{"id":1123,"date":"2013-12-02T10:47:25","date_gmt":"2013-12-02T16:47:25","guid":{"rendered":"http:\/\/www.poweradmin.com\/blog\/?p=1123"},"modified":"2014-03-27T15:45:12","modified_gmt":"2014-03-27T20:45:12","slug":"3-signs-that-your-web-servers-security-has-been-compromised-part-2","status":"publish","type":"post","link":"https:\/\/www.poweradmin.com\/blog\/3-signs-that-your-web-servers-security-has-been-compromised-part-2\/","title":{"rendered":"3 Signs Your Web Server\u2019s Security has been Compromised &#8211; Part 2"},"content":{"rendered":"<div style=\"visibility: hidden;\">\n\t<span style=\"font-size:14px;\"><span style=\"font-family: arial,helvetica,sans-serif;\"><a href=\"http:\/\/www.codeproject.com\/script\/Articles\/BlogFeedList.aspx?amid=10057313\" rel=\"nofollow\" style=\"display:none;\" target=\"_blank\">Code Project<img class=\"extlink-icon\" src=\"https:\/\/www.poweradmin.com\/blog\/wp-content\/plugins\/external-links-nofollow-open-in-new-tab-favicon\/images\/extlink.png\"><\/a><\/span><\/span>\n<\/div>\n<p>\n\t<span style=\"font-size:16px;\"><span style=\"font-family: tahoma,geneva,sans-serif;\">Cont'd from \"<a href=\"http:\/\/www.poweradmin.com\/blog\/3-signs-that-your-web-servers-security-has-been-compromised\/\"><span style=\"color:#0000FF;\">3 Signs that your Web Server\u2019s Security has been Compromised<\/span><\/a>\"<\/span><\/span>\n<\/p>\n<h2>\n\t<span style=\"color:#008000;\"><span style=\"font-size: 16px;\"><span style=\"font-family: tahoma,geneva,sans-serif;\"><strong>#2: Check-out the Admin Interfaces<\/strong><\/span><\/span><\/span><br>\n<\/h2>\n<p>\n\t<span style=\"color:#696969;\"><span style=\"font-size: 16px;\"><span style=\"font-family: tahoma,geneva,sans-serif;\">Most web applications have some sort of administrative interface. These can be used as an ideal way of allowing hackers into your system. Hackers are often able to manipulate any inherent weaknesses when it comes to password details. It\u2019s surprising how many web applications have this fault. Here\u2019s what to look out for to try and spot illegal access.<\/span><\/span><\/span>\n<\/p>\n<ul>\n<li>\n\t\t<span style=\"color:#696969;\"><span style=\"font-size: 16px;\"><span style=\"font-family: tahoma,geneva,sans-serif;\">Has an account has a recent update or modification?<\/span><\/span><\/span>\n\t<\/li>\n<li>\n\t\t<span style=\"color:#696969;\"><span style=\"font-size: 16px;\"><span style=\"font-family: tahoma,geneva,sans-serif;\">Are there a significant number of failed log-in attempts?<\/span><\/span><\/span>\n\t<\/li>\n<li>\n\t\t<span style=\"color:#696969;\"><span style=\"font-size: 16px;\"><span style=\"font-family: tahoma,geneva,sans-serif;\">Look for any odd looking changes to the configuration of applications<\/span><\/span><\/span>\n\t<\/li>\n<li>\n\t\t<span style=\"color:#696969;\"><span style=\"font-size: 16px;\"><span style=\"font-family: tahoma,geneva,sans-serif;\">Check out any alterations to event schedules<\/span><\/span><\/span>\n\t<\/li>\n<li>\n\t\t<span style=\"color:#696969;\"><span style=\"font-size: 16px;\"><span style=\"font-family: tahoma,geneva,sans-serif;\">Look for any unscheduled events e.g. deployment of a .war file in a Java application<\/span><\/span><\/span>\n\t<\/li>\n<\/ul>\n<h2>\n\t<span style=\"color:#008000;\"><span style=\"font-size: 16px;\"><span style=\"font-family: tahoma,geneva,sans-serif;\"><strong>#3: Being Meticulous<\/strong><\/span><\/span><\/span><br>\n<\/h2>\n<p>\n\t<span style=\"color:#696969;\"><span style=\"font-size: 16px;\"><span style=\"font-family: tahoma,geneva,sans-serif;\">Most hackers will use their own individual knowledge and skill set to gain access to your web server and network.\u00a0 They will probe their way around the various web applications and in doing so will leave some tell-tale signs behind. An alert IT professional can spot these signs by carrying out regular, meticulous searches. When searching, you should take the following criteria into account:<\/span><\/span><\/span>\n<\/p>\n<ul>\n<li>\n\t\t<span style=\"color:#696969;\"><span style=\"font-size: 16px;\"><span style=\"font-family: tahoma,geneva,sans-serif;\">Are there any 500 errors in any of the web applications?