In general, we know that if we have a web page, or if you are using a web application for the visit to interact on the Internet, some information about us is stored on the server. When hackers get on the server, they will try to gain access to the root server and to know the details of confidential databases, which are limited to regular visitors. They crack personal information about you and steal your credit card number, which represent the user at the time of purchase through the site.
It is not clear, as a hacker on your server? Compromise Want to know how the servers are hacked and how can we protect our servers?
Ability to run server-side scripting language, or data during transmission is not protected or encrypted reasons for cutting, most of the time. Hackers use various methods, often called white hat hackers and black hats users. This white hat hackers found a security hole in the script from the Web sites and software, and publish user black hat hackers are malicious, which is installed on the computer software and illegally interfering D 'to advise others to do the same.
Find Hackers broke into the server is difficult to find, because it is not easy to recognize. Script kiddies use free software, hacker programs, such as "heroic" and distribute them via the Internet.If you suspect malware, you should be able to respond quickly to minimize the epidemic. If your server is vulnerable to hackers, here are some tips on how to protect your server:
1. Unplug the system from the network
If you suspect that your server is infected, then simply remove the network system from any infected programs to prevent. Instead of solving the current problems leaving the system on the network and document these reports to respond to incidents.
2. Discover hack
Did you know that hackers are using methods to solve this problem, because there are different types of hacking technologies. Using software like Tripwire, you can get them, if they identify will be uploaded to be added or changed in the system. In addition, find the owner of files, so you know what kinds of pirated application servers are cracking. Examine files that have been uploaded to the server system can provide valuable information about the attack on your server.
3. Information received from the script execution started maliciously
Use LSOF (list open files) command in the system, which opens the files on the disk, tube network user who has, and devices through the entire process by which a source of attack is to find this information. In addition, the identification of tools to detect rootkits like rkhunter or chkrootkit possible exploits local analysis and recognition of common attacks. It also performs checks to see if the order was changed, and various checks network interfaces.
4. Close all the attackers script and delete files
Well, if you are the reason for the attack on the server, you can safely eliminate a malicious script is executed on the life and decided to delete all files and save to another location for further investigation. Once we have, this method can be used by hackers, we can stop it and restore the network connection, such as mail, DNS, etc.
These measures are clearly useful in some way to restore the server system from various attacks, in which you may encounter, and can be used to develop its own action plan as a basis. You can also go to sort data, intrusion detection and prevention, complete and easy to use protection against current and emerging threats at both application and network level.
Posts
No comments:
Post a Comment