PDA

View Full Version : Hacked Front Page



PaulNJ21
10-26-04, 03:06 PM
Could someone please fix the hacked front news page for fwrestling?





Paul

jediPREZ
10-26-04, 04:19 PM
I think Chad is on a business trip, Paul. And unfortunately, he's the only one with access to fix it.

Al!
10-26-04, 04:35 PM
In the meantime the front page serves as an excellent opportunity to brush up on your Spanish-speaking and reading skills. Who said fwrestling wasn't educational?

A.

Al!
10-28-04, 03:14 PM
Chad obviously got around to fixing the front page. Thanks Chad

A

jediPREZ
10-28-04, 04:30 PM
is there any way to prevent this?

Al!
10-28-04, 05:07 PM
Assuming you mean prevention of hacking: No.. people who try to hack will eventually get in. Exploits are known by hackers before they are known by software vendors who have to patch the vulnerabilities. In addition, companies that handle large server farms are notorious for not keeping all of their servers up to date with patches and that's one reason why they spend so much on their backup infrastructure.

Note: I'm pretty sure that Chad likely had a page restored from backup or from his personal machine as not all code is working properly on the front page and all iterations of the file named index.shtml were overwritten (at least as far as I saw) as of two days ago.

If we want to really prevent this sort of thing
1. Passwords need to be complex and change regularly.

2. We need to make sure our server is patched or checked for patching at least every other day against the SANS.org threat list.

3. Someone needs to go over the access logs and find out how these people are getting in. If there's a lot of activity from one address or a host of addresses with failed access advisories then someone's guessing. If we're just getting one login and a bunch of writes it's due to someone knowing a password. If we're not even seeing a login but have a bunch of writes, then the vulnerability isn't on our server, but at the host's network which has access to our box.

Anyhoo, the best security guys will tell you that due to the nature of the technology, you can't totally prevent this stuff. The best security plans have a quick restore process.

Thanks
A

Chad
11-15-04, 05:48 PM
Just a follow-up: I did one fix the night before I started on a trip, and another while I was on another trip. I still need to fix a couple of things, as you can obviously see. The good news is: I'm back in town for the foreseeable future after a month of almost-constant traveling.

-C