I have had a Linux server here at my house for a couple of years now running a personal site i had. Someow hackers gained access to my server and i dont know what they did. I have pulled the server offline and have parked the domain. The hacker got my cell number off the whois directory! I am scared to look in the server to see what they did! I havnt been to my site in weeks! I am scared now i dont know what to do. I have already closed all the ports on my router changed my ip and took that server offline. I am going to look in the home directory to see what they did. Man I am sweating.
-
Tired of adverts on RWI? - Subscribe by clicking HERE and PMing Trailboss for instructions and they will magically go away!
I just got a call from a hacker!!
- Thread starter dawg
- Start date
do share what they did but worst case they just used your server for IP attacks or other illegal things. I would report this to the local law enforcement in case anything traces back to your IP. Specially since you did not know how long they were on it.
I found what they did. They set up a Wells Fargo page to make it look like the bank site and masked my ip with a domain name and was using that page as a phishing site to try and steal peoples bank account numbers. I have changed the ip and fixing to wipe that server out with dban. I have also closed all ports on my router. what should i do next?
1. passwords.. thats the number one cause to having an insecure server.. longer the better, upper/lower case, numbers, symbols.. all help..
2. keep up-to-date with packages/services/daemons/kernel
3. grsecurity patch for your kernel.. a must have..
4. firewall, even one on the linux server. apf is a decent firewall script that I've used.. pretty self explanatory..
5. don't have anything running on the server that you dont need.. if your not using mail, no need for it to be running, just one more thing that may be exploitable
2. keep up-to-date with packages/services/daemons/kernel
3. grsecurity patch for your kernel.. a must have..
4. firewall, even one on the linux server. apf is a decent firewall script that I've used.. pretty self explanatory..
5. don't have anything running on the server that you dont need.. if your not using mail, no need for it to be running, just one more thing that may be exploitable
he probably haven't done anything to you server.. Calling for telling you that he have hacked your site ? why would he do that 
He called you, you pulled you server offline, he won... If he wanted to turn off your website, he would have done it itself
He called you, you pulled you server offline, he won... If he wanted to turn off your website, he would have done it itself
tnik said:
Thanks tnick. i have made all the changes you suggested. My router is now closed off and that server is being wiped out now and is offline for now.
It is just a shame that these scumbags are out there doing this crap. It just sux.
Vric said:he probably haven't done anything to you server.. Calling for telling you that he have hacked your site ? why would he do that
He called you, you pulled you server offline, he won... If he wanted to turn off your website, he would have done it itself
Yes, he saw some hackers talking about it wherever they hang out and he called me. I really appreciate that guy because no telling how long it would have ran until i found out. Like i say i forget about that server and never check it.
I hear about hackers quite frequently, but I don't understand what they are doing. How do they hack into something like your own personal website?
same way they hack into your personal computer at home.. they find something that is exploitable, or something that is wide open and have their way with it.
tnik said:
Very true!! And you always say it cannot happen to you then it does. I found that out the hard way :evil:
But what is exploitable? I mean we don' need a hacker tutorial or anything, but what do they have to do to get into your system?