Re: [ubuntu-uk] Website Hacked.....

James wrote: > Lucy wrote: > >> 2009/6/30 John : >> >> >>> Hi Lucy, >>> >>> Having checked that, it proved very useful, as they are trying very hard >>> not to answer any of my queries directly, plus it was around that time >>> that they admitted to having a problem, and when I questione

Re: [ubuntu-uk] Website Hacked.....

Lucy wrote: > 2009/6/30 John : > >> Hi Lucy, >> >> Having checked that, it proved very useful, as they are trying very hard >> not to answer any of my queries directly, plus it was around that time >> that they admitted to having a problem, and when I questioned them about >> and told them I kne

Re: [ubuntu-uk] Website Hacked.....

2009/6/30 John : > Hi Lucy, > > Having checked that, it proved very useful, as they are trying very hard > not to answer any of my queries directly, plus it was around that time > that they admitted to having a problem, and when I questioned them about > and told them I knew it was the same person

Re: [ubuntu-uk] Website Hacked.....

Lucy wrote: > 2009/6/29 John : > >> I just got a mesage saying no other sites on the server were hacked, >> just mine. I remember Lucy saying something about how many sites there >> were on the server, and I'm sure she mentioned something about other >> sites being hacked, or something along tho

Re: [ubuntu-uk] Website Hacked.....

2009/6/29 John : > I just got a mesage saying no other sites on the server were hacked, > just mine. I remember Lucy saying something about how many sites there > were on the server, and I'm sure she mentioned something about other > sites being hacked, or something along those lines. Can you give

Re: [ubuntu-uk] Website Hacked..... (now showing online?)

On Tue, Jun 30, 2009 at 1:20 AM, John wrote: > Caroline Astell-Burt wrote: > > > > > > On Sun, Jun 28, 2009 at 6:39 PM, John > > wrote: > > > > Hi everybody, > > > > I have just finished reading all of your posts. I have to say that > > I am > > overwhelme

Re: [ubuntu-uk] Website Hacked..... (now showing online?)

Caroline Astell-Burt wrote: > > > On Sun, Jun 28, 2009 at 6:39 PM, John > wrote: > > Hi everybody, > > I have just finished reading all of your posts. I have to say that > I am > overwhelmed by your concern and your support. I cannot thank you all > enou

Re: [ubuntu-uk] Website Hacked..... (now showing online?)

On Sun, Jun 28, 2009 at 6:39 PM, John wrote: > Hi everybody, > > I have just finished reading all of your posts. I have to say that I am > overwhelmed by your concern and your support. I cannot thank you all > enough for everything that you have done for me here. I am in the > process of trying t

Re: [ubuntu-uk] Website Hacked.....

I just got a mesage saying no other sites on the server were hacked, just mine. I remember Lucy saying something about how many sites there were on the server, and I'm sure she mentioned something about other sites being hacked, or something along those lines. Can you give me a little bit more

Re: [ubuntu-uk] Website Hacked.....

Quoting William Anderson : > Matthew Macdonald-Wallace wrote: >> [snip] >> >> A strong password is useless if the hack was carried out using a >> remote file include or a vulnerability in code that was on the website >> to elevate permissions. From your other comments in the thread, I >> doubt th

Re: [ubuntu-uk] Website Hacked.....

John wrote: > Hi everybody, > > I have been trying to get my host to give me some information about the > hacking, and I'm coming up against a brick wall. All I can get from them > is that it was either wordpress and a phpmsql exploit or they are saying > I have let somebody have access to the c

Re: [ubuntu-uk] Website Hacked.....

Hi everybody, I have been trying to get my host to give me some information about the hacking, and I'm coming up against a brick wall. All I can get from them is that it was either wordpress and a phpmsql exploit or they are saying I have let somebody have access to the control panel myself, or

Re: [ubuntu-uk] Website Hacked.....

William Anderson wrote: > Matthew Macdonald-Wallace wrote: >> [snip] >> >> A strong password is useless if the hack was carried out using a >> remote file include or a vulnerability in code that was on the website >> to elevate permissions. From your other comments in the thread, I >> doubt

Re: [ubuntu-uk] Website Hacked.....

John wrote: > [snip] > Hi, what backup options are there that dont require you to download the > full site each time. It is some of my fault for relying on the host, I > should never have done that. I need to learn more. check out the rsync, sitecopy, and mirror packages -n -- ubuntu-uk@lists

Re: [ubuntu-uk] Website Hacked.....

John wrote: > Lucy wrote: >> 2009/6/28 Andy Smith : [...] >> Seconded, and there are many backup options that don't require >> downloading the whole 2.5GiB each time. >> >> > Hi, what backup options are there that dont require you to download the > full site each time. It is some of my fault

Re: [ubuntu-uk] Website Hacked.....

On 28/06/09 18:30, John wrote: > Hi, what backup options are there that dont require you to download the > full site each time. It is some of my fault for relying on the host, I > should never have done that. I need to learn more. > > John I would check out rsync first, your host will probably h

Re: [ubuntu-uk] Website Hacked..... (now showing online?)

Hi everybody, I have just finished reading all of your posts. I have to say that I am overwhelmed by your concern and your support. I cannot thank you all enough for everything that you have done for me here. I am in the process of trying to find out from my Host what happened, and they dont s

Re: [ubuntu-uk] Website Hacked.....

John, > LeeGroups wrote: > >>> 412 sites on a shared server is pushing it a bit. > >>> > >>> > >> Really? Depends on the server! > >> > >> > > Absolutely, I know of firms that run upwards of a 1000 websites on a > > single server. > > Admittedly, they are small, low traffic s

Re: [ubuntu-uk] Website Hacked.....

