Leaked! Confessions of a Joomla DEV
-
Upload
joomla-day-south-africa -
Category
Technology
-
view
1.780 -
download
0
description
Transcript of Leaked! Confessions of a Joomla DEV
Leaked! Confessions of a Joomla DEV
Paul van JaarsveldKalemanzi Media Solutions
@kalemanzi
Overview
● Hackin 'n crackin (Why, who, what?!)● Prevention ● Cure● Discussions / questions
Why, who, what?
● Why do people want to “hack” sites?● Who / what does it?● What do they do?
Defaced – peer recognition
Various forms of attacks
● SQL injection – make mysql run malicious commands
● Known vulnerabilities of outdated scripts● Poorly designed code● Generic passwords● Denial of Service / slashdot effect
DDOS attacks
Spam with a purpose
Payload
Phishing
Prevention: Your neighborhood● Hosting provider NB! ● Rather Apache Linux than Win● Avoid shared hosting● PHP5, CGI not module, register_globals● PHP.ini settings (remote url incl etc.)● mod_security● Htaccess.txt .htaccess● Cpanel, ftp, ssh password etc.
Prevention: Your house● Bricks – Latest Joomla ● Domestic workers – extensions bg. check● House contents – user data / content● The windows – what can be seen● The doors / gates – points of entry● Keys! NB. PSWD – what Master key?!● Radio and tv / internet – external / feeds● CCTV / alarm system – Monitor security● Insurance – regular incremental backups
Cracked, now what?!
Recovery Action plan!● Remove site from public_html (rename
script - rn public_html public_html_inf● Change passwords (sql, ftp, cpanel etc.)● Find a backup that was done before
infection and keep it handy● Do a comprehensive site audit● Find the source of the infection – use shell
script, common sense, versions etc.● Choose recovery strategy:
● Repair current instance eg. Remove malicious code
● Restore clean backup and fix holes● Make site live● Make sure the site is clean!● Have a plan in place for future
Strategy
Questions
● What extensions do you use?
Let's make a list right now!● How do you handle your hacked sites?
Welcome to the resistance ;-)
Paul van JaarsveldKalemanzi Media Solutions
@kalemanzi