Thread Rating:
  • 0 Vote(s) - 0 Average
  • 1
  • 2
  • 3
  • 4
  • 5
Guide: Prevent Websites From Hackers Attack
#1
Hi SF,
I found this article and I decided to share it with you.
Source: Here

WARNING: I DID NOT SCAN THE FILES FOR DOWNLOAD IN THIS THREAD, BUT I'M SURE THEY VIRUS FREE.
------------------------------------------------------------------

Any website owner’s fear would be his website getting hacked and this is a regular incident because of security flaw’s in their website. There are several types of hacking attacks and several reasons why these hackers attack your website’s or servers. Here are some hacking types which are commonly found with the solution’s for the same. Always having a online backup of all your important data is very good because it can help you out in case you end up losing everything.

XSS Hacking :

XSS Hacking is nothing but ‘Cross site scripting’ which is a security vulnerability found on different websites where in the hackers gain access to website’s and their servers because they are not secured and most important reason is the usage of input forms. Many websites have a contact form where they use any freely available script for getting contact queries but they accept HTML format sometimes which should be avoided. Generally by filtering the input data on the web forms along with validations can keep you on a safe side. To avoid these attacks you should filter out dangerous characters from the code of your input application forms. You can also download this application – CSS Scanner (I did not scan it, download if you want) which allows you to scan any web application / website for XSS Vulnerability. It scans for many multiple exploits and make sures your webpages are secured against XSS Hacking.

[Image: Website-Hacking-XSS-Report.gif]

Hacking for Secure/Financial Data :

Some websites are hacked by hackers for stealing or gaining access to your very important secured data which can be like the customers credit card numbers, their contact details, exployees/corporate financial data etc which these hackers again use for making money or selling away to others. Generally customer contact information is very important because it can be used in many ways by marketing companies for promoting their products and they can get these databases for cheap from hackers or else by hacking into other companies secured databases. Hackers even hack into financial related websites like online banks, payment processing websites, shopping sites and gain access to others accounts and either make purchases on others behalf using the credit card’s linked to the account or else they transfer the hacked accounts funds to some new accounts and finally withdraw the money.

Solution – You should always check out if the website you are logging into is secured and has a encryption which means that whatever data you send is encrypted and again decrypted on the website’s server. These secured websites generally have a https URL example – https://www.paypal.com with a 128 bit+ security level. You can find the Security Information for any website by Right Clicking anywhere in the page and clicking on ‘View Page Info’ > Security Tab.

[Image: Secured-Website-Information.jpg]

Setting Up Phishing Sites

These hackers try to gain access to your servers in order to use the available resources for setting up phishing sites and get private information of web users. The hackers try to first gain access to other’s servers and setup temporary websites. Mostly these guys setup clone websites which look like the original ones and the users are asked to login to these websites in order to continue, and people dont really have any idea on what they are doing and they end up losing their login details to these hackers.

Solution – Never click on any link you receive in your email which is related to your financial accounts. Example you get emails with fake invoices, fake payment sent/recieved messages, along with a process to click on the URL and sign in to your account for getting more details. This can be a phishing website and generally Firefox & IE would block these websites automatically but with the hackers setting up multiple sites instantly it can be hard to trace them out in the initial days.

Internet Explorer has a built-in Phishing Filter under the Tools using which you can manually check out any website.
Setup Phishing Filter in IE
[Image: Setup-Phishing-Filter.gif]

TurnOn Phishing Filter
[Image: TurnOn-Phishing-Filter.gif]
Phishing Filter Internet Explorer Options
[Image: Internet-Explorer-Phishing-Filter.jpg]

Hacking for SEO Benefits

Hackers dont always hack for causin harm, but there are black hat seo’s who hack into your website in order to gain access to all your pages and take SEO advantages of this. These people try to promote their websites using the victim’s websites by inserting their website’s links on the pages and getting backlink’s from them. This is useful for them since they dont need to pay anything to the website’s owner for getting listed, whereas the website owner does not even have a idea if his website is compromised and if he has to get rid of those links as soon as possible. These links are not only harmful for the victim’s search engine rankings but also does harm their websites overall because they can also be listen under harmful website’s category.

