Re: hi, need help

["Salvador III Manaois" <badzmanaois () gmail com>]

Most important is to find out the extent of the damage done by the
hacker. Was it just a tag that he embedded onto your web site? Or was
he able to gain root access of the server?

You may also want to dd-image your system's hard disks for analysis.
You may even have to consult a lawyer in case you plan to pursue this
issue further.

Having said that, check all the logs and look for modified or uploaded
files to the server. You can restore your web site from a backup but
you must ensure to plug the hole with which the hacker compromised
your machine and similarly ensuring that the backup is "untainted". If
you are a bit more paranoid, you can flatten the system and reinsall
the entire thing from scratch (or restore from a clean backup).

Don't forget to change your passwords.

Regards,

Salvador Manaois III
MCSE MCSA C|EH MCITP | Enterprise/Server Admin
Bytes & Badz : http://badzmanaois.blogspot.com

On Thu, Nov 13, 2008 at 4:50 PM, Dhiraj Mahajan
<dhirajsmahajan () gmail com> wrote:
> some hacker has hacked my website. (displaying hacked by turkish
> hacker), now wht shld i do to retrieve my
> original website. so please guide me how to get rid of tht
>
> --
>
>
> Thanks & Regards,
>
>
> Dhiraj S Mahajan,