Server Fault Stack Exchange
Server Fault Stack Exchange

Questions tagged [hacking]

Hacking is the violation of server or network security via exploitation of weaknesses in that security.

Hacking is the violation of server or network security via exploitation of weaknesses in that security.

Some of the most common ways security may be compromised include:

  • Social engineering, in which a person is persuaded to give up sensitive information such as passwords
  • Exploiting unpatched or not generally known (0-day) security holes in software
  • Brute force, that is, trying common usernames and passwords repeatedly until something works

Less commonly, hacking refers to the uncommonly creative solution of a software or hardware problem. Some see this original definition as the correct one and wish to preserve it, though they seem to be fighting a losing battle.

Detailed security questions and answers which do not fit at Server Fault may be welcome at IT Security Stack Exchange.

479 questions
3
votes
1 answer

Decrypting ESP Packets with IPSEC Transport Mode if Pre-Shared Key is Known

I am reading up on IPSec, and was wondering if I could use wireshark to decrypt ESP packets from IPSEC transport mode sessions that are using a preshared key . From reading this thread, I have gathered that even if the preshared key is already…
Kyle Brandt
  • 83,619
  • 74
  • 305
  • 448
3
votes
2 answers

My website is infected, I restored a backup of the uninfected files, how long will it take to un-mark as dangerous?

My website www.sagamountain.com was recently infected by a malware distributor (or at least I think it may have been). I have removed all external content, google ads, firefly chat, etc. I uploaded a backup from a few weeks ago, when there was no…
Cyclone
  • 206
  • 3
  • 8
3
votes
4 answers

Rogue processess in linux

I'm running Apache on Linux server. I have noticed the following processes running which I am not expecting to see, and appear rogue. Can anyone please advise me what they mean? Running ps aux | grep apache gave me the following: root 6196 0.2…
Mark Blades
3
votes
1 answer

Possible Cisco Router Hack?

We have a Cisco EPC3928AD EuroDocsis 3.0 2-PORT Voice Gateway from our ISP. The router is connected to a firewall (an Ubuntu-box running iptables and Wireshark). Our LAN (10.0.0.1/24) is beyond the firewall. No other equipment is connected to the…
ElToro1966
  • 177
  • 2
  • 8
3
votes
3 answers

Continuous POST requests on wordpress login page - hacking attempt?

From today morning, I am witnessing a series of continuous POST requests hitting on one of blog running on wordpress software on my server. Few things about this pattern: These continuous requests last for 2 minutes every-time In this 2 minute…
Abhinav
  • 743
  • 2
  • 9
  • 20
3
votes
1 answer

got weird email with server data. Does this mean I got hacked?

I just got the following "undelivered message" to my postmaster@mydomain.com Does this mean someone might have tried to (or succeeded in) hacking me? (I replaced certain parts in the below for privacy purpose, it's not exactly 100% the original I…
Kolja
  • 199
  • 1
  • 2
  • 10
3
votes
1 answer

Someone tried to hack my Node.js server, need to understand a GET request in the logs

Alright, so I left my Node.js server alone for a while and came back to find some really interesting stuff in the logs. Apparently some moron from China or Poland tried to hack my server using directory traversal and what not, while it seems though…
Abdullah Khan
  • 131
  • 1
  • 3
3
votes
1 answer

Prevent user access to console but still allow svn+ssh:// access to SVN repos

I create an user john on my server and I add him into the SVN group so we can share our code and everything looks okay. Now I want to prevent this user from connecting to the console or shell via SSH. In /etc/ssh/sshd_confing file I add this…
Marek
  • 175
  • 2
  • 8
3
votes
5 answers

php site defacing

Possible Duplicate: My server's been hacked EMERGENCY someone is intruding in our site and putting following line in our main page (index.php):: In the following code bottom.php is our own file and the intruder is putting the "echo