Simple Sentinel and Overwatch-Enterprise Security as Standard

The world’s most secure cloud,dedicated and shared hosting platform free to all customers

Multiple layers of hacker protection insulate your company’s valuable data and reputation from harmful malice and cybercrime. Security features like web application protection and virtual private networks with SSL allow intended traffic in and keep unwanted traffic out of your Simple Server hosting solution

Simple Sentinel

sent-small
A Stateful Packet Inspection (SPI) firewall, Login/Intrusion Detection and Security application.

Overwatch Malware Hunter Killer

overwatch-smallReduce down time with Simple Overwatch automated daily malware scans.
Our Daily scanning is a solution developed to intelligently crawl and identify infections across any platform. The scanner leverages internal definitions that are refined daily, external sources, and intelligence to identify both potentially harmful signatures and anomalies that may not be known.

Simple Sentinel

  • Straight-forward SPI iptables firewall script
  • Daemon process that checks for login authentication failures for:
  • Courier imap, Dovecot, uw-imap, Kerio
  • openSSH
  • cPanel, WHM, Webmail (cPanel servers only)
  • Pure-ftpd, vsftpd, Proftpd
  • Password protected web pages (htpasswd)
  • Mod_security failures (v1 and v2)
  • Suhosin failures
  • Exim SMTP AUTH
  • Custom login failures with separate log file and regular expression matching

  • POP3/IMAP login tracking to enforce logins per hour
  • SSH login notification
  • SU login notification
  • Excessive connection blocking
  • Easy upgrade between versions from within cPanel/WHM, DirectAdmin or Webmin
  • Easy upgrade between versions from shell
  • Pre-configured to work on a cPanel server with all the standard cPanel ports open
  • Pre-configured to work on a DirectAdmin server with all the standard DirectAdmin ports open
  • Auto-configures the SSH port if it’s non-standard on installation
  • Block traffic on unused server IP addresses – helps reduce the risk to your server
  • Alert when end-user scripts sending excessive emails per hour – for identifying spamming scripts
  • Suspicious process reporting – reports potential exploits running on the server
  • Excessive user processes reporting
  • Excessive user process usage reporting and optional termination
  • Suspicious file reporting – reports potential exploit files in /tmp and similar directories
  • Directory and file watching – reports if a watched directory or a file changes
  • Block traffic on the DShield Block List and the Spamhaus DROP List
  • BOGON packet protection
  • Pre-configured settings for Low, Medium or High firewall security (cPanel servers only)
  • Works with multiple ethernet devices
  • Server Security Check – Performs a basic security and settings check on the server (via cPanel/DirectAdmin/Webmin UI)
  • Allow Dynamic DNS IP addresses – always allow your IP address even if it changes whenever you connect to the internet
  • Alert sent if server load average remains high for a specified length of time
  • mod_security log reporting (if installed)
  • Email relay tracking – tracks all email sent through the server and issues alerts for excessive usage (cPanel servers only)
  • IDS (Intrusion Detection System) – the last line of detection alerts you to changes to system and application binaries
  • SYN Flood protection
  • Ping of death protection
  • Port Scan tracking and blocking
  • Permanent and Temporary (with TTL) IP blocking
  • Exploit checks
  • Account modification tracking – sends alerts if an account entry is modified, e.g. if the password is changed or the login shell
  • Shared syslog aware
  • Messenger Service – Allows you to redirect connection requests from blocked IP addresses to preconfigured text and html pages to inform the visitor that they have been blocked in the firewall. This can be particularly useful for those with a large user base and help process support requests more efficiently
  • Country Code blocking – Allows you to deny or allow access by ISO Country Code
  • Port Flooding Detection – Per IP, per Port connection flooding detection and mitigation to help block DOS attacks
  • WHM root access notification (cPanel servers only)
  • Distributed Login Failure Attack detection
  • New in v5: Temporary IP allows (with TTL)
  • IPv6 Support with ip6tables
Overwatch Hunter Killer

Daily Scanning

This leverages our scanning service to identify all types of malware, SPAM injections, website errors, disabled sites, database connection issues and code anomalies that require special attention.

Overwatch is highly sophisticated and designed to identify a number of different malware types. They include:

  • Obfuscated JavaScript injections
  • Cross Site Scripting (XSS)
  • Website Defacements
  • Hidden & Malicious iFrames
  • PHP Mailers
  • Phishing Attempts
  • Malicious Redirects
  • Backdoors (e.g., C99, R57, Webshells)
  • Anomalies
  • Drive-by-Downloads
  • IP Cloaking
  • Social Engineering Attacks

Our monitoring services comprises:

Blacklisting

This option is also set by default for all users. We recommend that it is left active. There are a number of blacklisting authorities that monitor for malware, SPAM, and phishing attempts.

  • Google Safe Browsing
  • Norton
  • AVG
  • Phish Tank (Phishing Specifically)
  • McAfee SiteAdvisor

Blackisting removal is free of charge after infection has been removed

WHOIS

Whois is an internet directory that provides information on who owns a domain. It is regulated and monitored by the Internet Corporation for Assigned Names and Numbers (ICANN) which is responsible for registration of all domains. This record contains information about the Registrant (the person who owns the domain), the Registrar (the entity that registered the domain), the dates, nameservers and other similar, and important, information.

Domain Name System (DNS)

DNS is a protocol used by all computers to intelligently communicate with each other, it’s part of the TCP/IP protocol suite. Its specific function is to turn a website’s name (somesite.com, for example) into an internet protocol (IP) address like 123.45.567.891. The name provided by DNS is what we use as humans to read the site name, the IP is what the computers use to communicate.

This monitoring option will monitor the IP address and associated DNS information of your domain for any changes. It’s rare for it to change, but if it does we will notify you.

SSL Certification

If you are using Secure Socket Layer (SSL), a secure protocol to transmit over HTTP securely, you are most likely using a SSL certificate. The SSL certificate is returned to a visitor of your site upon HTTPS request. This certificate often contains your site information and, in some instances, company information.

If using a SSL certificate this option allows you to ensure it doesn’t change unexpectedly, if it does a notification will be sent.

Website Change

This service creates a snapshot of your site and if a change is made you will be notified. Changes that this service track include:

  • New Posts
  • New Pages
  • Content Changes
  • Social Media Changes (Tweets, Likes, etc..)
  • Threaded Messages / Comments

Site Change is not suitable for busy dynamic sites as alerts levels will be high

Server-side Scanning

It’s designed to look for all malware types and includes a more robust detection mechanism for backdoors. The feature was designed to compliment existing scanning capabilities, improving accuracy and site reputations.

Malware Removal

All malware is removed form server within 24 hours of detection. This is a manual process and carried out by our security team.

How much is Overwatch?

Overwatch is free of charge to all dedicated server customers from Sept 2012

client-logos

Magento Hosting Back to Top

2014 © SimpleServers Ltd | Vat No. 974629277 | Company No. 06813119 Terms and Conditions

Cloud Computing: Compute, SAN, CDN
Google+