I Got Haxx0r3d

My dedicated Linux server was hacked a few days ago. Specifically, someone managed to compromise Apache by way of an outdated PHP-based application that a hosting client of mine had installed. The hacker planted a script that tied up the system doing nefarious things such as portscans of other machines. My hosting provider shut down the server, but neglected to tell me what had happened.

After punching a hole through the illiterate frontline support technicians, I finally got through to someone who told me what was up. I was able to clean up the mess and uninstall the vulnerable application. I have also contracted some security experts to harden the machine for me and help prevent this sort of thing from happening again.

I will also be keeping a closer eye on scripts that get installed on the server, making sure they are all patched with the latest updates of everything.

I am glad this wasn’t worse. It could have turned into a defacement or total crippling of the server. Not that I don’t have backups, but it would have been much more time consuming to fix.

In order to maintain communication with my clients during the downtime, I moved this site to a different server quickly, and took the liberty of setting up the latest version of WordPress, along with a spiffy new theme.

Enjoy.

About Will Chatham

Will Chatham is an Information Security Analyst, OSCP, Ethical Hacker, and Penetration Tester at a federal data center in Asheville, NC. Since Netscape 2.0, he has worked in a wide array of environments including non-profit, corporate, small business, and government. His varied background, from developer to search engine optimizer to security professional, has helped him build a wide range of skills that help those with whom he works and teaches.
Bookmark the permalink.

3 Comments

  1. The forum is dead. Long live the forum

  2. Frank N Beanz

    Long live the forum…may it rest in peazizzle….and stuff

  3. Frank N Beanz

    m3 thinks chuck did it…

Leave a Reply