SitePoint Sponsor

User Tag List

Results 1 to 7 of 7

Hybrid View

  1. #1
    SitePoint Enthusiast
    Join Date
    Dec 2010
    Posts
    69
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)

    My Database is behing hacked by someone again and again.

    Hi Forum,

    Hope you are fine....

    Here's someone hacking my database whenever I run my website...and removed all the data from database. I tried changing passwords, uploading data again and again....bt that hacker is attempting continiously...

    Now I am really fed up....and hoping that here's someone who can help me out as how can I save my website...

    Any help would be highly appreciated!!..

    Kind Regards,
    Danish'

  2. #2
    SitePoint Evangelist
    Join Date
    Jun 2007
    Location
    North Yorkshire, UK
    Posts
    483
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    I would look at three things

    1. Ensure you are not deleting the data yourself. A badly formed Sql statement can be a dangerous thing.

    2. Ensure that all data that comes in does not go directly into a sql statement without being quoted. Form data such as id=1 might come in by a malicious user as id=1;Delete * from user; - if you do not quote the id the delete will be action. Also filter out null characters from any data as well.

    3. Investigate what access they is to the database and tie it down to as few users as possible.

    And also

    monitor activity, sql statements and run a regular job to check the existence of data so that you have a time frame to lot at the log.

  3. #3
    SitePoint Enthusiast
    Join Date
    Dec 2010
    Posts
    69
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    Thanks PhilipToop for you informative answer.

    I checked the log, and sequal server agent is already disabled, so there's no chance to make a job to delete data via agent.

    We are using ASP.net application on sql server, I checked the data log file there are more then 1 lack hacking attempts from different IP's trying to log in to my database.

    Which make me sure that there's someone, tyring to access my database directly, so If there's a way I can block there attampts to secure my data or create a maximum 3 attempts and after that server will blocked the IP/s...

    Thanks for you help..

  4. #4
    SitePoint Evangelist
    Join Date
    Jun 2007
    Location
    North Yorkshire, UK
    Posts
    483
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    Are you saying that you have SQL server running on a machine that is available to the internet?

    and

    That the database is being directly attacked?

    SQL server tends to listen for connections on port 1433. If this is the case can you put a firewall block on this port number.

    Also within sqlserver you can change the permission on the database.

    Not sure I understand "sequal server agent is disabled". To what are you referring?

  5. #5
    SitePoint Enthusiast
    Join Date
    Dec 2010
    Posts
    69
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    Are you saying that you have SQL server running on a machine that is available to the internet?

    and

    That the database is being directly attacked?

    Yes this is...I hired a hosting company.

    SQL server tends to listen for connections on port 1433. If this is the case can you put a firewall block on this port number.

    This is Good Idea, I'll try this and write down the result soon.

    Also within sqlserver you can change the permission on the database.

    Yes, I've just changed, these permission, just watching if it work..

    Not sure I understand "sequal server agent is disabled". To what are you referring?

    sequal server agent = sql server agent (which takes the jobs of deleting data, taking backups after a perticular time.)

    I'll keep posting if problem presist, Thanks a ton Philip!! for your help!!

  6. #6
    Non-Member
    Join Date
    Apr 2010
    Posts
    298
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    I think it is time to contact your host about updating the database software or at least investigating. That is what I would've done to start.

  7. #7
    SitePoint Enthusiast zelthost's Avatar
    Join Date
    Dec 2009
    Location
    USA
    Posts
    37
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    I faced this problem. Maybe your cPanel and db pass was same. Take different pass.


Bookmarks

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •