Forum Moderators: phranque
ICANN returned that domain to me about a year ago, but now I see my new scripts from my another site on hacker's site. It's the same guy who stole my domain 2 years ago. I can't go to court, because this guy lives in Russia and it is almost impossible to prove he did all this things (cracked server, stole domain), because of stupid Russian laws.
But I can try to protect my server. My both cracked servers are situated in different hosting comanies. Both are Linux dedicated servers with WHM/cPanel installed.
Auto updates are on, so system software always updated. I always use HTTPS to go to cPanel or WHM. I use FTP, because my SFTP doesn't work on this server. Only I know all passwords. I use only Mac for work, protected by antivirus and software firewall. Also, I have hardware firewall.
How hacker cracks my server? I thought it's almost impossible to crack Linux server. I'm totally confused.
How can I protect my server?
If you use a hosting company, then request that they perform a full security review of your server. If it's your own server, then hire a security professional to go through it completely and find the openings being exploited.
You should immediately change all of your passwords (and I mean every one you use, everywhere -- server, Web, e-mail, forums, computer, etc. -- there's no way to tell how deeply your security has been compromised.) , and use LONG passwords with mixed uppercase/lowercase letters, numbers and valid marks (such as "!" and "_". Use only letters that do not form recognizable words.
Check all versions of script interpreters such as PERL and PHP on the server, and make sure they are updated. If you don't use them, then remove them completely (usually possible using the control panel). If you run a CMS, forum, or blogging software, do the same for them, removing anything you don't use today.
Good luck with this, and remember that even though the guy is out of reach as far as lawsuits against him personally, you can still have his site(s) removed from the major search engines by filing a DMCA notice with the search engines and any of his hosting or ISP services that comply with the WIPO treaties. Go to the individual search engines' Webmaster information pages to determine how to file a DMCA complaint, and be sure to do a thorough, complete, and correct job of filing, and provide whatever 'proof' they require. You don't want to waste your time or theirs on an incomplete filing, and of course an incorrect filing may get YOU in trouble...
Be aware that DMCA notices are public -- They are published on the Web, so consider this when entering your address and contact info... You may want to use your business name and address.
Jim
I'll change passwords. But how can I protect my server? Are web servers so harmless so any hacker beginner can crack them?
Also, I filled DMCA form in Google, but they never replied and did not banned this website, so it didn't work for me.
[edited by: trillianjedi at 1:01 pm (utc) on Mar. 18, 2007]
