hosted by liquidweb


Go Back   Web Hosting Talk : Web Hosting Main Forums : Hosting Security and Technology : My site is hacked :(
Reply

Forum Jump

My site is hacked :(

Reply Post New Thread In Hosting Security and Technology Subscription
 
Send news tip View All Posts Thread Tools Search this Thread Display Modes
  #1  
Old 02-11-2012, 05:47 PM
kriru kriru is offline
New Member
 
Join Date: Nov 2011
Posts: 2
*

My site is hacked :(


Hi

My site = guru99.com

It is hosted on hostmonster.com

When I accessed the site today it was showing some wiered homepage.

When I checked with hostmoster support they said its hacked.

I deleted all files from server and restored , still it was guru99 was pointing to hacked location

The support executive later said that the site is pointing to the ip = 173.254.101.84

When I asked them root cause of the problem ... they said they do not know

Can anyone help me decipher why was this so such future attacks can be prevented?

I feel its a problem with hostmonster but they are not admitting ...



Sponsored Links
  #2  
Old 02-11-2012, 06:57 PM
AverageUser AverageUser is offline
Junior Guru Wannabe
 
Join Date: Sep 2009
Posts: 61
They say it is DOS attact, but my sites look like they are hacked too : (. IT just shows content from another site. They say they redirected shared IP to a dedicated or something, but this is a nice excuse I think.

Btw. You should probably put the hosting company name in the title; I doubt your site was 'hacked' because my sites - which are in plain HTML, no DB or even PHP - also look like 'hacked' but the problem is Hostmonster.com, not our sites.


Last edited by AverageUser; 02-11-2012 at 07:05 PM. Reason: btw.
  #3  
Old 02-11-2012, 07:32 PM
Alex LD Alex LD is offline
Junior Guru
 
Join Date: Sep 2008
Location: Iowa
Posts: 189
Quote:
Originally Posted by kriru View Post
Can anyone help me decipher why was this so such future attacks can be prevented?
Hostmonster should be able to point out what happened. If not then you'll want to migrate to a different more secure web host. There are log files for just about everything and i'm sure HostGator can answer the question, its just the matter of when?


Quote:
Originally Posted by AverageUser View Post
They say it is DOS attact, but my sites look like they are hacked too
DOS attack will not take down a server, A DDoS attack will. The difference is, DoS is usually 1 attacker or zombie. Whereas a DDoS is generally a botnet of zombie computers or servers flooding a servers bandwidth essentially causing it to not allow access to for from the box. And if it were a DDoS the server would be going slow and laggy.. or not be online at all. If you're seeing a different website when going to your site, then it is not a DDoS or a DoS attack.

Also let me be clear
If a server get compromised then all accounts on the server can be affected. Regardless if its in PHP or HTML the root user has control over everything.

__________________
Alex Fuller | Creative Director / Owner
Extremely experienced, with 5 years service to WHT community.
LegitDesigns, LLC - Professional Web Design Company


Sponsored Links
  #4  
Old 02-11-2012, 08:30 PM
tvcnet tvcnet is offline
Disabled
 
Join Date: Feb 2010
Location: Worldwide
Posts: 60
I've run a number of scans, including a 3rd party site unmask parasites and your site is looking OK at the moment.

Did you manage to clear the hack from your site?

  #5  
Old 02-12-2012, 12:07 AM
kriru kriru is offline
New Member
 
Join Date: Nov 2011
Posts: 2
I did nothing from my end ...

It was definitely a problem with hostmonster ...

  #6  
Old 02-12-2012, 05:49 AM
humangenome humangenome is offline
Junior Guru Wannabe
 
Join Date: Feb 2012
Posts: 32
Quote:
Originally Posted by Alex LD View Post
DOS attack will not take down a server, A DDoS attack will. The difference is, DoS is usually 1 attacker or zombie. Whereas a DDoS is generally a botnet of zombie computers or servers flooding a servers bandwidth essentially causing it to not allow access to for from the box. And if it were a DDoS the server would be going slow and laggy.. or not be online at all. If you're seeing a different website when going to your site, then it is not a DDoS or a DoS attack.
The difference is not accurate.