\u00a0 (SQL injections errors; read or write path errors; permission errors)<\/span><\/span><\/span>\n\t<\/li>\n<li>\n\t\t<span style=\"color:#696969;\"><span style=\"font-size: 16px;\"><span style=\"font-family: tahoma,geneva,sans-serif;\">Look for web server access to any corporate or confidential data<\/span><\/span><\/span>\n\t<\/li>\n<li>\n\t\t<span style=\"color:#696969;\"><span style=\"font-size: 16px;\"><span style=\"font-family: tahoma,geneva,sans-serif;\">Check to see if anyone has accessed the system via a Google inurl:foo:exr:bar search<\/span><\/span><\/span>\n\t<\/li>\n<li>\n\t\t<span style=\"color:#696969;\"><span style=\"font-size: 16px;\"><span style=\"font-family: tahoma,geneva,sans-serif;\">Check out ant large occurrences of 404 \u201cpage not found\u201d errors<\/span><\/span><\/span>\n\t<\/li>\n<\/ul>\n<h2>\n\t<span style=\"color:#008000;\"><span style=\"font-size: 16px;\"><span style=\"font-family: tahoma,geneva,sans-serif;\"><strong>Keeping Alert<\/strong><\/span><\/span><\/span><br>\n<\/h2>\n<p style=\"text-align: center;\">\n\t<span style=\"color:#696969;\"><span style=\"font-size: 16px;\"><span style=\"font-family: tahoma,geneva,sans-serif;\">The majority of attacks on web servers don\u2019t get spotted. They don\u2019t always manifest themselves in the way you might expect. They may for example rob you of some of your bandwidth and use your server to attack others. But the better the hacker, the more unlikely he\/she is to be virtually undetectable, until it\u2019s too late. Luckily for us many hackers are \u201chacks\u201d (sometimes referred to as Script Kiddies). In other words they\u2019re not that clever. This means that the checks we\u2019ve discussed above, will, nine times out of ten, enable you to detect whether or not your web server has indeed been compromised. Being on the alert is the key.<\/span><\/span><\/span>\n<\/p>\n<p>\n\t<span style=\"color:#696969;\"><span style=\"font-size: 16px;\"><span style=\"font-family: tahoma,geneva,sans-serif;\">Of course, you don\u2019t have to do all of this yourself and there are software applications that can do all of this and more for you to ensure that all of your <a href=\"http:\/\/www.poweradmin.com\/servermonitor\" target=\"_self\">network, storage, files and disks are monitored 24\/7<\/a>.<\/span><\/span><\/span>\n<\/p>\n<p>\n\t<span style=\"font-size:16px;\"><span style=\"font-family: tahoma,geneva,sans-serif;\"><span style=\"color:#696969;\">To see what we here at Power Admin can do for you, why not give us a call, download a free trial or contact us via the <\/span><a href=\"http:\/\/www.poweradmin.com\/contact.aspx\"><span style=\"color:#696969;\">online form<\/span><\/a><span style=\"color:#696969;\">.<\/span><\/span><\/span>\n<\/p>\n<p>\n\t<a href=\"http:\/\/www.twitter.com\/home?status=RT:%20@poweradmn%203%20Signs%20that%20Your%20Web%20Server%20Security%20has%20been%20Compromised%20http:\/\/www.poweradmin.com\/blog\/3-signs-that-your-web-servers-security-has-been-compromised\/?ref=blog\" onclick=\"window.open(this.href, '', 'resizable=no,status=no,location=no,toolbar=no,menubar=no,fullscreen=no,scrollbars=no,dependent=no,width=600,height=400'); return false;\" rel=\"nofollow\" style=\"\" target=\"_blank\" title=\"\"><img loading=\"lazy\" decoding=\"async\" alt=\"Tweet this\" class=\"alignnone size-medium wp-image-1028\" height=\"75\" src=\"https:\/\/www.poweradmin.com\/blog\/wp-content\/uploads\/2013\/11\/tweet-this-article-button-large-300x75.png\" style=\"\" title=\"\" width=\"300\" srcset=\"https:\/\/www.poweradmin.com\/blog\/wp-content\/uploads\/2013\/11\/tweet-this-article-button-large-300x75.png 300w, https:\/\/www.poweradmin.com\/blog\/wp-content\/uploads\/2013\/11\/tweet-this-article-button-large.png 310w\" sizes=\"auto, (max-width: 