Today I started getting some wierd submissions to my websites, pretty obvious someone was checking my server's defences, of course all completely useless, I think my servers are pretty secure. But...made me think...lets start a thread Check it out, Im getting submissions like this into plain text forms on my sites: I also cant decide whether its hacking or attempted spam. Anyway...anyone gotten messages like this recently? Or know what the hacker is trying to do? Pete
It does look strange but i doubt it that you can command the server from a form by entering commands in the ''to'' ''subject'' and ''body'' form fields. I could be wayyy of here since i am not a security expert but i doubt it. It does look strange though.
yes i have been hacked - REALLY hacked on feb 22 see http://forums.digitalpoint.com/showthread.php?t=60563 if ever yoiu think your servers are secure - re-think twice and look even more often hackers never assume a site is secure they assume a site has week part/doors to enter the kind of hacking i have experienced is true professinal hacking with properly prepared SW tool-sets Google a publishers best friend G also a hackers best friend in my case and most likely up to a few dozen identical cases during the last weeks or months G has been the information source needed for the hacker each referral i have received in my log showed what G query they used to find a potential "victim"
Thats pretty unlucky... May I ask, were you running some open source web page things e.g. phpbb, that got hacked? Pete
open source never is a problem for security open source is open and hence free to be fixed by anyone the very severe ( criminal ) abuse involved a proprietary SW on my site that's definitely the worst ever that could happen to a site owner, specially if the coder or company who made the SW either is absent or careless about security - one of the 2 cases applies in my situaiton. no one there to help or fix the security hole the very same site intrusion may happen to many other users of same SW AND of many other software most of them never may become aware unless they have a truly excellent host that detects such intrusion like my host 1and1.com did so in BOTH situations, first in november 2005 now on feb 22 the worst case i am still investigating all data from past entire year to create a security report and may make it available by direct email to all interestees with a complete profile and own website registered in their name with a public whois record upon request it probably can happen to anyone having cgi, perl or php on his site - most likely even in this DP forum BTW on your website you have a FULL "Result: Failed validation" the cause for that fatal error is in your meta name="Description ... from �250 per hour if you remove the illegal character preceding the amount then you get the real number of errors to be fixed before validation possible
I was rooted twice a few years ago before I switched to FreeBSD. Linux is so full of holes and security is the last thing most Linux distros carea bout. For FreeBSD security is a priority and since I been on it I have been excellent.
I am quiete sure many who have been hacked are totally unaware of that and even more about how to find traces of an earlier security breach as my ongling investigation shows finding traces requires tools and basic knowledge about how and where to search or what kind of intrusion tools are used by hackers from the 40+ websites i wanted to inform of the ongoing hacker attacks, the webmasters only one had a valid webmaster email account - all others no public instantly available email contact the one with valid webmaster address responded and was affected as well all others may be hacked these very days by the same hacker(s) but unaware until too late the set of hacker tools used in my case is so professional that it rather looks like organized
I was hacked a couple of weeks ago, but luckily I had backed up both my entire site and my forum database. Lesson learned: 1. Change all directories that are set to 777 permissions to 775 or more secure permissions. 2. hide and protect all php login files with tight permissions. 3. Check awstats and apache logs weekly or more. 4. Always keep a backup, and keep it on multiple computers or media in case you need it later.
did you check your logfiles for any files used on your site that now have been deleted ? in my case the hacker did no damage to my site they just USED my site for launching highly illegal activites and used a highly professional set of scripts that have been uplooaded and that apparentlys are intended to be deleted after use hence the only option left to find traces is to search access.log for previoius use of strange files
I was hacked a few weeks ago, with and open source project, open-realty. It was my own fault though, I didn't chmod the config file properly, and the hacker overwrote it with their own message
nope, i dont use any open source php scripts like joomla and phpbb for this reason, did anyone ever take a look at the source of these scripts?!! they are a disaster someone ought to teach these people how to program but seriously i code all the scripts myself and my friend and I regulary try various blackbox and whitebox techniques to try to break, hack each others scripts