joined:July 31, 2006
One of my sites was hacked - hidden iframe inserted at the end. I only noticed/took care of that about a week later (updated popular forum software to latest version, 403d suspicious requests by patterns). Compared source code with backup files to determine what changes have been made by hackers to recover. Fortunately there was no db changes.
I have some programming skills, so thinking of creating a script which would create a db of filename/size, check these periodically, and send me an email in case of changes or if new files added. Sure there will have to be a lot of settings like folders to skip (downloads), etc. This approach will not take care of db-driven hacks though. I'm not security expert, so maybe such a script is a bad idea.
Another idea - have some external service to track changes to few important site pages. But this approach will not work on dynamic sites (like news etc.), will not reveal new files (backdoors/shells), and will eat traffic.
What do you do to be alerted of hacking as soon as possible?