hacked : Java Glossary
©1996-2017 2013-04-09 Roedy Green of Canadian Mind Products
There are a number of things your enemies may do to silence your website:
- Redirect DNS (Domain Name Service) to some other site.
- Break into your server and redirect requests to some other website.
- Break into your server and steal passwords.
- Break into your server and change the content you display or the backing
- Break into your desktop and modify your mirror of the website so that it will
be corrupted the next time you upload it.
- Mount a DOS (Denial of Service attack) attack. The pirates commandeer an army of desktops
on the web and direct them to flood your site with requests leaving it with no
bandwidth to handle legitimate requests. This blunt force attack is very hard to
defend against other that by having overwhelming resources to handle the entire
load without strain. Server farms, clouds and fibre optic links all help defend
against such attacks.
It is pretty easy to track down the culprit if they use either of the first two
methods. Their ISP (Internet Service Provider) will likely be in a foreign country that will be
The usual motives for hacking your site are religious or nationalistic. It can be
dangerous to criticise a religion, nation or a
nation’s activities in a war. Defending sexual minorities used to be dangerous,
but not so much any more.
The attempt to silence a man is the greatest honour you can bestow on him. It means
that you recognise his superiority to yourself.
~ Joseph Sobran (1946-02-23 age:72)
What Can You Do About It?
- Keep right up to date with OS (Operating System)
patches. The makers of the OS
security breaches as fast as they are found. Hackers will use the most recently
discovered security breaches.
- Use an off-Broadway or mainly commercial OS,
not one of those well understood by hackers. Try AIX (Advanced Interactive eXecutive),
HP-UX, BSD (Berkeley Software Distribution) or SCO. Avoid OSX, Windows and Linux.
- Keep the number of different software packages you use on your server to a
minimum. Each one introduces potential for security leaks.
- Use certificates rather that passwords. If you must use passwords, store only
digests of them on your server, not the passwords themselves.
- Use an ISP that handles large corporations. Dealing with
attacks requires specialised knowledge and full time staff.