Results 1 to 12 of 12

Thread: Server Hacked

  1. #1

    Server Hacked

    Hi, anyone know any company providing server management service which is cheap? Our server got hacked and we want to investigate, remove infected files, and server hardening, and also check the intruder log for what they have done too. Company are welcome to pm me. Urgent! Thanks guys!

  2. #2
    Join Date
    Nov 2009
    Location
    /etc/my.cnf
    Posts
    10,657
    Quote Originally Posted by Cbchung View Post
    Hi, anyone know any company providing server management service which is cheap? Our server got hacked and we want to investigate, remove infected files, and server hardening, and also check the intruder log for what they have done too. Company are welcome to pm me. Urgent! Thanks guys!
    Please answer the following:

    What sort of server are we talking?

    How do you know its infected/hacked?

    What current security procedures are in place?

    How often do you have security audits done?

    How far back do you have backups?

    Regards,

  3. #3
    Join Date
    Mar 2003
    Location
    Canada
    Posts
    9,072
    No advice for a server management company, but please don't cheap out on this... this is something important and if you were rooted (admin access gained for the entire server) then your safest bet is to format the server, start clean and move on. The concern with cleaning up a compromise is not knowing with 100% certainty that everything is safe. I'm not saying don't investigate how this happened, but for your peace of mind it's probably better to start over.

    I would also consider hiring a server management company that us proactive in keeping your server up to date, staying on top of security patches, monitoring everything, etc. If you were hacked once, you'll probably be hacked again. It's just well worth it to spend the extra $$$ and have someone stay on top of these for you if you're not able to.

  4. #4
    Ok. I would setup a new server anyway. Which company you would recommend to do hardening, security issue?

  5. #5
    Join Date
    Nov 2009
    Location
    /etc/my.cnf
    Posts
    10,657
    Quote Originally Posted by Patrick View Post
    No advice for a server management company, but please don't cheap out on this...
    I wish everyone thought like this however some people only use a management provider when the **** hits the fan then expects to pay peanuts to clean up a whole load of mess...

    I could make more working in wendys then what some people around here are prepared to pay for management

    Quote Originally Posted by Cbchung View Post
    Ok. I would setup a new server anyway. Which company you would recommend to do hardening, security issue?
    Chances are the files are infected with afew nastys so simply upping sticks and transferring data would likely yield the same problem in future.

    All the files will need to be scanned, etc
    Last edited by Server Management; 03-27-2012 at 03:23 PM.

  6. #6
    Join Date
    Apr 2008
    Location
    UK
    Posts
    239
    Yeah as Patrick said - don't go for a cheapo 20 dollar an hour for security - get someone who knows what they are doing !

  7. #7
    Join Date
    Feb 2010
    Location
    Worldwide
    Posts
    61
    Amen brotha!

  8. #8
    You'll need to spend a little (but not necessarily a lot!) to get the quality support necessary for custom server hardening. More often then not, servers are hacked through the website code... weather it be outdated CMS or software written by a programmer without security in mind. If that's the case, and you choose a company that's just going to apply some updates and "secure the server" the security hole might still be there! You'll need a support group that's willing to find and patch the actual exploit regardless of where it is.

  9. #9
    Rightly said. The hack - assuming it has - could have happened at the OS or service level or application level. One would need to check at all levels.

    Ideally a thorough vulnerability assessment and penetration test should be done but if you have a small or standard application suite with not much changed, you may need to focus more on the OS/services.

    Also agree with the advice on rebuilding the server and reinstalling - if it has been compromised, rootkits, etc, would leave it almost permanently unclean.

    BTW - what OS and application suite are you using?

    Cheers!
    Last edited by sam9; 03-28-2012 at 05:38 PM. Reason: typos

  10. #10
    Join Date
    Oct 2005
    Location
    Internet
    Posts
    1,161
    For your needs I would recommend platinumservermanagement.com -- they are cheap ($29 month) and do everything any other server tech will, except they aren't proactive which isn't what you really need.

    They will do anything for you and get it done within 24 hours, usually an hour. Unless you need quick constant proactive service, use these guys. Your only going to be paying for faster service.

  11. #11
    Join Date
    Dec 2010
    Location
    127.0.0.1
    Posts
    5,732
    I agree with restarting, maybe format the Server to Centos 5.5, then secure your server, Install cPanel, setup cPHulk Brute Force Protection, Shell Fork Bomb Protection, Enable Traceroute, do EasyApache; ensure you have: Apache 2.2.22, PHP 5, 5.3.10, Mod Security, Suhosin for PHP, Zend Optimizer/Guard Loader for PHP. Disable: Frontpage and Magic Quotes and Enable Mysqli and anything else you want / remove and then build it.

    Set up CSF, and do check server security and fix the warnings, install: ConfigServer Explorer, ConfigServer Mail Manage, ConfigServer Mail Queues and ConfigServer ModSec Control.

    And a bit more but that's the drift of hardening your server.

  12. #12
    Join Date
    Apr 2006
    Location
    Bogota, Colombia
    Posts
    215

    Thumbs up

    Ultimateservermanagement.com is a good company. They will help you no doubt. No cheap.

Similar Threads

  1. Can my blog be hacked on shared hosting if my neighbour is hacked?
    By zobe in forum Hosting Security and Technology
    Replies: 17
    Last Post: 03-10-2011, 04:09 AM
  2. Server hacked : how can I find out how they are uploading files to my server?
    By listenmirndt in forum Hosting Security and Technology
    Replies: 4
    Last Post: 04-14-2007, 12:44 PM
  3. Replies: 6
    Last Post: 08-24-2006, 04:11 PM
  4. Plesk server hacked, hiring to move clients to new server
    By DaveNET in forum Employment / Job Offers
    Replies: 3
    Last Post: 07-30-2005, 09:56 PM
  5. Replies: 5
    Last Post: 08-05-2001, 10:50 PM

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •