Ce diaporama a bien été signalé.
Nous utilisons votre profil LinkedIn et vos données d’activité pour vous proposer des publicités personnalisées et pertinentes. Vous pouvez changer vos préférences de publicités à tout moment.
L33T H4X0RzL33T H4X0Rz
How did (s)he get into my site?
Or am I safe? “Are you sure…?”
How can I prevent it? How can I fix ...
Importance of encryption (HTTPS – SSL)
» As promised: WIFI-sniffing…
› HTTP versus HTTPS
› FTP versus sFTP
› Telnet versus...
How easy it is...
» How to hack a joomla site prior to Joomla 3.6.4
› https://www.exploit-db.com/exploits/40637/
› joomraa...
How can I see if my site is hacked?
» Because they want you to see… (defacement)
» Because your server is being heavily (a...
Hacking history
» Hacking for fun
» Ideology
» Hacking for money
› Botnet
› Sending out spam
› DDOS-attacks
› Bitcoin mini...
Where to attack...
» OSI Network layers
» PEBCAK
Misconception N° 1 : My site is not attacked
» Professional (criminal) hackers get rich through not getting caught
› They ...
Misconception N° 2 : Logs are heard to read
» 127.0.0.1 = IP address of client (remote host)
» – = (unknown: hyphen) ident...
Misconception N° 3 : You’re not stupid if they get you
» Social Engineering
› https://youtu.be/F78UdORll-Q?t=1m25s
» Ninja...
Digital hygiene for you as a web admin
» Train your clients
› Use safe passwords
› Don’t share passwords – add users
» Don...
Digital hygiene for your website
» Use a reliable hosting company
» It’s not always better if you do it yourself
» Do your...
FCW – CC BY SA 4.0
» This is a free cultural work (freedomdefined.org)
» … it is available under Creative Commons Share-Al...
Questions?
Keep your logs...
» Store your access logs long enough… (screenshot Siteground)
› Download to your computer
› Or keep them...
Prochain SlideShare
Chargement dans…5
×

L33t h4x0rz

184 vues

Publié le

How did (s)he get into my site? How to prevent getting hacked.

Publié dans : Internet
  • Soyez le premier à commenter

  • Soyez le premier à aimer ceci

L33t h4x0rz

  1. 1. L33T H4X0RzL33T H4X0Rz How did (s)he get into my site? Or am I safe? “Are you sure…?” How can I prevent it? How can I fix it?
  2. 2. Importance of encryption (HTTPS – SSL) » As promised: WIFI-sniffing… › HTTP versus HTTPS › FTP versus sFTP › Telnet versus SSH › IMAP with or without SSL https://www.youtube.com/watch?v=r0l_54thSYU&t=143s
  3. 3. How easy it is... » How to hack a joomla site prior to Joomla 3.6.4 › https://www.exploit-db.com/exploits/40637/ › joomraa.py › Replace innocent payload with dangerous stuff… › Show content of configuration.php › Send configuration.php to some remote location (e.g. a pastebin) › Incorporate in a botnet › Send out spam › ... ›
  4. 4. How can I see if my site is hacked? » Because they want you to see… (defacement) » Because your server is being heavily (ab)used… » Because they’re fighting for your site… › Some hacker could even update your site… › … to prevent other hackers from getting in (and stealing their turf) » Because you bumped into something suspicious (by accident) » Because your host contacted you (good host!) » Because you read your server logs… » A good hack(er) remains invisible
  5. 5. Hacking history » Hacking for fun » Ideology » Hacking for money › Botnet › Sending out spam › DDOS-attacks › Bitcoin mining › Stealing data › Keyloggers › Webcam & microphone › Penetration testing
  6. 6. Where to attack... » OSI Network layers » PEBCAK
  7. 7. Misconception N° 1 : My site is not attacked » Professional (criminal) hackers get rich through not getting caught › They love you when you have a flexible server (e.g. Amazon S3 cloud) » Check your logs – all sites get attacked all the time Wordpress links on a Joomla site?
  8. 8. Misconception N° 2 : Logs are heard to read » 127.0.0.1 = IP address of client (remote host) » – = (unknown: hyphen) identity of the client (unreliable) » Frank = userid of person requesting document (inside network) » [10/Oct/2000:13:55:36 -0700] = Moment of request » "GET /apache_pb.gif HTTP/1.0" = Request sent to server » 200 = Status code server sent back » 2326 = size in bytes of packet returned » Easy to read, but big data… analysis is difficult › SEO › Network analysis › Penetration › …
  9. 9. Misconception N° 3 : You’re not stupid if they get you » Social Engineering › https://youtu.be/F78UdORll-Q?t=1m25s » Ninja’s in the street › https://youtu.be/F78UdORll-Q?t=9m23s » So you have a sticker over your webcam › … how about your mic? › … how about your smartphone? » You are not a target › your website/server could be more interesting
  10. 10. Digital hygiene for you as a web admin » Train your clients › Use safe passwords › Don’t share passwords – add users » Don’t (over)charge to add users (it’s better than sharing passwords) » Don’t connect using FTP, HTTP » Don’t use public WiFi for confidential tasks (it can be spoofed) » Use third parties where you are not an expert » Use reliable extension & template developers » “Remember Password” also sends out your password!
  11. 11. Digital hygiene for your website » Use a reliable hosting company » It’s not always better if you do it yourself » Do your updates (core + extensions) › Use well supported extensions » Disable or remove unused extensions » Enable 2 factor authentication if possible » Make and test backups › before every update › after every big content update › Not stored on the server » Use HTTPS (and SFTP or SSH to connect) › Check your SSL: https://www.ssllabs.com
  12. 12. FCW – CC BY SA 4.0 » This is a free cultural work (freedomdefined.org) » … it is available under Creative Commons Share-Alike Attribution license. › Feel fre to › … share the work › … edit, tweak, improve the work › Please do respect these conditions: › Attribution › Place a link to the original work › Share your work under this license too
  13. 13. Questions?
  14. 14. Keep your logs... » Store your access logs long enough… (screenshot Siteground) › Download to your computer › Or keep them on the server

×