of the OS at any point and time.  So after you install an OS in Virtual Box, and get it up to date, you can snap shot it at a clean state.

I would personally create two images, one for use in surfing known safe sites, email, and whatnot.  The other I would create for the sole purpose of uploading and managing servers.  Once finished with your session you don’t have to save it and you can just keep loading from the clean snapshots.

In closing, in an industry so reliant on the internet we all know there pitfalls out there.  Exploits will not ever go away, and they will continued to be developed.  Until software can sandbox itself (ie have no access to the rest of the computer) than you have to do it yourself.  The question is, are you going to take the precautions or are you simple going to stand by, and when it happens to you, kick yourself in the ass?