troubleshooting Question

Anybody heard of websites hacked with random url's embedded in HTML?

Avatar of SteveK2003
SteveK2003 asked on
Security
14 Comments5 Solutions502 ViewsLast Modified:
I maintain a small website for 2 friends & relatives' home businesses.  Yesterday, I received a call saying that the website "looked strange".  So I checked and sure enough, each page on the website had embedded into it a seemingly random url to websites with dubious content (password hacks, gay chat rooms, yada-yada).

I checked the files on the website through the site's control panel (directadmin) and it is obvious that every HTML page has been changed.  The timestamps are all pretty much the same.

I've contact the webhost's tech support about this and their response is "your site seems to have been compromised....you should change your password".  That is all they offered by way of trying to find out what happened and how to correct the problem.  It seems to me that this is a poor response.  If someone has discovered the password for the site, what is to stop that person, or anyone else from again finding out the password?  

I'd be shocked if this was an isolated incident and didn't affect other sites hosted on the same server or on other sites at other locations.

An anyone offer help on how to track down how this may have happened, how to protect against it in the future, and what, if anything, should the webhost do to lock down these kinds of situations?  BTW, the web server runs the FreeBSD OS, if that helps.
Join the community to see this answer!
Join our exclusive community to see this answer & millions of others.
Unlock 5 Answers and 14 Comments.
Join the Community
Learn from the best

Network and collaborate with thousands of CTOs, CISOs, and IT Pros rooting for you and your success.

Andrew Hancock - VMware vExpert
See if this solution works for you by signing up for a 7 day free trial.
Unlock 5 Answers and 14 Comments.
Try for 7 days

”The time we save is the biggest benefit of E-E to our team. What could take multiple guys 2 hours or more each to find is accessed in around 15 minutes on Experts Exchange.

-Mike Kapnisakis, Warner Bros