HostOnNet Blog

Category Archives: Security

FIleZilla FTP Software Is Insecure

I was checking through the MetaSploit framework, i found the exploit to hack FileZilla. FileZilla store passwords in pain text in XML file. This was the same for years. I thought they had fixed it long back. I have not


How to Remote Wipe your Android Phone When It Is Stolen

Here are a few ways to remotely wipe your android phone when it is stolen. 1. Where’s My Droid Where’s My Droid is a commonly talked about Android security application. Many times it’s referred to in articles talking about how


How to keep Hackers Away

1. Do not disable safe_mode under php.ini. If customer requested t disable it, turn it off on  his account only. As most of the time attack is done using c99 php shell scripts. This c99 shell allows an attacker to


How to Change the SSH port on cPanel Servers

To change the SSH port login as root, and edit /etc/ssh/sshd_config Find the line that says Port 22 and change 22 to any number between 1024->65535 (above 30000 is best) and save the file. Once done, run: /etc/init.d/sshd restart Now


How to Disable Direct Root Logins

Allowing the root user to login directly is a major security issue, we’ll show you how to disable it so you can still login as root but just not directly, reducing the security issue. This will force a hacker to


How to Disable Telnet

Telnet sends clear text passwords and usernames through logins and should be disabled on all web servers and replaced with SSH. Some hosting providers are not disabling telnet by default but you should ensure that it has been turned off


How to Install and Configure maldet (Linux Malware Detect – LMD)

Linux Malware Detect (LMD) is a malware scanner for Linux released under the GNU GPLv2 license, that is designed around the threats faced in shared hosted environments. It uses threat data from network edge intrusion detection systems to extract malware


Free SQL Injections Scanner

You have likely been tracking the mass SQL Injections that are currently sweeping through the net. Just last night I was shopping on www.ihomeaudio.com when I noticed they had been injected (they have since fixed their site). HP started to


KeePass Password Safe

KeePass is a program that can help you to protect your passwords. Today i installed this program, no install is needed also it can run from USB drives. Recently one of the USB drive with server passwords stopped working during