Stop defacing?
Results 1 to 5 of 5

Thread: Stop defacing?

  1. #1
    Member
    Join Date
    Apr 2004
    Posts
    91

    Stop defacing?

    How do hackers deface websites? Do they use scripts or something?
    How am I able to protect against hackers from doing this?

    Thanks,
    Phil

  2. #2
    Elite Hacker
    Join Date
    Mar 2003
    Posts
    1,407
    The main thing is vulnerabilities. There are a lot of vulnerabilities out there and you constantly have to check for updates. If you find that there is a patch, maybe give it a few days to see that nobody really experiences problems with it, then download and install it. You will be looking for patches for your OS, webserver, ftp server, firewall, or just whatever is exposed, and even things not exposed just in case they get access to the things normally not exposed.

    Another method is simply to brute force maybe an ftp server or something. You should have some sort of policy set to restrict the amount of bad "guesses" when trying to connect to ftp. Just never think you're safe basically. Cause you're probably not. It's ok to be a little paranoid. If you're really interested in seeing what goes on when you're compromised you may want to get an old box and put some sort of honeypot on it. Google honeypot for more info.

    Also, there are secure ftp servers/clients out there. It is definitely a good idea to use those as all transfers are encrypted. Always use secured/encrypted connections whenever possible. Hope this helps.

  3. #3
    Senior Member
    Join Date
    Oct 2001
    Posts
    186
    Keep up to date with patches. Pay attention to your logs. Install some sort of ids. Without knowing the specifics of your server setup we wont be able to help any further than general info. Could you tell us what type of server software your running etc.. and we could give you some more detailed advice.
    Ben Franklin said it best. \"They that can give up essential liberty to obtain a little temporary safety deserve neither liberty nor safety.\"

  4. #4
    Member
    Join Date
    Apr 2004
    Posts
    91
    OS: Windows XP (Soon to be FreeBSD)
    Server: Apache 2

  5. #5
    Senior Member
    Join Date
    Nov 2001
    Posts
    4,786
    yup for the most part scripts. when a vuln is found a way to exploit is writted, a large range of ip addresses are scanned for servers that match the criteria then the list is used to automatically exploit every ip addy on the list.

    the majority of defacements are done using "known" vulns. in other word a fix has already been made to keep this from happening but has not been applied. like everyone says "patch right away"
    Bukhari:V3B48N826 “The Prophet said, ‘Isn’t the witness of a woman equal to half of that of a man?’ The women said, ‘Yes.’ He said, ‘This is because of the deficiency of a woman’s mind.’”

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •