Catch hacker in action

I have caught a hacker after looking through my site's FTP logs - it looks as if they have gleaned a list of passwords for several of my sites and are now connecting on a daily basis to upload spammy PHP files that perform header redirects to their sites. They always connect from the same IP address.

Blocking that IP and changing the FTP passwords is a given, but it seems so mundane and submissive. Is there anything I can do to this guy as he connects or once he's already in the system?

Answers


Some recommendations:

  1. Change your FTP port. Most script kiddies use a port scanner to scan a list of IP addresses for TCP services. They mostly look for port 21.

  2. Disable root login for SSH.

  3. You mentioned this before, but make sure your password is secure and not written down on a post-it note on you computer monitor.


Need Your Help

How can I get the text from a javafx TextField added at runtime?

java javafx fxml

I have two buttons in the scene, one triggers the method newFields() which makes two new TextField inside an HBox and the other through the getText() method, I would like it to get the typed texts.

About UNIX Resources Network

Original, collect and organize Developers related documents, information and materials, contains jQuery, Html, CSS, MySQL, .NET, ASP.NET, SQL, objective-c, iPhone, Ruby on Rails, C, SQL Server, Ruby, Arrays, Regex, ASP.NET MVC, WPF, XML, Ajax, DataBase, and so on.