Solution – Get a Google Webmasters Tool Account and add your website. You need to verify the ownership of your website in order to recieve messages from the Google Search Quality Team. They usually report you with a detailed message of the links found on your website and you are given around 30days time for removing those links from your web pages or else you can expect your website to be de-indexed from the search engines.

[Image: hidden-links-website.jpg]

Hacking for Free Bandwidth Usage :

There are several hackers who in order to save their hosting bills try to hack others servers and host their files. There are many reason why would hackers need your bandwidth with the most regular one being that it costs them nothing and its free bandwidth where they are share their illegal files easily. This is originally bandwidth abuse and they normally distribute illegal version of softwares or other digital products with the server owner not aware of anything.

Solution – Try to check out your server logs regularly for any unknown logins to the server. If you cannot do this you can hire a support team which can regularly update your server to the latest stable version and apply security patches wherever required.

[Image: Website-Bandwidth-Exceeded.jpg]


Important suggestions

1.Always use a Antivirus for your server and run it on a schedule in order to make sure there are no virus on your server, which can harm your website’s content. Also these virus would be again distributed among your website visitors, so you need to make sure your server is perfect in terms of security.
2.Using the best antivirus software on your computer, to make sure all the files available on your drives is safe to upload them on your server. If you upload files which are already compromised then you would be again sharing virus with your visitors.
3.Detect and Scan for Adwares
4.Prevent Email Hacking
5.Detect & Scan for Computer Virus
6.Detect Computer Malware
7.Avoid Password Hacking
8.Detect & Remove Trojans
---------------------------------------------------------

Hope it will help this community!

Cheers
[Image: f_pgfbb4em_bde9974.png]
Reply
#2
Nice guide, thanks for sharing it with us.. Big Grin
Reply
#3
HEllo So.Liberty

gud tut but u must read the rules

NO HACKING - hacking is disabled by omni..
[Image: 2d75599e9a.png]:superman:
Reply
#4
IT's hacking? I thought it was how to protect you against them...

IT's not about hacking...it's about how to prevent, i know that when you read the sections of the text, it seems to be an article of hacking but itt's not, these are the methods the hackers are gaining acces to the website and data etc..
[Image: f_pgfbb4em_bde9974.png]
Reply
#5
Thanks for sharing.
[Image: mint.png]
Reply
#6
No problem, but everybody, do you agree that's not a hacking thread?
[Image: f_pgfbb4em_bde9974.png]
Reply
#7
Well, I interpreted it as a guide to prevent hackers.

Nicely done.
[Image: SF1d.gif]

Real knowledge is to know the extent of one's ignorance - Confucius
------------------------------------------------------------------
Reply
#8
Nice share i think this is more of a prevention against thread.
Dell XPS 630i 6gigs IntelCore2duo e8400 ATI Radeon HD 4850!

[Image: ildE.gif]Feed Us![Image: KcXT.gif]
Reply
#9
Thanks apparatus and UID and btw you got a nice comp apparatus! xD
[Image: f_pgfbb4em_bde9974.png]
Reply
#10
(10-14-2009, 02:26 AM)So.Liberty Wrote: Thanks apparatus and UID and btw you got a nice comp apparatus! xD

No probs, and you know, I would really like one of those nijna-type, game-ready, heavy graphics processing rigs myself, that I drool over in magazines..;)

But they seem to be getting cheaper every month, so maybe I'll get one at some point, when this one breaks down
[Image: SF1d.gif]

Real knowledge is to know the extent of one's ignorance - Confucius
------------------------------------------------------------------
Reply


Possibly Related Threads…
Thread Author Replies Views Last Post
  What Can Someone Do With Your IP Address and How to Prevent? tk-hassan 0 1,258 08-23-2020, 11:57 PM
Last Post: tk-hassan
  [TuT]How To Prevent Password Stealers SlimDeath 16 4,001 11-27-2011, 09:21 AM
Last Post: New Jersey
  List Of Scam Websites Liberty 25 8,220 04-06-2011, 06:19 AM
Last Post: Stiggie
  [Guide]Very basic guide for general security Zurmi 14 6,904 11-02-2010, 10:28 AM
Last Post: Zurmi
  Angry: my adult websites are blocked, Help! Resistance 8 3,480 10-23-2010, 10:35 AM
Last Post: GuJJu

Forum Jump:


Users browsing this thread: 2 Guest(s)