Page 2 of 2 FirstFirst 12
Results 16 to 20 of 20

Thread: My domain got hacked!

  1. 05-05-2006, 11:29 AM #16
    LavenderLounge
    LavenderLounge is offline
    Just because. LavenderLounge's Avatar
    Join Date
    Mar 2004
    Location
    San Francisco/ Oakland
    Posts
    825
    I think I figured out how they got in. I have a vBullitien discussion board on one of my doorway sites. It two installs to get it set up, so the first one was this there, but not active. They hacked the inactive discussion board and put up one of the "we own you" pages. Since it was inactive, I would have never noticed.

    I also found an ftp login that I didn't recognize, so I deleted that and created all new ones.

    My blog software is also a possible entryway, so I want to upgrade that, but I need help to do it.

    Looks like I've got a lot of work to be done beyond my technical knowledge, so I am going to start a new thread looking to hire a techie contractor here in San Francisco. Please pass the word.

    Thanks for all the help everybody!
    Mark Kliem
    LavenderLounge.com -megasite
    LavenderLoungeblog.com - gay porn news
    LavenderLounge.biz - affiliate program
    Reply With Quote Reply With Quote

  2. 05-05-2006, 10:36 PM #17
    krusher
    Guest
    Man, there are a million ways to hack a site. If anyone wants a decent book on basic hacking, try How to Break Web Software link here.

    This was actually the text book we used for my web security class. To learn how to defend against attacks, you must learn about how they are attacked. If all they did was change your page, then your lucky. Either way, once there is a security breach, you should rebuild the server to be sure.
    Reply With Quote Reply With Quote

  3. 05-05-2006, 10:41 PM #18
    gaybucks_chip
    gaybucks_chip is offline
    On the other hand.... You have different fingers
    Join Date
    Feb 2004
    Location
    San Francisco
    Posts
    3,548
    If he's got the time to do it, I highly recommend Emil Kasperski at Intercage.com. He's one of the most well-rounded, exceptionally sharp people I know as far as network admin/IT security/server maintenance and admin. He owns and manages Intercage, which is a small ISP based in San Francisco, and I'm pretty sure that he deals with this sort of server security issue. I think that he does consulting jobs (dunno for sure) Message me if you want his phone number...
    Reply With Quote Reply With Quote

  4. 05-10-2006, 11:47 PM #19
    krusher
    Guest
    Here is a tool that can help with scanning websites for exposures. It may alert you of any problems that may exist.

    http://www.parosproxy.org/index.shtml
    Reply With Quote Reply With Quote

  5. 05-11-2006, 12:31 PM #20
    LavenderLounge
    LavenderLounge is offline
    Just because. LavenderLounge's Avatar
    Join Date
    Mar 2004
    Location
    San Francisco/ Oakland
    Posts
    825
    Thanks for the tip, Krusher, but it's beyond my technical capabilities.

    I'm a one-man operation juggling a lot of plates, and a very low-tech site. Running that software will only tell me what I already know - my site is vunerable to hacking.

    I also live in an earthquake zone, and the Big One is definitely coming. I've had to assume a great amount of "managed risk" about that, too.
    Mark Kliem
    LavenderLounge.com -megasite
    LavenderLoungeblog.com - gay porn news
    LavenderLounge.biz - affiliate program
    Reply With Quote Reply With Quote

« Previous Thread | Next Thread »

Bookmarks

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •  

Forum Rules