A DoS and DDoS attack are one in the same.

You are describing different types of attacks and how they are scaled.

  #7  
Old 02-12-2012, 12:08 PM
Alex LD Alex LD is offline
Junior Guru
 
Join Date: Sep 2008
Location: Iowa
Posts: 189
Quote:
Originally Posted by humangenome View Post
The difference is not accurate.

A DoS and DDoS attack are one in the same.

You are describing different types of attacks and how they are scaled.
DoS = Denial of Service ( 1 computer flooding)
DDoS = Distribute Denial of Service (botnet flooding)

Very different indeed, google, DoS vs DDoS you'll see my description is actually right.

__________________
Alex Fuller | Creative Director / Owner
Extremely experienced, with 5 years service to WHT community.
LegitDesigns, LLC - Professional Web Design Company


  #8  
Old 02-12-2012, 12:31 PM
Steven Steven is online now
Problem Solver
 
Join Date: Mar 2003
Location: California USA
Posts: 12,927
Quote:
Originally Posted by Alex LD View Post
DOS attack will not take down a server, A DDoS attack will.
'DOS' attacks take down servers all the time, if not setup to block them..

__________________
Steven Ciaburri | Proactive Linux Server Management - Rack911.com
System Administration Extraordinaire | Follow us on twitter:@Rack911Labs
Managed Servers (AS62710), Server Management, and Security Auditing.
www.HostingSecList.com - Security notices for the hosting community.

  #9  
Old 02-12-2012, 12:51 PM
Alex LD Alex LD is offline
Junior Guru
 
Join Date: Sep 2008
Location: Iowa
Posts: 189
Quote:
Originally Posted by Steven View Post
'DOS' attacks take down servers all the time, if not setup to block them..
If the person is a complete noob and would completely go without any firewall... CSF...APF even a simple IPTables rule... blocks DoS attacks like its not even a problem. That's like saying cars don't run if you don't put gas in the fuel tank.

Plus the OP is using HostMonster, I know they have a firewall setup. So a DoS attack would not have taken it offline.

__________________
Alex Fuller | Creative Director / Owner
Extremely experienced, with 5 years service to WHT community.
LegitDesigns, LLC - Professional Web Design Company



Last edited by Alex LD; 02-12-2012 at 12:54 PM.
  #10  
Old 02-12-2012, 01:18 PM
AverageUser AverageUser is offline
Junior Guru Wannabe
 
Join Date: Sep 2009
Posts: 61
Everything seems to come to normal finally.

  #11  
Old 02-12-2012, 03:27 PM
Steven Steven is online now
Problem Solver
 
Join Date: Mar 2003
Location: California USA
Posts: 12,927
Quote:
Originally Posted by Alex LD View Post
If the person is a complete noob and would completely go without any firewall... CSF...APF even a simple IPTables rule... blocks DoS attacks like its not even a problem. That's like saying cars don't run if you don't put gas in the fuel tank.

Plus the OP is using HostMonster, I know they have a firewall setup. So a DoS attack would not have taken it offline.
Just because there is a firewall does not mean it will be blocked.
Example if you install csf or apf out of the box it will not block a dos attack. There is no rate limiting in place by default.
Same goes for many hardware firewalls. Unless its specifically setup to block it, its not going to do anything

__________________
Steven Ciaburri | Proactive Linux Server Management - Rack911.com
System Administration Extraordinaire | Follow us on twitter:@Rack911Labs
Managed Servers (AS62710), Server Management, and Security Auditing.
www.HostingSecList.com - Security notices for the hosting community.

  #12  
Old 02-12-2012, 03:39 PM
kpmedia kpmedia is offline
Web Host Reviewer
 
Join Date: Feb 2006
Location: Kepler 62F
Posts: 11,503
Quote:
Originally Posted by Steven View Post
Just because there is a firewall does not mean it will be blocked. Example if you install csf or apf out of the box it will not block a dos attack. There is no rate limiting in place by default. Same goes for many hardware firewalls. Unless its specifically setup to block it, its not going to do anything
What are your suggested settings? CSF, for example.

