{"id":1015,"date":"2013-11-19T09:42:37","date_gmt":"2013-11-19T15:42:37","guid":{"rendered":"http:\/\/www.poweradmin.com\/blog\/?p=1015"},"modified":"2015-10-21T13:06:12","modified_gmt":"2015-10-21T18:06:12","slug":"3-signs-that-your-web-servers-security-has-been-compromised","status":"publish","type":"post","link":"https:\/\/www.poweradmin.com\/blog\/3-signs-that-your-web-servers-security-has-been-compromised\/","title":{"rendered":"3 Signs Your Web Server\u2019s Security has been Compromised"},"content":{"rendered":"

\"Web<\/a>More than ever, businesses have to be careful of attacks on servers and business networks to ensure that their data, and that of their customers\u2019, are fully protected. This is especially true of sensitive data such as credit card and personal details, especially as a failure to protect this could incur a hefty fine when it comes to <\/span>getting your audits<\/span><\/a> carried out.<\/span><\/span><\/span><\/p>\n

<\/h2>\n

Tips to Help to Check out Web Server Integrity<\/strong><\/span><\/span><\/span><\/h2>\n

Attacks on servers happen, and unfortunately, all too frequently \u2013 so for any anyone out there who is suspicious that the integrity of their <\/span>web server<\/span><\/a> may have been compromised \u2013 here are a few tips on how you can check it out.<\/span><\/span><\/span><\/p>\n

Sitting Ducks<\/strong><\/span><\/span><\/span><\/h2>\n

Generally speaking, web servers pose easy targets to hackers. They are online most of the time and they provide a gateway to the rest of the internal computer network. A piece of malware can be dumped anywhere in the network, do its evil deed and cause appropriate mayhem. Then it can be detected and removed. But if the way that the hacker got in via the server isn\u2019t spotted, it\u2019s oh so easy for the hacker to get in again to cause more trouble. Not to mention what he actually gets up to while he has the access.<\/span><\/span><\/span><\/p>\n

#1: Beware of Web Shells<\/strong><\/span><\/span><\/span><\/h2>\n

Web shells are a method that hackers use to get executable files into someone else\u2019s computer network. They are \u201cdelivered\u201d over the web and are usually text files that have an appropriate extension (php or cmd.aspx) that coincides with the extension(s) used by the host server. Once inserted into the server, by viewing the web shell, the hacker can then see the code he\/she needs in order to be able to talk to the underlying system.<\/span><\/span><\/span><\/p>\n

Compromised Web Shell Checks<\/strong><\/span><\/span><\/span><\/h2>\n

Here are a few tell-tale signs to check for that will indicate your system has been tampered with by inserting web shells.<\/span><\/span><\/span><\/p>\n