FWIW, we've found Rackshack (www.rackshack.net
has some of the best
prices around. They offer a whopping 400 Gig per
month (equals ~1Mbig sustained) + a dedicated 1U server at $99/month after
you pay the setup fee.
Their support has been decent (I say only decent,
since it typically takes them a half day to get
back to an issue) but they've always dealt with
issues well, and never ignored any. Their uptime
has been 100% as far as we can tell for over
a year now.
When you figure the cost of the hardware, these guys are essentially giving away the bandwidth,
which sort of makes sense given that they appear
to be buying it at $1000 per 100 Megabit from
Cogent.
While true that automated checks don't constitute a complete pen, complete pen tests
are expensive, while automated checks are quite
cost effective. I'd much rather see someone
run at least a good automated audit of their
site than no audit at all.
What's sad: Every day we (www.securityspace.com) have examples of customers that KNOW they have high risk security
vulnerabilities (holes that would get their box rooted according to Nessus), and don't even
bother to pay $50 for an automated audit.
It's this type of
"the net is so big, and I really won't be hit
by a break-in" mentality that will
move the major banks/credit card companies to introduce security requirements of their on-line merchants (the way I believe Visa will be forcing
firewalls as a requirement)
force government legislation on security policies and practices (I believe Spain is already moving there on this)
I'd almost say site operators are getting what
they deserve when they are broken into, except
for the fact that it is the visitor of the site
these days that ends up paying for it...
Slashdot Mirror
Their support has been decent (I say only decent, since it typically takes them a half day to get back to an issue) but they've always dealt with issues well, and never ignored any. Their uptime has been 100% as far as we can tell for over a year now.
When you figure the cost of the hardware, these guys are essentially giving away the bandwidth, which sort of makes sense given that they appear to be buying it at $1000 per 100 Megabit from Cogent.
What's sad: Every day we (www.securityspace.com) have examples of customers that KNOW they have high risk security vulnerabilities (holes that would get their box rooted according to Nessus), and don't even bother to pay $50 for an automated audit. It's this type of "the net is so big, and I really won't be hit by a break-in" mentality that will
I'd almost say site operators are getting what they deserve when they are broken into, except for the fact that it is the visitor of the site these days that ends up paying for it...