I Need Info

[sloppyjoe]

my web site got hacked sometime today and the person like defaced it! I am changing it back..but how can i prevent someone from doing this...or how did they even get my password? This makes me mad1

[Dark[Zeus]]

Heh, nice try on the social engineering ... no one will tell you how, and anyways, if u hate the hacker who screwed ur site, y would u want to know how to too??

[Dark[Zeus]]

Maybe this did happen, but plz answer y ur even asking how ?

[str34m3r]

Well, you didn't give enough info for us to go on, but you also have to consider the possibility that they didn't get your password at all. Perhaps they overflowed a buffer, or used a vulnerable cgi script. Without more info, it's gonna be tough for us to answer your questions.

[sloppyjoe]

i asked how because i want to know how i can prevent

how can i prevent them from gettin my password?

[Dark[Zeus]]

k ... then dont talk about HOW they did ... like i just learned, this is a security site ....

[xmaddness]

sloppyjoe, You would need to provide more info on what happened. Do you run your own server or is it an account on another server. Any other info would be helpful.

[cwk9]

Making sure you keep your web sever all patched up would be a good start. Lots of web page defacements are done using old exploits on unpatched servers. Then there’s the issue of what services your running and what ports are open. But like str34m3r said you’re not giving us much to work with.

How about telling us a few things about your web site. Is it even on your server? Or is it on Geocities or some other hosting service. If its hosted on a well known service with a good security record then the chances are that some on hacked into your personal computer and stole the password from there.

A few helpful tidbits of information would be
What os you’re running
What are you using to display the web page apache/ISS ..ect
What ports are open?
What services your running?

[sloppyjoe]

the domain im using is angelfire

[str34m3r]

Ah, then it would be simple for someone on the same network as you or between you and the server to sniff your password as it goes by on the wire. The only real way to avoid having your password sniffed is to use some sort of encrypted means of authentication. For file transfer, there's sftp, though I doubt angelfire supports it. There may also be some way to upload files over HTTPS, which is probably more likely supported.