SitePoint Sponsor

User Tag List

Results 1 to 10 of 10

Thread: Website hacked

  1. #1
    SitePoint Guru phantom007's Avatar
    Join Date
    May 2008
    Posts
    752
    Mentioned
    3 Post(s)
    Tagged
    0 Thread(s)

    Question Website hacked

    Hi

    One of my friend's website has been hacked. He runs his website on a linux server.

    The hacker has managed to overwrite his index.html file only, leaving other files intact. His password consist of 25 characters with alphanumeric and symbols so its not possible to crack his password hypothetically. Even though it was, the hacker would have deleted all his files or could have done more damage to his account.

    So, I was wondering if anyone of you have any idea on:

    1) How did the hacker replace the index file without knowing the password?

    2) What measures can my friend take so that this does not happen in future?


    Many thanks in advance.


    Screenshot:
    http://img405.imageshack.us/img405/1...sitehacked.jpg

  2. #2
    From space with love silver trophy
    SpacePhoenix's Avatar
    Join Date
    May 2007
    Location
    Poole, UK
    Posts
    5,072
    Mentioned
    103 Post(s)
    Tagged
    0 Thread(s)
    What apps are installed on the server and is each app up to date with whatever version is the current stable version for each app?
    Community Team Advisor
    Forum Guidelines: Posting FAQ Signatures FAQ Self Promotion FAQ
    Help the Mods: What's Fluff? Report Fluff/Spam to a Moderator

  3. #3
    SitePoint Guru phantom007's Avatar
    Join Date
    May 2008
    Posts
    752
    Mentioned
    3 Post(s)
    Tagged
    0 Thread(s)
    Yes they are all up-to-date

  4. #4
    Community Advisor silver trophy

    Join Date
    Nov 2006
    Location
    UK
    Posts
    2,559
    Mentioned
    40 Post(s)
    Tagged
    1 Thread(s)
    This sort of attack has been discussed many times before on this forum, so I'll not reiterate possible causes and cures, but would mention that ftp is nowadays a common point of entry via gumblar variant viruses/trojans - brute forcing isn't a factor

  5. #5
    SitePoint Wizard silver trophy Crazybanana's Avatar
    Join Date
    Mar 2003
    Location
    In tha fruit cellar
    Posts
    1,379
    Mentioned
    32 Post(s)
    Tagged
    1 Thread(s)
    Looks like the site is using the good 'ol Frontpage Server Extension as i have seen tons of similar defacements from these guys on these types of sites/servers. if this is the case, you people are begging for a deface...
    Who's to doom when the judge himself is dragged before the bar


  6. #6
    Headed Home! KM Richards's Avatar
    Join Date
    Feb 2007
    Location
    I'm right Here!
    Posts
    707
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    Quote Originally Posted by EastCoast View Post
    ftp is nowadays a common point of entry via gumblar variant viruses/trojans
    What's the most secure FTP to help combat this?

  7. #7
    secure webapps for all Aleksejs's Avatar
    Join Date
    Apr 2008
    Location
    Riga, Latvia
    Posts
    755
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    You should use SCP/SFTP. FTPS is an option too, but due to the nature of FTP protocol it is difficult to set up (at least in active mode), that is why scp/sftp is more commonly used.

  8. #8
    Headed Home! KM Richards's Avatar
    Join Date
    Feb 2007
    Location
    I'm right Here!
    Posts
    707
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    What if you just got a VPN router?

    Would that help make things more secure?

  9. #9
    secure webapps for all Aleksejs's Avatar
    Join Date
    Apr 2008
    Location
    Riga, Latvia
    Posts
    755
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    It depends. If you can VPN to server, then you do not really need VPN router for that. VPN router is more usefull if you must have permanent secure connection to remote server for it to be acessible just like any computer on LAN not only through FTP but possibly Xwindows, RPC etc.
    Traffic from your computer to VPN router still would be unencrypted - so anyone in your subnet could potentially eavesdrop. Only the portion between VPN routers (or router and server - that really depends on type of VPN you are going to use) would be protected.

  10. #10
    Headed Home! KM Richards's Avatar
    Join Date
    Feb 2007
    Location
    I'm right Here!
    Posts
    707
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    Quote Originally Posted by Aleksejs View Post
    Traffic from your computer to VPN router still would be unencrypted
    My computer is about 3 feet from my VPN router so if I see anybody in my office trying to hack the connection...I'll shoot 'em

    I'm in Texas, so this would be perfectly legal...


Bookmarks

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •