hosted by liquidweb


Go Back   Web Hosting Talk : Web Hosting Main Forums : Hosting Security and Technology : Cross scripting attack
Reply

Hosting Security and Technology Configuring and optimizing web hosting servers and operating systems, developing administration scripts, building servers, protecting against hackers, and general security (SSL certificates, etc.)
Forum Jump

Cross scripting attack

Reply Post New Thread In Hosting Security and Technology Subscription
 
Send news tip View All Posts Thread Tools Search this Thread Display Modes
  #1  
Old 05-10-2009, 07:19 AM
Jinii Jinii is offline
Newbie
  
Join Date: Feb 2007
Posts: 20

Cross scripting attack

On IIS6 many of thesite are under cross scripting attack I tried by remove the the code but it affects again after some time I reset the ftp password and passowrd is a combination of complex alpna numeric character.I have cheked the permission it is ok.

How you guys fight with cross dcripting attack.

Reply With Quote


Sponsored Links
  #2  
Old 05-10-2009, 07:23 AM
zoticaic zoticaic is offline
Premium Member
  
Join Date: Jun 2007
Location: Manila
Posts: 150
Raise this with the developers of the code as they wrote thet vulnerability or take down their code (not the code resulting from the XSS but the exploited script) temporarily.

Reply With Quote
  #3  
Old 05-10-2009, 07:28 AM
Jinii Jinii is offline
Newbie
  
Join Date: Feb 2007
Posts: 20
the code is already reviewed by the web developers they says that the issue is associated at server side.

Reply With Quote
Sponsored Links
  #4  
Old 05-10-2009, 07:37 AM
Harzem Harzem is offline
Community Liaison
  
Join Date: Feb 2006
Location: Istanbul, Turkey
Posts: 3,091
Then you have to give us more details about the hack. What do they hack? Which files or databases are affected? How are they affected?

__________________
Fraud Record - Stop Fraud Clients, Report Abusive Customers.
█ Combine your efforts to fight misbehaving clients.
HarzemDesign - Highest quality, well designed and carefully coded hosting designs. Not cheap though.
█ Large and awesome portfolio, just visit and see!

Reply With Quote
  #5  
Old 05-10-2009, 07:53 AM
zoticaic zoticaic is offline
Premium Member
  
Join Date: Jun 2007
Location: Manila
Posts: 150
I'd not count this totally being server side, as XSS generally occur on front-end applications with an exploitable input.

Reply With Quote
  #6  
Old 05-10-2009, 08:29 AM
Jinii Jinii is offline
Newbie
  
Join Date: Feb 2007
Posts: 20
Quote:
Originally Posted by Harzem View Post
Then you have to give us more details about the hack. What do they hack? Which files or databases are affected? How are they affected?
Most of the effected sites are php and asp based in the sites all the pages were injected with a seris of XCC1/XCC2/XCC3..... and injected with P**N url google also claimk that the site as active harmful threats.

Reply With Quote
  #7  
Old 05-10-2009, 01:38 PM
lazat lazat is offline
Junior Guru Wannabe
  
Join Date: Mar 2004
Location: Sweden
Posts: 65
Once we had a customer that got hacked the hole time. The hacker hacked the web designers computer and installed a trojan and downloded the ftp programs settings and used that to login to the account.. It took a while before we understanded how the hacker got the password that we changed a lots of times...

Reply With Quote
  #8  
Old 05-17-2009, 11:35 AM
Jinii Jinii is offline
Newbie
  
Join Date: Feb 2007
Posts: 20
Any suggestion?

Reply With Quote
  #9  
Old 05-17-2009, 12:15 PM
mwatkins mwatkins is offline
Web Hosting Master
  
Join Date: Nov 2001
Location: Vancouver
Posts: 2,416
XSS attacks (and SQL injection) are performed by shoving malicious content into a poorly written application.

You've mentioned changing FTP passwords and such; if attackers are gaining their foothold first via insecure FTP, this is not the same thing as XSS.

Which is it? Is malicious content getting in via your FTP or via the applications? If you can't determine which, you need to hire some help.

__________________
“Even those who arrange and design shrubberies are under
considerable economic stress at this period in history.”

Reply With Quote
  #10  
Old 05-17-2009, 03:40 PM
Babushka99 Babushka99 is offline
Web Hosting Master
  
Join Date: Aug 2004
Location: Karachi, Pakistan
Posts: 747
Reverse proxy in front?

__________________
"I drink too much. The last time I gave a urine sample it had an olive in it. ".
Rodney Dangerfield (from "I Get No Respect!").

Reply With Quote
Reply

Related posts from TheWhir.com
Title Type Date Posted
FireHost Report Shows Cross-Site Scripting Attacks Up 160 Percent from Q3 Web Hosting News 2013-01-30 14:43:57
FireHost Report Finds Cross-Site Attacks Trump SQL Injections in Q3 2012 Web Hosting News 2012-10-23 09:18:51
FireHost Report Shows SQL Injections Up 69 Percent Over Q1 2012 Web Hosting News 2012-07-24 16:48:13
SwaggSec Hackers Release 900 Admin Credentials from China Telecom Attack Web Hosting News 2012-06-04 15:24:03
FireHost Report Finds 80 Percent of Web Application Attacks Originate in the US Web Hosting News 2012-04-24 17:14:45


« Previous Thread | Next Thread »
Thread Tools Search this Thread
Search this Thread:

Advanced Search
Display Modes
Linear Mode Linear Mode
Postbit Selector

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts
BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off
Forum Jump
Login:
Log in with your username and password
Username:
Password:



Forgot Password?
Advertisement:
Web Hosting News:

cPanel Addresses User Concerns of Transfer and Backup Restore System Security

US Attorney says Government Should Have Warrants to Search Email

8kMiles Acquires Cloud Security Firm FuGen Solutions for $7.5 Million

Name.com Resets Customer Passwords After Security Breach

Outbound Spam Causing Sleepless Nights?

Malwarebytes Launches Data Scan-and-Backup Service

Commtouch Report: Spam, Malware Continues to Increase in Q1 2013

Researchers Urge System Admins to Check for New Apache Web Server Backdoor Malware

APWG Study Finds Phishers Increasingly Target Shared Virtual Servers

Man Arrested in Connection to Spamhaus DDoS Attacks



 

Learn more about advertising opportunities across the iNET Interactive Network.

LiquidWeb
X

Welcome to WebHostingTalk.com

Create your username to jump into the discussion!

WebHostingTalk.com is the largest, most influentual web hosting community on the Internet. Join us by filling in the form below.


(4 digit year)

Already a member?