Heh. While all us Aussies are wasting time with off topic rants. The sys admin at my last job tried to tell me that the web site I was developing was making port 80 connections to random IP numbers at very short intervals.
Duh. Didn't take long to figure out that he'd left port 80 open on the firewall and that our servers were hit with code red. Plus. ASP isn't that sophisticated. =) (Don't worry, I have a real job now.) Regards, [ lucas ] "Joseph Blythe" <[EMAIL PROTECTED]> wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... > Sorry if this a little of topic but this sort of reminds me what happend to > me on Monday: > > I arrived at work in a really good mood (for a Monday) to find everyone > screaming at each other, then at me :) what was being said is that the new > webserver I have been configuring with the latest versions of Apache, mySQL > and PHP had been serverley hacked and it was all my fault (as usual), I > thought this was rather strange as there really arn't any holes that would > allow a root exploit (as far as I know) in the software which I had > installed. After further investigation it seems that our IT manager who did > the Linux install had not latched down the FTP tight enough and some guy > from France (Yes we are on to you :)) got in and started to extract all his > little hacking toys, one of which was a network sniffer which revealed all > of my passwords as I continued to configure the server. After much pain > stakingly changing all of our passwords everything seems to be ok now. > > Just thought it was kind of funny that they blammed the web developer first > as I am the one who uses all the weird arsed software :) > > > Regards, > > > Joseph > > -----Original Message----- > From: brendan [mailto:[EMAIL PROTECTED]] > Sent: Tuesday, 30 October 2001 2:40 PM > To: [EMAIL PROTECTED] > Subject: [PHP] lesson in NOT how to run your php website ... > > > I teach law at a university .. I also run the website here ... php > with a mysql backend ... > > > - I have been designing a client side administration tool which allows > you to setup both the html input form to request from a database and > format the way the results look and are returned ... so that academics > can setup and run their own databases ... > > - of course during setup and debugging I ran from the /temp directory of > the website (we dont have a test machine) > > - after debugging was over i forgot about the extra copy of this script > in the /temp directory and forgot to delete it ..(there was no security > on the script) > > - what i also forgot was that in my last lecture series I had left the > presentation files for the students in the .. you guessed it ... /temp > directory .. > > - the students .. being students didnt actually look at the lecture > notes very much, and i had deleted them .. > > - however its exam time ... and all of them in a flurry logged on to > the site ('/temp') ... but instead of finding the lecture series they > find this strange control panel with lots of weird buttons... > - web user + strange buttons on page => bugger ... > > so about two weeks ago the site started to go haywire ... links stopped > working .. databases started screwing up .. > > - i had entirely forgot about the contents of the /temp directory .. > - i was going INSANE trying to continually fix the site .. > - i thought we were being hacked and ran a constant netstat, logged all > visitor activity and made two separate complaints about what seems now > were innocent web users ... > - i didnt sleep > - my girlfriend nearly dumped me .. > - i was sure there was a conspiracy at hand .. > > - I only stumbled on the /temp directory when i began rebuilding a new > site to replace what I had now decided was a comprimised code base ... I > started in the /temp directory of course ;) > > > - I am sure there is a lesson here somewhere .. I think it is probably > more valuable just to laugh at .. > > ps thanks for all the help on the last run of stupidity I had (re > !#@$!#$ regular expressions posts here) > > happy programming! > > > -- > PHP General Mailing List (http://www.php.net/) > To unsubscribe, e-mail: [EMAIL PROTECTED] > For additional commands, e-mail: [EMAIL PROTECTED] > To contact the list administrators, e-mail: [EMAIL PROTECTED] > -- PHP General Mailing List (http://www.php.net/) To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] To contact the list administrators, e-mail: [EMAIL PROTECTED]
