Quote:
|
Originally Posted by Cal813
Anyone here ever had their server hacked or compromised? I've noticed there are a lot of servers being hacked these days. Not sure if it's due to people lacking updates for their software or just leaving ports and holes open. The one and only time I was ever hacked, happen't through IPB. We basically had to take it down and put up a vB  |
I've had exactly one Linux server hacked in my life and it was due to a combination of an old 'test/test' account being left on the box and an exploit in either Apache or Horde (the damage was to great to track it down any further).
Thankfully this wasn't one of our hosting boxes, but it was still an eye opener.
If you've ever had anyone in your box doing work for you, I'd take a check through the /etc/passwd file to look for lame-O accounts like test/test. People don't do it on purpose, but sometimes you need a random account to test something with and may forget to delete it. Leaves a wide open hole for even a rudimentary brute-force attack to get through.