Server Fault Stack Exchange
Server Fault Stack Exchange

Questions tagged [hacking]

Hacking is the violation of server or network security via exploitation of weaknesses in that security.

Hacking is the violation of server or network security via exploitation of weaknesses in that security.

Some of the most common ways security may be compromised include:

  • Social engineering, in which a person is persuaded to give up sensitive information such as passwords
  • Exploiting unpatched or not generally known (0-day) security holes in software
  • Brute force, that is, trying common usernames and passwords repeatedly until something works

Less commonly, hacking refers to the uncommonly creative solution of a software or hardware problem. Some see this original definition as the correct one and wish to preserve it, though they seem to be fighting a losing battle.

Detailed security questions and answers which do not fit at Server Fault may be welcome at IT Security Stack Exchange.

479 questions
18
votes
7 answers

Should I bother to block these rather lame attempts at hacking my server?

I'm running a LAMP stack, with no phpMyAdmin (yes) installed. While poking through my Apache server logs I noticed things like: 66.184.178.58 - - [16/Mar/2010:13:27:59 +0800] "GET / HTTP/1.1" 200 1170 "-" "Mozilla/4.0 (compatible; MSIE 5.5; Windows…
Journeyman Geek
  • 6,977
  • 3
  • 32
  • 50
17
votes
3 answers

How can I detect unwanted intrusions on my servers?

How are other admins monitoring their servers to detect any unauthorized access and/or hacking attempts? In a larger organization it's easier to throw people at the problem but in a smaller shop how can you effectively monitor your servers? I tend…
Paul Mrozowski
  • 415
  • 2
  • 6
  • 13
17
votes
9 answers

How to Slow Down a Hacker

Some script kiddie in Delhi, India has been trying to hack our site since last night. He wrote a browser script that makes requests of our server in massive nested loops, trying everything under the sun. He's not getting anywhere, and isn't getting…
Flipster
  • 271
  • 1
  • 5
16
votes
11 answers

Is there a standard method of proving password security to non-mathematicians?

My client has a server that is being subjected to brute-force login attempts from a botnet. Due to the vagaries of the server and the client's client, we can't easily block the attempts through a firewall, port change, or login account name…
Porks
  • 163
  • 5
15
votes
1 answer

Potential hijacked SSH session & SSH best practices

I'm freaking out a little bit at the moment. I am SSHing into a remote server that I have recently commissioned. I'm doing this as root. I have installed fail2ban and had a massive amount of banned IPs in the log. The last time I logged in i…
MarMan29
  • 343
  • 3
  • 7
15
votes
8 answers

What are main steps doing forensic analysis of linux box after it was hacked?

What are main steps doing forensic analysis of linux box after it was hacked? Lets say it is a generic linux server mail/web/database/ftp/ssh/samba. And it started sending spam, scanning other systems.. How to start searching for ways hack was done…
Kazimieras Aliulis
  • 2,324
  • 2
  • 26
  • 46
14
votes
3 answers

Stop China from connecting to my Google Compute Engine server

My company has a Google Compute Engine server hosted in North America. We get so many Chinese IP addresses sending requests to port 11 that it is costing us money for the ingress. Our firewall blocks all connections to China already as they have no…
josh123a123
  • 331
  • 3
  • 9
14
votes
9 answers

SSH server zero-day exploit - Suggestions to protect ourselves

According to the Internet Storm Center, there seems to be a SSH zero-day exploit out there. There is some proof of concept code in here and some…
sucuri
  • 2,867
  • 1
  • 23
  • 22
13
votes
4 answers

Can a virtual machine (VM) "hack" another VM running on the same physical machine?

Questions: if a VM is corrupted (hacked), what do I risk on others VMs running on the same physical machine? What kind of security issues is there between VMs running on the same physical host? Is there (can you make) a list of those (potential)…
Totor
  • 2,916
  • 3
  • 23
  • 31
13
votes
10 answers

What is the best way to gain access when the password is unknown?

If you were provided a computer running Windows 2000 or newer and you have no passwords, what method do you use to gain access with administrator privileges so you can use the system?
spoulson
  • 2,183
  • 5
  • 22
  • 30
12
votes
12 answers

Is it ethical to hack real systems?

Is it ethical to hack real systems owned by someone else? Not for profit, but to test your security knowledge and learn something new. I talk only about hacks, which does not make any damage to system, just proves there are some security holes.
Kazimieras Aliulis
  • 2,324
  • 2
  • 26
  • 46
12
votes
11 answers

Site hacked, looking for security advice

Possible Duplicate: My server's been hacked EMERGENCY Last weekend my company's site was hacked. They did the nicest thing of doing that on a Friday evening so we only noticed the attack on Monday morning.. The funny thing is that we switched…
anonymousytoprotectinnocent
12
votes
2 answers

ubuntu 10.10 sshd contains "YOU WANNA SMOKE A SPLIFF" and pot leaf ascii art. Does this mean I've been hacked?

My sshd binary on an ubuntu 10.10 machine contains the following ascii artwork: ng: %.100sToo many lines in environment file %sUser %.100s not allowed because %s exists YOU WANNA . SMOKE …
Josh Knauer
  • 223
  • 1
  • 6
12
votes
6 answers

Should I report hacking attempts?

I am running a small (Windows-based) server. When I check the logs, I see a steady flow of (unsuccesfull) password-guessing hacking attempts. Should I try to report those attempts to the owners of the source IP addresses, or are these attempts…
Mormegil
  • 727
  • 6
  • 14
12
votes
8 answers

is this a hack attempt?

Looking through my 404 logs I noticed the following two URLs, both of which occurred…
Drew
  • 661
  • 6
  • 9
1
2
3
31 32