How do I find the 'open door' they are exploiting?
Simon606
8:36 pm on Sep 2, 2009 (gmt 0)
My site has been hacked again. I was wondering if there are any tools that can help determine how they got into my site?
Thank you
jomaxx
8:46 pm on Sep 2, 2009 (gmt 0)
Did you reinstall the server OS from scratch? I think that's what a security expert would tell you to do.
Also, don't ever use unencrypted Telnet or FTP. And use a dedicated server and don't give anyone else an account on it. And check your local computer carefully for spyware.
Tonearm
7:43 am on Sep 3, 2009 (gmt 0)
Yes, it's crucial you completely reinstall from scratch when you've been hacked.
tangor
8:26 am on Sep 3, 2009 (gmt 0)
Are you running shared hosting? Perhaps running PHP/MySQL? IIS? Each has their own exposure. Best practice is to roll back to before intrusion. In case one move to a different host. Case two check all code used for security weakness. Case three, reinstall and UPDATE.
