FTP Account Hacked... How did they guess the password?

[arochester]

@Phedup

Each message has got a date on it. MustangV10 was here 26th November 2011. gcawood was here 18th November 2011.

I don't think they are still around to read your messages...

 

[Phedup]

This is true, also. Again, it comes back to the reason I use SCP. Getting your hands on the Key AND the Password are difficult enough, and if the hacker managed to get all that information and get in....well, maybe you should consider posting a "Security Admin for Hire" job posting on your server for next time he gets in

Very common for U

This can be very bad if you need to access the server remotely, or you are not at home. The only way to do this, and ensure you'll be able to access your server anytime you need to, would be to set up a VPN for when you are away from the primary (static) computer. Another problem you run into is if the ip address changes, you have to figure out a way to update your server to reflect it so you are not locked out.

Yes! electronic spy vans can hack you even if you're not online!

 

[Phedup]

You are only as secure as your weakest link. You cannot rely on the security of your client accounts for the security of your site.

What can be hacked can be cracked. There's no code that theoretically can't be broken. It's too bad.
The perps must have really wanted to crack your server....
Think "Turing & von Neuman!"

 

[Phedup]

I manage a web server with a bunch of FTP accounts on it. One of them just got hacked and the site had javascript injected into it. The thing is that the password was ultra-secure. Does anyone have any idea how they got in? The server logged a valid user login in the FTP log.

Thanks for the help.

This site looks helpful...Google: esecurityplanet ...Things Hackers Hope You Don't Know.
Sorry...can't post links yet. Good luck.
Phedup