Recently i have 2 security incidents caused by outdated software used by our customers (shared server).
In both cases an outdated joomla installation permit code execution and my server was been used to try brute-force attacks to others servers wordpress.
Something like this: Detecting Wordpress Outbound Bruteforce attack - NixTree
My question is how is possible to prevent and detect this. What is the best way to deal with this because i can’t force all customers to have updated software and i believe that exist a way to sniff periodicly the traffic or check the outgoing traffic, etc…
I’m looking for some security tool for that. Some ideas?
Thanks for advice,