Website keeps changing to western union

I deployed a website on a server at home and it will run fine for a few days, however it will change over to a directory browsing typ (FTP) looking site, ive noticed that PHP and some program callded we developer is installed. and i cant browse my site anymore. i have deleted these directories and then it works fine for a couple of days, then it happens again. I have done this about 3 times allready and now am unable to even RDP into it. so I just had the kid shut the whole server down. I am using Clam antivirus and linksys fire wall.  

Is there anyway to tell when this thing hijacks my server? and how do i stop it?
troy93955Asked:
Who is Participating?
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

troy93955Author Commented:
Here is screen shot

hijacked.docx
0
dgrafxCommented:
when you say "I just had the kid shut the whole server down"
this is indicative of the problem
if you're doing actual work that you make money from then you need to start working with adults ...
Thats just common sense.

Specifically - someone is able to ftp to your sever
if you need ftp - then you need to provide security (or better security)
if you don't need ftp then turn it off

good luck ...
0
Rich RumbleSecurity SamuraiCommented:
I'd suggest upgrading apache from 2.2.6 to the latest. If your using Wamp of Xampp, this is a pretty straight forward process, just point the install the the proper apache location (c:\wamp\apps\apache for instance)
Your website might have SQL injection vectors that make it easy, or you could have very lax webserver settings. Have a look at skipfish. you can find a windows build for it here:
http://www.shortinfosec.net/2010/03/compiling-latest-skipfish-for-windows.html
You can also try the XSS-me and SQL-Inject-Me plugins for firefox to test your website.
-rich
0

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
INTRODUCING: WatchGuard's New MFA Solution

WatchGuard is proud to announce the launch of AuthPoint, a powerful, yet simple, Cloud-based MFA service designed to eliminate the vulnerabilities that put your data, systems, and users at risk.

troy93955Author Commented:
dgrafx,
first of all it is a home server mainly for personnel use, and when i said kid i mean my child since she is on spring break..... i would suggest the old term "Ask First Before Hunting and Fishing on Private Property!!!!"
I did setup security but obviously I dont know what Im doing so i wrote here.
Thanks
0
troy93955Author Commented:
Thank you
0
dgrafxCommented:
I shouldn't even comment back but ...
When you say "obviously I dont know what Im doing"
thats exactly what I meant in reference to the kid.
Sorry that this turned out to be your kid - I envisioned some neighborhood skate boarder where you thought you'd be saving some $$$ - but it still applies.

But - many many developers (both here on EE and elsewhere) have "home" servers that we use for development.
We do NOT consider them to be "just" home servers even if some of the work done on them may be of a personal or non-critical nature.

You are free of course to poll developers to get an idea of what percentage would allow their kids to be in charge of their network security.
This isn't any kind of a put down to your kid or kids in general - it's just the development process of humans.
Meaning I wouldn't let my kids mess with the brake system on my Jeep (or be in charge of my network security) until they proved they knew what they were doing.

And Thank You as well ...
0
troy93955Author Commented:
My apologies, Ive only been in IT for about 5yrs, before that it was all labor...
I am like one of the only IT guys I know that does not have thier own network at home. so I am trying to figure it out, so when my site was changing to the above mentioned i was worried some one had access to my whole personsl network at home, so when i said i had the kid shut it down all it means is I called her and asked her to hold in the power button tell it turned off, that is all :)

So... can we start over? can you maybe help me set my network up at home so I can be sure i am not being hacked??? I will click follow on your profile and if you want maybe you can teach me a few things??

Anyway, Thank you for responding
0
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
OS Security

From novice to tech pro — start learning today.