Automated Trading Nightmare : Why Your VPS Could get Hacked and How to Avoid it
I have said several times that anyone interested in doing serious automated trading should think about getting a Virtual Private Server (VPS). It is absolutely true that a VPS is more reliable than a home server (several reasons are outlined in other articles) but it is also very true that a VPS is not infallible and failure to adequately care and configure one of these servers can bring you substantial problems. Generally people tend to have a very relaxed attitude towards VPS use and security and this in some cases turns out to be fatal as hackers take advantage of this and hack your VPS. I have to tell you that I have seen this happen and it is anything but fun to watch. On today's post I want to talk about VPS security, what happens when your VPS is hacked, how to detect hackers and how to configure your VPS so that it is a truly reliable and secure trading machine. Although following these guidelines will not make your server 100% hacker proof (no computer really is) you will make it a LOT tougher for any hacker to access your system.
Can a VPS get hacked ? Yes, I have seen it happen. One day a friend asked me to check his VPS because he couldn't get access to it. His password had been changed and we had to ask the VPS provider to issue a new one. Up until this point we though that the provider had reset the password due to some maintenance, etc so we didn't take it too seriously. Then - a few days later - the same thing happened again and this time we couldn't even connect to the VPS to input the password. Of course, my friend wrote an angry email to his provider asking them about their reliability, etc. After we got the password, I decided to check the VPS in a deeper fashion and - oh surprise - I found several scripts uploaded, IRC bots and at least 5 other users with administrator privileges had been created. Upon checking who was logged into the VPS I saw some unknown people using the server. My friend's VPS had been hacked and his resources were being used by other people with obviously malicious intent.
-
-
On top of that, since the hacker had access to all the programs he/she decided to checkout his Metatrader platform and he fiddled around with it, placing a few trades, closing other ones and changing the settings for one of his expert advisors. Luckily for my friend, the hacker seemed to point to the right direction and in the end all the positions were actually profitable. However it is obvious here that things could have gone pretty wrong and a 5K USD account he was running could have been wiped in the blink of an eye with a hacker messing around with his stuff.
What did my friend do wrong to deserve this? Actually he didn't do anything and that is precisely what attracted these hackers to his VPS. You see, when a VPS provider sets up your account your VPS is vulnerable to attacks because it has some "factory defaults" the hacker knows about. For example, the hacker knows that there is a default administrator user name, he knows the remote desktop ports and he also knows what default software and security configuration your VPS came out with. On top of that, if you run your VPS as an administrator (which is the default user created) you run a higher risk since any take over will give the hacker very high privileges over your server, allowing him/her to modify the system as he/she desires.
What can you do to stop this ? The easiest way to avoid most attacks is simply to change your server configuration to something that is none standard, this in turn will eliminate all hackers who are just targeting the "easy preys" that do not strengthen their security. Think about it this way; if a thief was looking to steal some money, would he/she rather take the bill hanging from the old man's pocket or the bill within the bank's safety vault ? Both of them can be stolen but most thieves will pick the first one without second thought.
What you need to do here is actually not that complicated. First, create a custom administrator user and disable the default, then create a regular user with non-administrative privileges. The first user is the one you will use to install software while the second one is the one your MT4 platforms will run of. You will keep a regular user logged in while there will never be an active admin unless you are doing something that can only be done as an administrator. Then you want to change your remote desktop port to a random value (not the default 3389) so that most hackers will simply not know that you have this service enabled, this is something that will make random attacks disappear almost completely.
It may sound a little bit paranoid but - truth be told - these are just some simple steps to prevent someone from accessing your account, messing with your trading stations and using your server for malicious purposes. Of course, it won't make your server hacker-proof but it will ensure that the vast majority of attacks will stay away from your VPS. Next week I will be doing a video on Asirikuy explaining people how to adequately make these configuration changes on their VPS so that they can run their systems with some sound security standards. If you think "this won't happen to me", I ask you : do you really want to take that chance ?
If you would like to read more about my journey in automated trading and how you too can start to design and build your own likely long term profitable systems to run on a VPS please consider buying my ebook on automated trading or joining Asirikuy to receive all ebook purchase benefits, weekly updates, check the live accounts I am running with several expert advisors and get in the road towards long term success in the forex market using automated trading systems. I hope you enjoyed the article !
-
-
On top of that, since the hacker had access to all the programs he/she decided to checkout his Metatrader platform and he fiddled around with it, placing a few trades, closing other ones and changing the settings for one of his expert advisors. Luckily for my friend, the hacker seemed to point to the right direction and in the end all the positions were actually profitable. However it is obvious here that things could have gone pretty wrong and a 5K USD account he was running could have been wiped in the blink of an eye with a hacker messing around with his stuff.
What did my friend do wrong to deserve this? Actually he didn't do anything and that is precisely what attracted these hackers to his VPS. You see, when a VPS provider sets up your account your VPS is vulnerable to attacks because it has some "factory defaults" the hacker knows about. For example, the hacker knows that there is a default administrator user name, he knows the remote desktop ports and he also knows what default software and security configuration your VPS came out with. On top of that, if you run your VPS as an administrator (which is the default user created) you run a higher risk since any take over will give the hacker very high privileges over your server, allowing him/her to modify the system as he/she desires.
What can you do to stop this ? The easiest way to avoid most attacks is simply to change your server configuration to something that is none standard, this in turn will eliminate all hackers who are just targeting the "easy preys" that do not strengthen their security. Think about it this way; if a thief was looking to steal some money, would he/she rather take the bill hanging from the old man's pocket or the bill within the bank's safety vault ? Both of them can be stolen but most thieves will pick the first one without second thought.
What you need to do here is actually not that complicated. First, create a custom administrator user and disable the default, then create a regular user with non-administrative privileges. The first user is the one you will use to install software while the second one is the one your MT4 platforms will run of. You will keep a regular user logged in while there will never be an active admin unless you are doing something that can only be done as an administrator. Then you want to change your remote desktop port to a random value (not the default 3389) so that most hackers will simply not know that you have this service enabled, this is something that will make random attacks disappear almost completely.
It may sound a little bit paranoid but - truth be told - these are just some simple steps to prevent someone from accessing your account, messing with your trading stations and using your server for malicious purposes. Of course, it won't make your server hacker-proof but it will ensure that the vast majority of attacks will stay away from your VPS. Next week I will be doing a video on Asirikuy explaining people how to adequately make these configuration changes on their VPS so that they can run their systems with some sound security standards. If you think "this won't happen to me", I ask you : do you really want to take that chance ?
If you would like to read more about my journey in automated trading and how you too can start to design and build your own likely long term profitable systems to run on a VPS please consider buying my ebook on automated trading or joining Asirikuy to receive all ebook purchase benefits, weekly updates, check the live accounts I am running with several expert advisors and get in the road towards long term success in the forex market using automated trading systems. I hope you enjoyed the article !
Comments
Post a Comment