The Web is scarier than most people realize, according to research published recently by Google.These Web-based attacks become much more common in recent years as firewalls and better security practices by Microsoft have made it harder for worms and viruses to directly attack computers. Nowadays about 1.3 percent of all Google search queries list malicious results somewhere on the first few pages.
Criminals are getting better at this kind of work. They have built very successful automated tools that poke and prod Web sites, looking for programming errors and then exploit these flaws to install the drive-by download software. Often this code opens an invisible iFrame page on the victim’s browser that redirects it to a malicious Web server. That server then tries to install code on the victim’s PC. “The bad guys are getting exceptionally good at automating those attacks,”
[ad#add-top-in]
Following are some tips to get rid of this hackers or hijackers activity.
– Keep you password and username safe change it frequently only with strong password check your password with Microsoft
– Keep your PC clean from viruses and spy-wares because there are chances to hijack your PC contents and login cookies etc. Scan your PC for viruses now with NOD32 Online Antivirus Scanner
– Keep all folders and files permissions proper in your web hosting accounts/server. Never give full permission for the folders and files, that means read write and execute permission. If you are hosting sites in Linux platform never give 777 permission (read write and execute permission) to all members even for net users of file and folders. The preferred maximum permission is 755. This means write permission for root user and only read and execute permission for others.
– There are many techniques used to hack/hijack the website
Cross Site Scripting (XSS)
SQL injection flaws
Site reconnaissance
Session hijacking
Application denial of service
Cookie/session tampering
To withstand from this you need “professionally well designed websites” and also powerful web sitefirewall at server end.
– You need to choose good web hosting platform or company which provides good firewalls and Security. If you are going for Linux platform better to choose Grsecurity enabled kernel Servers; especially for shared hosting.
– But not the least the best way to find the flow in website is by checking the web site stats all the day. By this you can find the links/URL which are not related to your website so that you can delete it before it spreads through search engines.
– If some one reports your site having virus then its 99% sure your site home pages are having masked IFrames at the beginning or last lines of the page, which actually downloads virus file form some other server/site. You can fix it your self by editing your home page and removing the contents which looks like as shown bellow.
These are some of the tips which really helps to protect yourself from Hackers and Malicious contents
McAfee SiteAdvisor, a plug-in for Internet Explorer and Firefox browsers, tests, analyzes and rates websites in detail for unsafe or annoying practices such as dangerous downloads, spamming, misuse of personal information and browser hijacking. This helps you sidestep possible identity theft or fraud traps. When searching with Google, Yahoo! or MSN, SiteAdvisor’s easy-to-understand safety ratings too
