FORUMS: list search recent posts

website hacked-would SSL help

COW Forums : Web Design

<< PREVIOUS   •   FAQ   •   VIEW ALL   •   PRINT   •   NEXT >>
Alan Bezet
website hacked-would SSL help
on Jul 15, 2009 at 1:13:14 am

Greetings,

Our website go hacked. Someone was able to compromise our FTP sign-in and inject malicious code into our website, including two trojans. Would SSL help secure our FTP/ourselves and our clients against future hacks of the same type?


Return to posts index

Alan Bezet
Re: website hacked-would SSL help
on Jul 15, 2009 at 1:24:35 pm

Happy Cow Appreciation Day!

Alan Bezet
Production Manager
Washington, D.C.
alan.bezet@gmail.com


Return to posts index

Mike Smith
Re: website hacked-would SSL help
on Jul 16, 2009 at 9:34:50 am

That would depend really on how you were hacked / how much of a target your site might be. SSL would do good things for you in protecting against man-in-the=middle attacks or sniffers picking up details in transit from wherever you log in to the site. But that stuff is quite high tech and probably not concentrated on non-commercial sites.

No doubt you've run a virus check on your regular log-in computers looking for malware / trojans / ley loggers, and come up clean?

Is it more likely that you have another kind of attack? Have you given out your password to other contractors or colleagues, who might have passed it on? Have you logged in and left a session open on your machine, while you went away to a meeting? Do you have a unique password for your ftp access, or do you use the same password for various things / sites? Do you have a weak or easy to guess password? Have you let a browser remember your password when you logged in from a public place / internet cafe / some place where others might be able to use the browser sometimes ...? Any of these might offer a route to an easier hack of your site.

You don't say whether you are on a shared host (were others on that host also hacked?) or whether this is a simple html / css site, or a site with forms / scripting / a database - so some of this list of stuff to think about might not apply to you.
http://www.cmswire.com/cms/web-cms/how-they-hack-your-website-overview-of-c...

http://www.webdevelopersnotes.com/hosting/website_hacked_what_to_do.php3

http://news.cnet.com/Kevin-Mitnick-Web-site-hacked/2100-7349_3-6108032.html





Return to posts index


Alan Bezet
Re: website hacked-would SSL help
on Jul 16, 2009 at 1:49:26 pm

Thank you for the extensive response. We have a fairly simple html/css website that has some javascript on it, "shadowboxes" for displaying flash videos. We are predominately a Mac based office, with one PC in our midst. We ran a variety of scans on that computer and did find a significant chunk of malware, also our (old) ftp password was easy to guess and similar to other passwords that we had.

We cleaned up that computer and plan to put some sort of antivirus software on our macs. We are and office of only two or so people, so no one can really "walk up to our open work station". As well we don't really use our computers in public spaces except during travel on laptops, and for that we stay with our computers of course to prevent actual theft of the computer itself! Also, we are a non-commercial website, so no e-commerce here.

any suggestions for good malware detection programs for a Mac would be appreciated!

Thank you for your help.

Alan Bezet
Production Manager
Washington, D.C.
alan.bezet@gmail.com


Return to posts index

Thomas A. Amoroso
Re: website hacked-would SSL help
on Jul 22, 2009 at 12:50:10 pm

Both Norton and McAfee make pretty good products for malware detection on the Mac. Better, though-if you have a backup which you *know* is good (read: not infected, definitely comes from before the hacking event) is to restore that, and then change all of the passwords, etc. which made you vulnerable in the first place.

To answer your original question: ssl would not likely have protected you from this attack. From your report, the attacker got in through FTP using some form of password attack (probably a dictionary), and then proceeded to make merry in your filesystem. Since you appear to now be a target, you might consider making a serious password policy for your office (minimum length and complexity, regular change intervals (monthly, quarterly, something), and stuff like that.

Most security is personal-we give out passwords to people we shouldn't trust, or use easy passwords because remembering hard ones is a pain (and be clear that I am no different in this regard-my "password discipline" could be lots better :-). Guarding against that kind of thing requires institutionalized vigilance of the kind practiced by outfits like the military. (I worked for them for a while, and while I hated choosing new passwords every 60 days, I admit it enforced security in a way I would not have done).


Return to posts index

<< PREVIOUS   •   VIEW ALL   •   PRINT   •   NEXT >>
© 2017 CreativeCOW.net All Rights Reserved
[TOP]