Of all websites, online stores are perhaps the choicest targets for hackers. They have valuable user data to be stolen and sold, financial transactions to be hijacked and, with user accounts to be exploited, they make a great place to spread malware infections. They are also ideal places to use ransomware as owners are often …
2014 seemed to be the year of the hack and whittling away at website capabilities. While some hacks can serve as a mere annoyance to web hosts and their clients, others can be downright devastating for days to come. Such hacks can lead to the release of sensitive employee information and private correspondences, as was the case with the infamous Sony hack. Besides having to deal with the public, hacked companies also have to deal with the legal repercussions and potential damage to their reputation.
Just as there are hacker groups like Anonymous who use their hacking skills for good, there are those like Lizard Squad who use theirs for evil. What’s more is that some hackers aren’t above selling their skills for $ 6 a pop for an individual to unleash a DDoS attack on an unsuspecting website. As a web host and member of the IT community, you should make it a top priority to learn if your sites are vulnerable to online drive-by attacks and how you can defend yourself and your clients against them.
Marketing With Malice
Towards the end of 2014, a hacker group called Lizard Squad launched a DDoS attack against popular gaming services Xbox Live and the Playstation Network, leaving gamers and users in limbo when they attempted to sign on. Later the group admitted the attack was a type of twisted marketing campaign for a new service they were offering: the ability for anyone on the globe to launch an equally crippling DDoS attack of their own all for $ 6. For the price of a cup of Starbucks coffee someone could attack any website and knock it offline for 100 seconds. Pay $ 130 and the site would be down for eight hours.
The group got their comeuppance when they themselves were hacked and the names of their customers were released online. While the $ 6 hacking tool attracted more than roughly 14,200 individuals, only a few hundred of them actually paid for a DDoS attack of their very own. An excess 11,000 USD worth of Bitcoins were used to pay for the tool. Is it ironic that a group of hackers couldn’t keep the names of their customers safe or just plain lazy? In either case, take a lesson from Lizard Squad and make sure you take preventative and protective measures for DDoS attacks against your sites and web hosting services.
Let the Right One In
There are several things you and your clients can do to protect yourselves against DDoS attacks. The very first thing you should do is learn how to identify when you may be under any kind of hack or attack. Quick action can save you and your clients a severe headache in the future. Express the importance to your clients of learning what their average inbound traffic is so they’ll be better able to identify when their website might be under attack. It’s also a good idea to have a designated individual to respond to such an attack should one ever occur.
It’s also a good idea for you to have more bandwidth than you absolutely need for your websites. Not only is the extra bandwidth good for mitigating the effects of a hacker attack, it’s also a good way to accommodate for an unexpected spike in genuine traffic. While over-provisioning a site by one-hundred percent or ever five-hundred percent won’t be enough to stop a DDoS attack completely, it can most certainly help give you time to formulate a plan of action rather than watch as the walls of your digital Jericho come tumbling down.
After you’ve done what you can to repair and prevent the damage done by an online attack, get in touch with your ISP. If your clients notice the attack before you do, make sure they call you ASAP. It’s best that you have the emergency contact information for your ISP kept close at hand so that you don’t have to waste time scrambling to find it and potentially getting in touch with the wrong department or individual. The great thing about having a web server in a hosting center is that there are more capacity routers and bandwidth links in addition to experienced individuals who know which steps to take during an attack or hack.
If the attack is major enough, it could require the focused expertise of a DDoS mitigation company. Such companies have the resources and expertise necessary to keep a website up and running during an attack. Learn more about these companies now and which are a good match for you and your web hosting needs in order that you can take action as quickly and efficiently as possible should your sites ever come under attack.
Besides focusing on protecting regular websites, web hosts should also make sure websites that are optimized for mobile use are prepared for DDoS attacks. It’s been reported that the newest countries that will start launching DDoS attacks are Vietnam, Indonesia and India. While these countries may not yet have the capabilities to launch an attack that measures up to Lizard Squad’s, they can most certainly focus their efforts on mobile phones. With more and more people doing business and using the internet on their phones, a mobile DDoS blow can still cost a business money both from lost revenue and the money it can take to remedy and respond to such an attack.
Specifically, IT managers and internet security teams will need to make sure they develop and implement measures for multi-vectors attacks in order to avoid outages instead of utilizing volumetric methods. They’ll also need to account for swelling packet volume that can potentially bleed out into their current DDoS protective measures.
Many companies and individuals have become so used to relying on a specific website throughout their day-to-day life that suddenly not having access to that website even for a few hours can completely ruin their day. For businesses, being offline can potentially cost them thousands of dollars if their website is their only means of receiving and fulfilling orders. Keep your IT eyes on the latest developments with DDoS attacks, the hacker groups who seem to be using them the most and the steps you can take to either prevent or properly respond to such an attack.
