I Need Info
Page 1 of 2 12 LastLast
Results 1 to 10 of 11

Thread: I Need Info

  1. #1
    Junior Member
    Join Date
    Jun 2002
    Posts
    3

    I Need Info

    my web site got hacked sometime today and the person like defaced it! I am changing it back..but how can i prevent someone from doing this...or how did they even get my password? This makes me mad1

  2. #2
    Auto-Banned
    Join Date
    May 2002
    Posts
    26
    Heh, nice try on the social engineering ... no one will tell you how, and anyways, if u hate the hacker who screwed ur site, y would u want to know how to too??

  3. #3
    Auto-Banned
    Join Date
    May 2002
    Posts
    26
    Maybe this did happen, but plz answer y ur even asking how ?

  4. #4
    str34m3r
    Guest
    Well, you didn't give enough info for us to go on, but you also have to consider the possibility that they didn't get your password at all. Perhaps they overflowed a buffer, or used a vulnerable cgi script. Without more info, it's gonna be tough for us to answer your questions.

  5. #5
    Junior Member
    Join Date
    Jun 2002
    Posts
    3
    i asked how because i want to know how i can prevent

    how can i prevent them from gettin my password?

  6. #6
    Auto-Banned
    Join Date
    May 2002
    Posts
    26
    k ... then dont talk about HOW they did ... like i just learned, this is a security site ....

  7. #7
    Webius Designerous Indiginous
    Join Date
    Mar 2002
    Location
    South Florida
    Posts
    1,123
    sloppyjoe, You would need to provide more info on what happened. Do you run your own server or is it an account on another server. Any other info would be helpful.

  8. #8
    Senior Member cwk9's Avatar
    Join Date
    Feb 2002
    Posts
    1,211
    Making sure you keep your web sever all patched up would be a good start. Lots of web page defacements are done using old exploits on unpatched servers. Then thereís the issue of what services your running and what ports are open. But like str34m3r said youíre not giving us much to work with.

    How about telling us a few things about your web site. Is it even on your server? Or is it on Geocities or some other hosting service. If its hosted on a well known service with a good security record then the chances are that some on hacked into your personal computer and stole the password from there.

    A few helpful tidbits of information would be
    What os youíre running
    What are you using to display the web page apache/ISS ..ect
    What ports are open?
    What services your running?
    Its not software piracy. Iím just making multiple off site backups.

  9. #9
    Junior Member
    Join Date
    Jun 2002
    Posts
    3
    the domain im using is angelfire

  10. #10
    str34m3r
    Guest
    Ah, then it would be simple for someone on the same network as you or between you and the server to sniff your password as it goes by on the wire. The only real way to avoid having your password sniffed is to use some sort of encrypted means of authentication. For file transfer, there's sftp, though I doubt angelfire supports it. There may also be some way to upload files over HTTPS, which is probably more likely supported.

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •