Did you ever experienced anytime that your website is acting weird by loading other website URL’s like http://imeanit.cn:8080 when you type your website address in the browser? if so, your website is compromised !!
Type 1:
Compromised? my website? YES, it is, from past one year hackers are targeting the medium and small web hosting companies using exploits and injecting worms into the servers. The virus will deface all the websites index pages in the server by leaving no trace. Solution is to secure the server, clean the server with any good antivirus. sometimes virus will be injected from the your computers also into the website. If your computer is affected by a malware, it will monitor the FTP traffic and send reports to the hacker about your FTP and other sensitive information, Hackers will use bots to inject third party links into others websites using the hacked FTP information. MHACK is the Application which were used earlier to deface many websites.
Type 2:
When you allow Special Characters insert into your contact, search or any web based forms in your website, that is it, your website is vulnerable for CSS attacks. It is important to understand the HTML tags that are most commonly used to carry out code insertion tags. However, it is important to note that alternative “in-line” scripting elements may be used and interpreted by the current generation of web browsers, such as javascript:alert(‘executing script’)
Beware of these XSS, CSS and Script injections into your websites.
Some of the tips to avoid script injections:
Do not click on any executable files received from unknown persons, Secure your computer using good antivirus. monitor outgoing traffic and incoming traffic, enable firewall in your local server, do not take shared internet connection from small vendors.
More Information: http://www.owasp.org/index.php/Testing_for_Cross_site_scripting
