Preventing Attack on Site
Results 1 to 6 of 6

Thread: Preventing Attack on Site

  1. #1
    Banned
    Join Date
    Apr 2003
    Posts
    51

    Preventing Attack on Site

    well last time i posted, i think people took offence to that, i just guess my wording was wrong, so i hope this time its better. The problem is that there have been many web site attacks and hackings over the past couple months now in the anime community (I doubt many of you actually like anime, but please hear me out). Most of the attacks seem to come from a group called the "Dark Orchid Org". At first, they seemed to be nothing but scriptkiddies, but they've actually proven they could hack into sites, and its really annoying. If you want more info on that, go to http://the-cnews.com/members/newscom...2192676,58730, Anyway, what i wanted to know is what kind of programs they seem to be using (i dont think they're using brute forcers, they say they find holes in the security and exploit them) and how to prevent against those kind of attacks. Thank You

  2. #2
    Senior Member
    Join Date
    Oct 2002
    Posts
    181
    Are you able to narrow it down abit and tell us how they got in? As what you are asking will require a whole book to expain in full detail

    SittingDuck
    I\'m a SittingDuck, but the question is \"Is your web app a Sitting Duck?\"

  3. #3
    Senior Member
    Join Date
    Mar 2003
    Location
    central il
    Posts
    1,779
    It would also be helpfull to know what your site is running on, my guess is scriptkiddie exploiteing known holes in an unpatched unfirewalled system.
    Who is more trustworthy then all of the gurus or Buddha’s?

  4. #4
    Banned
    Join Date
    Apr 2003
    Posts
    51
    well, i'm running on a unix server, and i think most of the sites hacked were on unix too. which is pretty much all i know about it. Basically, i dont know too much, but they "claim" that they've found holes in firewalls and exploited them.

  5. #5
    Senior Member
    Join Date
    Sep 2001
    Posts
    1,027
    Ok, so exactly what site got hacked?
    Do they serv static html content or dynamic (php & database & etc), to they serv more than just http?
    How exactly was it "hacked"; ie: what did they temper with (what was changed?)
    What kind of security is/was implemented at the time of the attack?
    What unix is it running?

    Without that kind of info it's anybody's guess as to how they could have done it...

    Ammo
    Credit travels up, blame travels down -- The Boss

  6. #6
    Senior Member
    Join Date
    Oct 2002
    Posts
    181
    all firewalls have holes in them, other wise they would block everything. At a guess they proberly manged to ftp access via port 21
    I\'m a SittingDuck, but the question is \"Is your web app a Sitting Duck?\"

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •