Announcement

Collapse
No announcement yet.

Hacked sites and Filezilla

Collapse
X
 
  • Filter
  • Time
  • Show
Clear All
new posts

  • #16
    Originally posted by Dan View Post
    Please keep the hastiness to a minimum.
    And don't be hasty in being nasty...
    black-dog
    4theweb.co.uk Web stuff
    slipperyhill.co.uk Band

    Comment


    • #17
      Never ever save your FTP passwords in any of the FTP programs you use. Your website will get hacked if you save your FTP passwords in a FTP software on a windows machine. You won't loose your FTP information untill and unless you get some sort of Virus on your computer.

      If you are using Frontpage and if you create profile for auto-connect then your website will get hacked once your computer gets infected by a virus program.

      We have seen such thing happening with websites of many customers and there's nothing much we can do to help them. If a hacker gets connected to your FTP account in one go then there's no way our server can stop the hacker from defacing your website.
      Web Hosting UK - ASP MSSQL Hosting - cPanel Linux Hosting
      AIM : webredback || msn : andrew @ webhosting.uk.com
      Toll Free : 0808 262 0855

      Comment


      • #18
        After that post I spent days virus, malware, spyware etc. checking and found absolutely nothing on any of the 4 computers I use.

        All passwords are in my head - they are not saved in any FTP programmes, including frontpage, on any of my computers.

        Therefore the only logical weak link is potentially your servers and I take offence to to you implying it was my fault when it obviously wasn't.

        Hopefully this has given you a heads up to check your security.

        Comment


        • #19
          Originally posted by Cassie View Post
          After that post I spent days virus, malware, spyware etc. checking and found absolutely nothing on any of the 4 computers I use.

          All passwords are in my head - they are not saved in any FTP programmes, including frontpage, on any of my computers.

          Therefore the only logical weak link is potentially your servers and I take offence to to you implying it was my fault when it obviously wasn't.

          Hopefully this has given you a heads up to check your security.
          Without trying to get into a he said / she said type affair, it's all too easy to blame other people for things that have gone wrong.

          With the above in mind, the phrase 'the only logical weak link .....' can be a bad thing to jump into feet first, mainly because forum software (most software has flaws, it's just a case of finding them), can be very susceptible to hijacking of various kinds, the only way to stay ahead is to ensure that you are upto date with any maintenance patch releases from the vendor (this could be the forum software, a new version of php, or even a MySQL update that prevents injections), and if a hole has been found but no patch released, then turn it off until such time as a patch is released.

          From what I have read on this thread, no one implied, nor suggested that it was your fault. It was mainly an aim at a guideline for anyone that may stumble upon this thread in the future. Storing passwords is a bad thing on any machine, mainly due to an attacker only needing to gain access to 'that' machine in order to access others. The only thing that I have read on this thread, is helpful hints to people that may not be as savvy as say yourself, on what should / shouldn't be done.

          A good suggested read would be the hackers handbook, and teach yourself the same techniques that these people use to enter your site.
          Last edited by Hexosphere; 20-08-09, 10:19 PM.
          Hexo
          -------
          The man that knows how, is always working for the man that knows why

          Comment


          • #20
            That is correct Hexosphere. Cassie, WHUK servers are constantly optimized for the best security, hence why FP extensions were removed a while ago; even features which could even give a glimpse of a fail sign are likely to be removed. Nobody implied that it was indeed your fault, you should not take offense to something that hasn't been said.

            Bearing in mind that SQL injections, with forum software that is both in-dated and out-dated can easily be affected by this, mainly with the free forums. May I ask what website you are referring to?
            Webhosting.UK.com || cPanel VPS Hosting || Reseller Hosting

            Sales: 0808-262-0855
            Support: 0800-612-8725
            International: +44 191 303 8191

            Comment

            Working...
            X