Hacked? How do I find out how?
Posted: Tue Jan 05, 2010 6:52 am
Hey, long time no posting but I think you guys can help me
One of the websites I run recently got a nice bit of nasty javascript put on the index page. Now, I have no idea how this happened but I really would like to find out.
I don't think they could have guessed the password since it was just a random bunch of letters and numbers and symbols. The server has 3 websites running on it but only the 1 was affected. Its a dedicated box with just those 3 sites on it and I have root and all that jazz.
So, how do I start tracking down the hole? How can I even find out what IP made that change? Where do I start?
One of the websites I run recently got a nice bit of nasty javascript put on the index page. Now, I have no idea how this happened but I really would like to find out.
I don't think they could have guessed the password since it was just a random bunch of letters and numbers and symbols. The server has 3 websites running on it but only the 1 was affected. Its a dedicated box with just those 3 sites on it and I have root and all that jazz.
So, how do I start tracking down the hole? How can I even find out what IP made that change? Where do I start?