300px) 100vw, 300px\"><img class=\"extlink-icon\" src=\"https:\/\/www.poweradmin.com\/blog\/wp-content\/plugins\/external-links-nofollow-open-in-new-tab-favicon\/images\/extlink.png\"><\/a>\n<\/p>\n<p>\n\t<a href=\"https:\/\/plus.google.com\/share?url={https:\/\/www.poweradmin.com\/blog\/3-signs-that-your-web-servers-security-has-been-compromised\/}\" onclick=\"javascript:window.open(this.href,'', 'menubar=no,toolbar=no,resizable=yes,scrollbars=yes,height=600,width=600');return false;\" rel=\"nofollow\" target=\"_blank\"><img loading=\"lazy\" decoding=\"async\" alt=\"Share on Google+\" class=\"alignnone size-full wp-image-1051\" height=\"75\" src=\"https:\/\/www.poweradmin.com\/blog\/wp-content\/uploads\/2013\/11\/google-plus-this-article-button-large2-300x75.png\" style=\"\" title=\"\" width=\"300\"><img class=\"extlink-icon\" src=\"https:\/\/www.poweradmin.com\/blog\/wp-content\/plugins\/external-links-nofollow-open-in-new-tab-favicon\/images\/extlink.png\"><\/a>\n<\/p>\n<p>\n\t\u00a0\n<\/p>\n<p>\n\t<span style=\"font-size:12px;\"><span style=\"color: rgb(128, 128, 128);\">Photo Credit: <\/span><a href=\"http:\/\/www.flickr.com\/photos\/77519207@N02\/6818192898\/\" rel=\"nofollow\" target=\"_blank\"><span style=\"color: rgb(128, 128, 128);\">elhombredenegro<\/span><img class=\"extlink-icon\" src=\"https:\/\/www.poweradmin.com\/blog\/wp-content\/plugins\/external-links-nofollow-open-in-new-tab-favicon\/images\/extlink.png\"><\/a><span style=\"color: rgb(128, 128, 128);\"> via <\/span><a href=\"http:\/\/compfight.com\" rel=\"nofollow\" target=\"_blank\"><span style=\"color: rgb(128, 128, 128);\">Compfight<\/span><img class=\"extlink-icon\" src=\"https:\/\/www.poweradmin.com\/blog\/wp-content\/plugins\/external-links-nofollow-open-in-new-tab-favicon\/images\/extlink.png\"><\/a><span style=\"color: rgb(128, 128, 128);\"> <\/span><a href=\"http:\/\/creativecommons.org\/licenses\/by\/2.0\/\" rel=\"nofollow\" target=\"_blank\"><span style=\"color: rgb(128, 128, 128);\">cc<\/span><img class=\"extlink-icon\" src=\"https:\/\/www.poweradmin.com\/blog\/wp-content\/plugins\/external-links-nofollow-open-in-new-tab-favicon\/images\/extlink.png\"><\/a><\/span><\/p>\n","protected":false},"excerpt":{"rendered":"<p>Code Project Cont&#8217;d from &#8220;3 Signs that your Web Server\u2019s Security has been Compromised&#8221; #2: Check-out the Admin Interfaces Most web applications have some sort of administrative interface. These can be used as an ideal way of allowing hackers into your system. Hackers are often able to manipulate any inherent weaknesses when it comes to [&hellip;]<\/p>\n","protected":false},"author":2,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[4,5,13,9,8],"tags":[],"class_list":["post-1123","post","type-post","status-publish","format-standard","hentry","category-general-it","category-how-to","category-pc-security","category-technical","category-windows"],"aioseo_notices":[],"_links":{"self":[{"href":"https:\/\/www.poweradmin.com\/blog\/wp-json\/wp\/v2\/posts\/1123","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.poweradmin.com\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.poweradmin.com\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.poweradmin.com\/blog\/wp-json\/wp\/v2\/users\/2"}],"replies":[{"embeddable":true,"href":"https:\/\/www.poweradmin.com\/blog\/wp-json\/wp\/v2\/comments?post=1123"}],"version-history":[{"count":5,"href":"https:\/\/www.poweradmin.com\/blog\/wp-json\/wp\/v2\/posts\/1123\/revisions"}],"predecessor-version":[{"id":1835,"href":"https:\/\/www.poweradmin.com\/blog\/wp-json\/wp\/v2\/posts\/1123\/revisions\/1835"}],"wp:attachment":[{"href":"https:\/\/www.poweradmin.com\/blog\/wp-json\/wp\/v2\/media?parent=1123"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.poweradmin.com\/blog\/wp-json\/wp\/v2\/categories?post=1123"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.poweradmin.com\/blog\/wp-json\/wp\/v2\/tags?post=1123"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}