Server Fault Stack Exchange
Server Fault Stack Exchange

Questions tagged [hacking]

Hacking is the violation of server or network security via exploitation of weaknesses in that security.

Hacking is the violation of server or network security via exploitation of weaknesses in that security.

Some of the most common ways security may be compromised include:

  • Social engineering, in which a person is persuaded to give up sensitive information such as passwords
  • Exploiting unpatched or not generally known (0-day) security holes in software
  • Brute force, that is, trying common usernames and passwords repeatedly until something works

Less commonly, hacking refers to the uncommonly creative solution of a software or hardware problem. Some see this original definition as the correct one and wish to preserve it, though they seem to be fighting a losing battle.

Detailed security questions and answers which do not fit at Server Fault may be welcome at IT Security Stack Exchange.

479 questions
6
votes
5 answers

NAT as a firewall

Network Address Translation ( NAT ), seems to sort of act as a firewall for the hosts behind it because they are not available. Although I would never rely on this as my firewall, what are its failures as a firewall? I am asking this for what I…
Kyle Brandt
  • 83,619
  • 74
  • 305
  • 448
6
votes
7 answers

How Could My Website Be Hacked

I wonder how this could happen. Someone deleted my index.php files from all my domains and puts his own index.php files with the next message: Hacked by Z4i0n - Fatal Error - 2009 [Fatal Error Group Br] Site desfigurado por Z4i0n Somos:…
kiewic
  • 175
  • 1
  • 7
6
votes
4 answers

My linux box has been hacked. Some files are undeletable even by root. How can I replace them?

An intruder tried to install a rootkit on my box. I want it back, before reinstallation. How do I replace invalid files installed by the attacker? I cannot chown or rm them. It says "Operation not permitted" on rm, chown, mv or similar. I'm running…
silviot
  • 281
  • 6
  • 13
6
votes
9 answers

Is it worth hiring a hacker to perform some penetration testing on my servers?

I'm working in a small IT company with paranoid clients, so security has always been an important consideration to us. In the past, we've already mandated penetration testing from two independent companies specialized in this area (Dionach and GSS).…
Brann
  • 630
  • 1
  • 9
  • 19
6
votes
3 answers

Somebody eating all our bandwidth, what should I do?

OK, this is frustrating, my site got thousands of page views/connections in the last 3 days and finally we ran out of monthly bandwidth. We bought more bandwidth and closed the site for maintenance. We checked the logs and found a responsible IP and…
Auxiliary
  • 163
  • 2
  • 7
6
votes
4 answers

Need help recovering a corrupt SQL database

I have a very special case that I have been working on for several days. I have a very large SQL Server 2008 database (about 2 TB) that contains 500 filegroups to support very large partitioned tables. Recently we had a catastophic failure on one of…
user66488
  • 71
  • 2
6
votes
2 answers

Finding Webserver Vulnerability

We operate a webserver farm hosting around 300 websites. Yesterday morning a script placed .htaccess files owned by www-data (the apache user) in every directory under the document_root of most (but not all) sites. The content of the .htaccess file…
Brent
  • 22,857
  • 19
  • 70
  • 102
6
votes
6 answers

Attempted hack on VPS, how to protect in future, what were they trying to do?

UPDATE: They're still here. Help me stop or trap them! Hi SF'ers, I've just had someone hack one of my clients sites. They managed to get to change a file so that the checkout page on the site writes payment information to a text file. Fortunately…
Moin Zaman
  • 163
  • 1
  • 8
6
votes
5 answers

.htaccess being hacked repeatedly

About 4 or 5 days ago, a client came back to me saying that their site was being redirected to some other suspicious looking website from Google, Yahoo, etc., but it was working fine when the user enters the site URL in the browser address bar…
Aditya M P
  • 322
  • 2
  • 4
  • 14
6
votes
6 answers

Database is hacked over and over again; already cleaned the site for SQL injection

I have a client who's asked me to try and analyze a site for vulnerability. What's happening is, every weekend or so, on field of one record of one table in the database gets changed to the same thing every time. From Jewelry to Jewelery
Matt Alexander
  • 250
  • 2
  • 10
6
votes
8 answers

(200 ok) ACCEPTED - Is this a hacking attempt?

I assume this is some type of hacking attempt. I've try to Google it but all I get are sites that look like they have been exploited already. I'm seeing requests to one of my pages that looks like…
Byran Zaugg
  • 337
  • 1
  • 2
  • 10
5
votes
2 answers

Why is IPScan detected as a virus?

Does anyone have a definitive answer to why Angry IP Scanner (IPScan) is detected as a virus (hacktool) by so many antivirus vendors, while similar tools such as Nmap and Advanced IP Scanner are not? I've searched for an answer to this but have…
DarkMoon
  • 1,039
  • 15
  • 30
5
votes
7 answers

Real experience of being hacked on linux?

I would like to hear real stories, how your linux box/server was hacked and what you do not to fall in to the same hole again.
Kazimieras Aliulis
  • 2,324
  • 2
  • 26
  • 46
5
votes
3 answers

VPS exploited for Bitcoin Mining. How to identify the flaw?

An ubuntu VPS I run to host a few basic websites seems to have had apache hacked for bitcoin mining. In my apache error.log I see the following. [Sun Dec 15 06:27:58 2013] [notice] Apache/2.2.22 (Ubuntu) PHP/5.3.10-1ubuntu3.9 with Suhosin-Patch…
JonB
  • 151
  • 1
  • 5
5
votes
3 answers

What protocol should be followed if website is actively under attack?

When you have just detected your website is currently under a hack attack that is attempting to penetrate your website, I am not including Denial of service in my question, what do you do? Are there best practice guidelines to follow? I have found…
SetiSeeker
  • 275
  • 2
  • 9
1 2 3
31 32