__________________
|| Need a good host?
|| See my Suggested Hosts List || New Editorial: HostGator Alternatives & Who is EIG?
||

  #13  
Old 02-12-2012, 04:02 PM
mdharris mdharris is offline
Web Hosting Guru
 
Join Date: Jul 2010
Location: Kansas City, MO, US
Posts: 292
Quote:
Originally Posted by Alex LD View Post
DoS = Denial of Service ( 1 computer flooding)
DDoS = Distribute Denial of Service (botnet flooding)

Very different indeed, google, DoS vs DDoS you'll see my description is actually right.
Nah, I tend to disagree here. A distributed attack is simply a type of denial of service attack. There are non-distributed attacks which can bring down services - for example, an exploitable software bug which allowed a remote attacker to cause a web server to crash. That would also be a denial of service attack.

__________________
Ⓐ Red Triangle Technology Collective Ⓐ
Hosting a revolution!
http://www.redtriangletc.org/

  #14  
Old 02-12-2012, 04:17 PM
Alex LD Alex LD is offline
Junior Guru
 
Join Date: Sep 2008
Location: Iowa
Posts: 189
Quote:
Originally Posted by mdharris View Post
Nah, I tend to disagree here. A distributed attack is simply a type of denial of service attack. There are non-distributed attacks which can bring down services - for example, an exploitable software bug which allowed a remote attacker to cause a web server to crash. That would also be a denial of service attack.
If you consider an exploitable software bug as a Denial of service on such a broad spectrum, then so basically would be any other type attack to a system. I guess if someone pulled the power cord out of the wall, that too is a Denial of Service.

__________________
Alex Fuller | Creative Director / Owner
Extremely experienced, with 5 years service to WHT community.
LegitDesigns, LLC - Professional Web Design Company


  #15  
Old 02-12-2012, 04:42 PM
BiggyMike BiggyMike is offline
Aspiring Evangelist
 
Join Date: Jan 2012
Posts: 356
Regardless of the attack software firewalls are pointless for DoS/DDoS. The traffic still hits the server. Software firewalls are meant for security.

Reply

Similar Threads
Thread Thread Starter Forum Replies Last Post
My site has been hacked!!! a1nerd Web Hosting 36 04-07-2005 12:37 PM
My Site Was Hacked! kneuf Web Hosting Lounge 16 01-30-2004 11:52 AM
site hacked nachopo Reseller Hosting 1 07-15-2003 11:59 AM
Site hacked - now what? I, Brian Hosting Security and Technology 30 04-25-2003 04:50 AM
What to do if your site gets hacked? Lawny Hosting Security and Technology 32 12-11-2001 08:33 PM

Related posts from TheWhir.com
Title Type Date Posted
WiredTree Listing 2014-04-24 01:34:00
Could Website Hackers be Chasing Hosting Customers Away? Blog 2013-08-27 09:07:42
Syrian Electronic Army Targets Top US Media Websites in Outbrain Platform Hack Web Hosting News 2013-08-16 10:46:10
Parallels Plesk Panel Vulnerability Revealed by Hacker Selling Exploit Web Hosting News 2012-07-11 10:34:13
SwaggSec Hackers Release 900 Admin Credentials from China Telecom Attack Web Hosting News 2012-06-04 15:24:03


Tags
hack, security

Thread Tools Search this Thread
Search this Thread:

Advanced Search
Display Modes
Postbit Selector

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off

Forum Jump
Login:
Log in with your username and password
Username:
Password:



Forgot Password?
Advertisement:
Web Hosting News:



 

X

Welcome to WebHostingTalk.com

Create your username to jump into the discussion!

WebHostingTalk.com is the largest, most influentual web hosting community on the Internet. Join us by filling in the form below.


(4 digit year)

Already a member?