Hi - I recently experienced a hacker attack on my web site. Someone calling themselves "core-project" managed to replace my index.html file with their own. After I got the site on-line again, the hacked index.html was gone!?
I have absolutely no idea how they managed to break in, but I was told that the hackers might exploit some of the script technologies on the site. Since I am using AJAX (beta 1) I was wondering if any of these scripts might used to perform a break-in on the server. The passwords I use are fairly strong so I doubt they guessed it.
Any comments?
Cheers
Thomas
Hi Thomas,
AJAX has some security issues to watch out for. Check this article(pdf) for details:
http://digg.com/tech_news/Hacking_AJAX
Also, try to find out about your hackers by parsing log files on the server, and use a firewall (ZoneAlarm is free)
HTH,
Vivek
hello,
and is there any thing which isn't? :)
No comments:
Post a Comment