Skip Navigation LinksBlog

Share |

Go Back

BEWARE - FTP Hacking

Be aware... recently we have noticed a rise in FTP hacking, successful brute force security hacks.  A number of sites, unfortunately the Nomis site as well as client sites and I imagine many others, were comprimised.

FTP hacking, brute force security hacking, is where a hacker manages to guess your password and then obtain access to the raw files of your website: it conjures up images of a person tapping in "12345", then "54321", then "23456" etc., like in the movies, in fact it is a lot more sophisticated and can lead to problems such as Google blocking your site and advising visitors that the site contains malicious content - not very good PR. 

The examples of FTP hacking that we have seen in pages show a line(s) of script that has been added to the html code which forwards the user onto another site or downloads malicious programmes.

Ways to try and reduce the risk of FTP hacking:

  • Make your password as hard as possible to guess
    • Firstly check with your hosting company as to their password policy but where possible include the following:
      • Numbers
      • Letters
      • Symbols
      • Vary the case of letters -  use both uppercase and lowercase
  • If you do not need your FTP service, turn it off
    • Only have it turned on when you actually need it.

Facebook Twitter DZone It! Digg It! StumbleUpon Technorati NewsVine Reddit Blinklist Add diigo bookmark

Post a comment!
  1. Formatting options