Reshmonu.com hacked
Got a call from Reshmonu a few days ago to examine his website which was acting up. Turn outs that it got hacked. The hackers trashed his Flash index file, and left a message indicating their anti-Israel sentiments. Thankfully he still had access to the server, and we helped him to put up a quick message as an interim measure.
The machine hosting his website is a shared Windows server, running Frontpage extensions. It's very likely that the intrusion was caused by a weak FTP password.
Security issues like these are a constant threat to any web presence, irrespective of its scale. For small websites (e.g. FTP-based on shared servers), I would always recommend sticking to the following policy:
The machine hosting his website is a shared Windows server, running Frontpage extensions. It's very likely that the intrusion was caused by a weak FTP password.
Security issues like these are a constant threat to any web presence, irrespective of its scale. For small websites (e.g. FTP-based on shared servers), I would always recommend sticking to the following policy:
- Never trust anyone else with passwords
- Always change your passwords (bimonthly at the very least), and keep them random
- Use a tool like Password Safe to keep track of your passwords
- Never transmit passwords via voice/email/IM -- if you have to transmit passwords to someone else, opt for one-way SMS
- Never transmit the username and password (and other credentials) together -- always transmit the password independently
From a list of 100,000 passwords for a German dating site, we learn that 123456 works 1.4% of the time and that 2.5% of all passwords begin with 1234.If you're in the mood for more reading material, check out the comprehensive Wikipedia article on weak passwords.
posted by Praveen at
12:19 PM
2 Comments:
You mean people actually visit that fella's website? LOL
LOL! so bad la u gallicanter...LOL!!..anyway I enjoy Reshmonu's music. pretty cool!
Post a Comment
<< Home