The Community Forums

Interact with an entire community of cPanel & WHM users!
  1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

Hacker Safe and cPanel?

Discussion in 'Security' started by lostmind, Jul 15, 2008.

  1. lostmind

    lostmind Member
    PartnerNOC

    Joined:
    May 4, 2006
    Messages:
    11
    Likes Received:
    0
    Trophy Points:
    1
    Location:
    Vancouver, BC
    cPanel Access Level:
    DataCenter Provider
    Anyone use Hacker Safe with cPanel?

    How are you finding the experience?

    Any tips/info you could share would be appreciated?

    Thanks!
     
  2. jpetersen

    jpetersen Well-Known Member

    Joined:
    Dec 31, 2006
    Messages:
    113
    Likes Received:
    4
    Trophy Points:
    18
    Yeah sure.

    1. A few months or so ago our network and service monitor reported that cPanel had stopped running on a server. An investigation immediately showed that it was caused by their scanning.

    2. They also blatantly lie to people about the results that their scans produce, claiming things that aren't even just not true, but are total, complete fabrications of someone's imagination run completely amok ("I know your username, I can monitor you with hping!").

    3. Half of their checks are for Windows based hosts, which is pointless considering cPanel for Windows doesn't exist on production servers (yet).

    4. Furthermore, their scans aren't even close to an indication of anything being "hacker safe", as they're only doing an external vulnerability assessment.

    5. Finally, they don't understand that some vendors backport patches. This is an issue when their scans find "software version x", which they will state, very matter of factly, is vulnerable when in reality it may not be at all. Good luck trying to explain this to them.

    In conclusion, HackerSafe/ScanAlert is snake oil in terms of security. In terms of helping you generate more revenue because you have a completely misleading "hacker safe" logo on your website? That's debatable. I say make your own logo and call it a day. Potential customers viewing your website aren't going to know the difference. If you want a vulnerability assessment, hire qualified individuals who understand the scanner they are using and the results it produces to do it instead.
     
  3. lostmind

    lostmind Member
    PartnerNOC

    Joined:
    May 4, 2006
    Messages:
    11
    Likes Received:
    0
    Trophy Points:
    1
    Location:
    Vancouver, BC
    cPanel Access Level:
    DataCenter Provider
    Ahhh, yes.

    I am aware that they basically use a nessus scan... and that it is no where near making your website "hackersafe" :)

    But I have clients who are using hackersafe and I've found it to be a real pain. The backporting of patches is a pain. They are finding vulnerabilities such as cpanel's own ssl is allowing sslv2 and low ciphers... I've modified apache to remove this but hackersafe is still complaining.

    All in all, my clients claim hackersafe is very good for their business. I, however, am finding it a royal pain in the ass to manually modify the dozen or so servers that have hackersafe clients on them. I was really hoping to see that there was a way to make cpanel pci-compliant so my techs don't have to waste hours and hours of time manually modifying machines. ugh.

    I do appreciate your post however. I think you and I are of the same opinion. of their service. However I trying to find a way to live with them...
     
  4. handsonhosting

    handsonhosting Well-Known Member

    Joined:
    Feb 17, 2002
    Messages:
    151
    Likes Received:
    0
    Trophy Points:
    16
    Location:
    Omaha, NE
    cPanel Access Level:
    Root Administrator
    Mixed results on my end. We've used ScanAlert for the past 4 years on our servers and many of our clients use their service (along with ControlScan, HackerProof etc etc). The warnings are a pain, but they do give a heads up to potential issues. Getting the same warning on 100 different servers REALLY sucks, but that's the way it goes. Clients then opening tickets saying they're not complaint and we have 48 hours to fix or they lose their little logo sure brings a damper to the day.

    My own opinion is that Hackersafe is great advertising for those that want it. Personally, I don't use it on my own sites, or on our webhosting site. I've never found the money spent offered enough conversion.

    Since June of 2007 we have been trying to contact ScanAlert to cancel the serviceon all our servers as we were paying for servers and then clients would get the seal at a reduced rate. No resolutions to our queries of wanting invoices for the domains etc - so we stopped paying. We still never get a response (and we submit each month to their system). When McAfee took over we were hoping for a change, but still nothing. So that's where that stands.

    Does it help? Not really. Since we block ports for excessive failures, ScanAlert would deny the seals to our customers as they were unable to access the system to verify that we were "safe". So we have to ALLOW their IP in our firewalls to excessivly try to hack our servers in order to prove that the ports are secure. Sounds a little backwards doesn't it? We have to make the system INSECURE so we can prove we're SECURE!

    So there ya have it. Not a satisfied customer, but many of our clients use their service and love it.
     
Loading...

Share This Page