General discussion

Locked

How can I stop all of this hacking????

By PeeJay ·
To whom it may concern:
Our local government website has been getting hacked in over and over by those damn chinese honkers or hackers or whatever. They hack in and we fix the problems, then they do it again!!!!! Is there any documentation anywhere on how to stop this? They are leaving the message "F**k USA government and F**k Poizonbox." I know the whole story I just need to know on how to stop it. Thank You very much.

This conversation is currently closed to new comments.

7 total posts (Page 1 of 1)  
| Thread display: Collapse - | Expand +

All Comments

Collapse -

How can I stop all of this hacking????

by Don Christner In reply to How can I stop all of thi ...

There isn't a magic answer for this one. All you can do is try to keep up on all of the updates that come out and close any ports that you do not need open, lock everything down that you can without closing your site.

Don

Collapse -

How can I stop all of this hacking????

by PeeJay In reply to How can I stop all of thi ...

Poster rated this answer

Collapse -

How can I stop all of this hacking????

by eBob In reply to How can I stop all of thi ...

Firewall.

Given that you are trying to protect a "government" website, I would recommend implementing a separate firewall appliance such as Cisco PIX or Nokia running Checkpoint FW-1. You setup a "DMZ" on your firewall and only let in a limited amount of traffic based on port number. That should hold them at bay.

Also setup logging on your firewall and your server(s) and run some analysis on these logs.

Also, secure the heck out of your server. Make sure there is read-only permission across most of your server.

Collapse -

How can I stop all of this hacking????

by PeeJay In reply to How can I stop all of thi ...

Poster rated this answer

Collapse -

How can I stop all of this hacking????

by Some Guy in Seattle In reply to How can I stop all of thi ...

You may not like this answer but...

The last (private) company I worked for had no business either to or from China so, after determining that a number of probes were originating from there I ended blocking a number of entire subnets at my routers that were issued to Chinese ISPs from APNIC. Wouldn't have taken care of DoS attacks had they happened, but took care of the probes (it also wouldn't have helped had they hacked some other machine and used it as a launch point).

If that is not an option...

If you have determined that these guys have a jones for your site because they have repeatedly done this, that makes the job harder. Your best bet is to visit sites like securityfocus.com, securityportal.com, and others related to computer security, including the ones that relate to hardware and software you use (especially the web site). Read about AND FOLLOW the fixes that are suggested. Keep up with fixing holes as they are discovered. Possibly employ an intrusion detection system - snort is a good free one that is constantly updated (snort.org). Let your ISP know what is going on, they may have seen this activity to other sites and may be able to legally or technologically help with preventing it. Keep a layered defense on your systems - good firewall and router rulebases, appropriate fixes and permissions to the servers.

The bottom line is, the best fix will be time - time to understand your systems and employ defenses to make it undesirable for others to exploit. No system is truly impenetrable for someone with determination, but with appropriate defenses you can make it not worth the effort for someone to break it, in which case they will hopefully move on to something easier.

Best wishes for your endeavours,

Collapse -

How can I stop all of this hacking????

by PeeJay In reply to How can I stop all of thi ...

Poster rated this answer

Collapse -

How can I stop all of this hacking????

by PeeJay In reply to How can I stop all of thi ...

This question was closed by the author

Back to Networks Forum
7 total posts (Page 1 of 1)  

Related Discussions

Hardware Forums