Top image ©GL Stock Images
sec.viaves.com – private network
Video Rating: 4 / 5
Webserver Content: WordPress default page. Webserver on my LOCAL network!!! but works over the internet… 1, Detecting admin pages. 2, Scanning for open ports. 3, Scanning with WPScan for detecting WordPress version. 4, Enumerating users via WPScan. 5, Bruteforcing user with passwordfile. 6, Injecting Reverse Shell PHP (Thank’s to pentestmonkey) to one of the plugins. 7, Starting netcat and executing Reverse Shell PHP. 8, Openning wp-config.php, because it is contain the SQL Database login info. 9, Lets try to login to PHPMyadmin 10, LOL the admin is use one password for all users….. 11, Try to connect to the SSH Server with my known PHPMyadmin login. 12, And finaly change the ROOT Password…….. 13, Connect to the server as ROOT…. admin finder script: pastebin.com admin list: pastebin.com save as adminpth.txt
Video Rating: 5 / 5
SSH Feedback After bantering about our upcoming travels to Waynesville, Missouri and Toronto, Ontario and a little griping about zipit segmentation faults, we get into your feedback on recent SSH segments. Dzaztur recommends Gnome SSH Tunnel Manager. It’s a sleek front-end for managing SSH tunnels, port redirects and more. Tunnel configuration is stored in a simple XML formal, great for portability, and the tunnels can be managed individually through one simple GUI. Thanks for the tip Dzaztur Lozo points out that Mac OS-X has SSH built into the terminal, much like Linux. So true. We banter with Paul-the-camera-guy about the Mac OS-X kernel, which turns out is XNU — an accronym for X is Not Unix. So there ya go! Sp4m says if you’re running Firefox over SSH you might want to look into remote DNS lookups. By default DNS lookups aren’t done through the proxy. This can be resolved by typing about:config in the address bar, and enabling the network.proxy.socks_remote_dns setting. Thanks Sp4m. And Finally Post_Break from IamTheKiller.net points us to Secret Socks — a SSH Socks Proxy GUI front-end for Mac OS-X that he likes a ton more than SSHTunnel 1.6. [Edit: We made a mistake and called it Secure Socks in the segment] And finally we go kitteh before moving on… 00:36 Play Certificate Authentication for SSH In this segment Darren explains why certificate authentcation is a bajillion times better than password authentcation and demonstrates the configuration using Ubuntu 9.10 …
Video Rating: 4 / 5
Well-known Internet mayhem group LulzSec recently announced to its followers that it will cease its campaign of web-based attacks. The group implemented numerous DDoS (Distributed Denial of Service) attacks on a variety of targets during its 50-day spree of chaos. Many of the attacks were a result of poor security measures.
Utilizing Twitter Feeds
Ironically, the group left numerous tips on its Twitter feeds for its victims. For instance, when Fox Broadcasting was attacked, LulzSec released a Twitter update stating, “Don’t use the same password twice. Your laziness will not end well.” Another guideline announced was to not using prepaid credit cards to conduct online purchases. The slew and successful hit of targets included giant conglomerates, law enforcement agencies, governmental organizations, television networks and ATMs.
The Goal of the Mayhem
LulzSec stated in the letter that their goal was to have fun, entertain other followers and share “lulz.” During the period from May 6th, 2011 to June 26th, 2011, the group left information technology experts wondering who they will be attacking next.
One of the first attacks conducted by LulzSec occurred on May 6th, 2011. The group targeted the Fox.com website due to a leaked database of X-Factor contestants. LulzSec also defaced 14 LinkedIn accounts of Fox Broadcasting employees.
Through the 50-day period, the group harvested 3,133 individual bank account details from ATMs in England which were posted on Twitter and Pastebin. The details included machine identification number, latitude and longitude, the address, company owner and transaction amounts recently made.
Next on their list was the PBS.org website in which the group posted a fake story claiming the dead rapper Tupac Shakur was still alive in New Zealand. Also, many passwords were stolen and a number of web pages defaced. The attack was in response to a documentary on Julian Assange which displayed him in a negative light.
Sony PlayStation Network
The Sony PlayStation Network was the next target due to the lack of security measures. LulzSec stole information from 1 million user accounts to prove the company did nothing to improve their security. Other hacker groups condemned LulzSec from exposing the user data which could have led to identity theft.
The most interesting aspect of the group was their telephone hotline. By dialing 614 LULZSEC, angry callers could request a target to be DDoS’d. During its reign, the group missed more than 5,000 calls and had over 2,500 voicemails. Additionally, the group redirected phone numbers to World of Warcraft customer service, a hosting company and FBI office in Detroit. LulzSec proved their point by wreaking havoc on Internet companies and groups that they simply did not like.