-
October 19th, 2004, 02:17 PM
#1
Junior Member
How to recover from hacked website?
Hi,
I'm new here... I was browsing around to look for article that show how to increase website security. One of my friend's website is being hacked and all "functioinality" has been suspended by the hacker. Has anyone have any idea on how the hacker might do this or how to recover from this? Do you know any tips to prevent this from happening again? here is the website: www.umich.edu/~permias
Thanks guys!
-
October 19th, 2004, 02:27 PM
#2
It's a php based BBS. Search Google for the exploits against the particular board and you will most likely find the way (s)he gets in.
Don\'t SYN us.... We\'ll SYN you.....
\"A nation that draws too broad a difference between its scholars and its warriors will have its thinking done by cowards, and its fighting done by fools.\" - Thucydides
-
October 19th, 2004, 02:31 PM
#3
Recovery is easy:
Backup your important data
Reinstall the server using original media
Update everything.
Prevention is also rather easy:
Update your system on a regular basis!
(this includes php-nuke!).
How'd "they" came in?
They probably exploited a recent sql-injection bug in php-nuke.
Oliver's Law:
Experience is something you don't get until just after you need it.
-
October 19th, 2004, 03:31 PM
#4
Member
what kind of os you running? make sure when you backup you dont update some backdoor with it or some infected file b/c after a break-in nothing in the system can be trusted so be careful where you tread, also review the logs if its *nix, and get one of those forensic anazlyzers, its meant for something in your position, just google it, there are plenty of free ones out there, updates, security and watchful eye are all needed, watch the logs for something that may be devolping again, get some more security, ids (snort), and do some pen tests from home such as after your done locking down the server scan it (nmap, gfi lan guard)
-
October 19th, 2004, 08:27 PM
#5
Junior Member
Thanks guys for all your great response. I need to learn alot! It's been a while I havent "updated" my security knowledge... thanks for all your help.
-
October 19th, 2004, 09:55 PM
#6
Why do I get the horrible feeling he will backup his site, reinstall the OS, put the site back there as it was and then wonder why the cracker comes straight back in?.....
Don\'t SYN us.... We\'ll SYN you.....
\"A nation that draws too broad a difference between its scholars and its warriors will have its thinking done by cowards, and its fighting done by fools.\" - Thucydides
-
October 19th, 2004, 10:05 PM
#7
Why do I get the horrible feeling
Because that's why your the Tiger Shark, and that's what you sit and wait for, each and every day.
Unless of course AngelK is giving you a lesson in debating / arguments
so now I'm in my SIXTIES FFS
WTAF, how did that happen, so no more alterations to the sig, it will remain as is now
Beware of Geeks bearing GIF's
come and waste the day :P at The Taz Zone
-
November 19th, 2004, 05:01 AM
#8
Junior Member
hm..
Also.. dont and never trust people who wants to "help" you. Just trust only yourself. Never leave backup discs unattended. Never throw old backup disks in the bin without first destroying them.
Posting Permissions
- You may not post new threads
- You may not post replies
- You may not post attachments
- You may not edit your posts
-
Forum Rules
|
|