Detecting Hackers

[Caroline]

Quote:

Originally Posted by Matt123

Oh! It's too difficult to find that how malicious code was injected to his site which infected 10651 domains. Pretty serious!

However here are few tips in order to prevent your site from malicious code:-
a) Installing executable softwares shall be avoided.
b) Before installing any software, verify if it is free of malicious code.
c) Additional measures shall be taken like blocking specific IP source addresses or IP ports, blocking specific email messages or attachments, or blocking specific email sender addresses or domains.
And many more!

Agreed. However, you should make sure that you keep on monitoring your websites and server for any strange activities on them. If you find any strange activities going on, you should contact an expert to get the problem solved asap or this can definitely cause more problems in future. Also, if you have a fully managed server then you can contact your web hosting provider once you find any strange activities on the server and they will definitely help you to get rid of the problem.

[Roscoe]

Figured I'd share this little morsel that turned up in my inbox the other day.

The story is I added a little email notification when a customer places an order in our system. So that our operators get alerted there's something needs raised.

Something obviously noticed me doing it and sent a message to my admin (me) to tip him off, just in case he wasn't aware of it.

In case this isn't mentioned somewhere else - it's worth checking your admin email every once in a while.

Quote:

Subject: [newmailcgi] Recently Uploaded CGI scripts that send email on xxxxxxx.webhosting.uk.com

Below are the recently upload scripts that contain code to send email. You may wish to inspect them to ensure they are not sending out SPAM.

/home/xxxxxx/public_html/xxxxxxx/xxxxxxxx/xxxxxxxxx.php:92:
/home/xxxxxx/public_html/xxxxxxx/xxxxxxxx/xxxxxxxxx.php:93: mail($mailrecip, $subject, $message, $headers);
/home/xxxxxx/public_html/xxxxxxx/xxxxxxxx/xxxxxxxxx.php:94: }
---
/home/xxxxxx/public_html/xxxxxxx/xxxxxxxx/xxxxxxxxx.php:77:
/home/xxxxxx/public_html/xxxxxxx/xxxxxxxx/xxxxxxxxx.php.php:78: mail($mailrecip, $subject, $message, $headers);
/home/xxxxxx/public_html/xxxxxxx/xxxxxxxx/xxxxxxxxx.php:79: }
---

[usmanbutt001]

Quote:

Originally Posted by GoGeTTeR

Hackers, by nature are very stealthy. Their ability to gain access to your computer through the Internet can easily be done without your knowledge - and most of them seem to prefer that approach. Before time is spent on being able to detect a hacker, it should be noted that a determined hacker will not be stopped! They will get in - even to the Department of Defenses systems!

Some common things that might tip you off to an intrusion are:
Lights showing hard drive activity being busier than what your own activities call for
Suspicious files left on your computer - often in the Windows Temp directory with a tmp. suffix
Obvious tampering - destroyed files, missing files, etc.
Or, the worst case - someone's taking money out of your bank account or using your credit cards (Please note, though, that this could also be the result of phishing, too - not necessarily hacking)
Your firewall keeps receives multiple packets from a single web address and notifies you.

you should enable selinux in linux to avoid hackers

[gillianreynolds]

Hackers had broken into the Department of Defense's computers - again. With news like this, combined with the fact that other hackers are constantly seeking to steal people's identity, send out spam from innocent computers, and other computer crimes hacking into unauthorized places,
makes it necessary for illegal hackers to be caught. If you are one of those who have suffered from a hack attack, then you may be one of those who say: "I need an IP specialist, to catch a hacker." This article will show you some things that you can do.

[Rachael]

Matt I must say you have been providing crucial information as well. Ways to prevent malicious code is extremely important information, thanks for mentioning it.