Lucy wrote: > 2009/6/28 Andy Smith : > >> Hi John, >> >> On Sat, Jun 27, 2009 at 08:51:26PM +0100, John wrote: >> >>> It looks like my site is gone. The host has not backed up as promised, >>> and they are just saying its gone no backup. That's all I'm getting. >>> They wont tell me what ha

Re: [ubuntu-uk] Website Hacked.....

LeeGroups wrote: >>> 412 sites on a shared server is pushing it a bit. >>> >>> >> Really? Depends on the server! >> >> > Absolutely, I know of firms that run upwards of a 1000 websites on a > single server. > Admittedly, they are small, low traffic sites and they are carefully

Re: [ubuntu-uk] Website Hacked.....

On 28 Jun 2009, at 13:41, Lucy wrote: > 2009/6/28 William Anderson : >> Lucy wrote: >>> [snip] >>> Like I said in an earlier post, many other sites on the same server >>> were also compromised. It's likely that he'll never find out which >>> one >>> was responsible. >> >> Other sites being com

Re: [ubuntu-uk] Website Hacked.....

2009/6/28 William Anderson : > Lucy wrote: >> [snip] >> Like I said in an earlier post, many other sites on the same server >> were also compromised. It's likely that he'll never find out which one >> was responsible. > > Other sites being compromised doesn't necessarily mean they were > responsibl

Re: [ubuntu-uk] Website Hacked.....

Lucy wrote: > [snip] > Like I said in an earlier post, many other sites on the same server > were also compromised. It's likely that he'll never find out which one > was responsible. Other sites being compromised doesn't necessarily mean they were responsible for the damage to John's site, just in

Re: [ubuntu-uk] Website Hacked.....

2009/6/28 Andy Smith : > Hi John, > > On Sat, Jun 27, 2009 at 08:51:26PM +0100, John wrote: >> It looks like my site is gone. The host has not backed up as promised, >> and they are just saying its gone no backup. That's all I'm getting. >> They wont tell me what happened, they wont tell me how the

Re: [ubuntu-uk] Website Hacked.....

On Sun, Jun 28, 2009 at 12:08 PM, alan c wrote: > LeeGroups wrote: > >> As the old saying goes, you get what you pay for. > > I have not used that old saying much at all since I started using linux I've been stung a few times when it came to hosting... there was a "company" called (names changed

Re: [ubuntu-uk] Website Hacked.....

LeeGroups wrote: > As the old saying goes, you get what you pay for. I have not used that old saying much at all since I started using linux -- alan cocks Ubuntu user -- ubuntu-uk@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-uk https://wiki.ubuntu.com/UKTeam/

Re: [ubuntu-uk] Website Hacked.....

-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 William Anderson wrote: > Alan Pope wrote: >> [snip] >> >> "A highly damaging hack at UK-based web hosting company VAserv has >> taken a tragic turn for the worse after it was revealed that the boss >> of the Indian firm whose software was at the centr

Re: [ubuntu-uk] Website Hacked.....

>> 412 sites on a shared server is pushing it a bit. >> > > Really? Depends on the server! > Absolutely, I know of firms that run upwards of a 1000 websites on a single server. Admittedly, they are small, low traffic sites and they are carefully monitored so if traffic starts building t

Re: [ubuntu-uk] Website Hacked.....

Hi John, On Sat, Jun 27, 2009 at 08:51:26PM +0100, John wrote: > It looks like my site is gone. The host has not backed up as promised, > and they are just saying its gone no backup. That's all I'm getting. > They wont tell me what happened, they wont tell me how the hacker got > in, tjhey wont

Re: [ubuntu-uk] Website Hacked.....

Sean Miller wrote: > 412 sites on a shared server is pushing it a bit. Really? Depends on the server! -n -- ubuntu-uk@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-uk https://wiki.ubuntu.com/UKTeam/

Re: [ubuntu-uk] Website Hacked.....

Alan Pope wrote: > [snip] > > "A highly damaging hack at UK-based web hosting company VAserv has > taken a tragic turn for the worse after it was revealed that the boss > of the Indian firm whose software was at the centre the attack, has > hanged himself. " General consensus is that he had lost

Re: [ubuntu-uk] Website Hacked.....

Matthew Macdonald-Wallace wrote: > [snip] > > A strong password is useless if the hack was carried out using a > remote file include or a vulnerability in code that was on the website > to elevate permissions. From your other comments in the thread, I > doubt that your netbook is compromise

Re: [ubuntu-uk] Website Hacked..... (now showing online?)

Matt Jones wrote: > [snip] > > Looks like you just got away with it. Making a full site backup > probably isn't a bad idea! > Glad you got it sorted, And get phpbb and wordpress updated immediately, I suspect these were the attack vectors. I'm sure, if you don't feel confident about doing that y

Re: [ubuntu-uk] Website Hacked.....

On Sun, 28 Jun 2009 00:25:03 +0100 LeeGroups wrote: > The only think that you can do, in any situation, is to take backups > frequently. And I mean daily if you site changes daily. > And keep copies going back, days, weeks, months just in case. > > Lee And do not forget to occasionally test yo

Re: [ubuntu-uk] Website Hacked.....

> I would guess that possibly, as your site is on a shared server, that > the server was hacked into and by gaining root access, they had access > to all sites on that server, including yours. Then they probably > removed your site and all the others to replace them with their evil. > > I doub

Re: [ubuntu-uk] Website Hacked.....

I would guess that possibly, as your site is on a shared server, that the server was hacked into and by gaining root access, they had access to all sites on that server, including yours. Then they probably removed your site and all the others to replace them with their evil. I doubt if the hos

Re: [ubuntu-uk] Website Hacked..... (now showing online?)

On Sat, Jun 27, 2009 at 10:08 PM, Chris Rowson wrote: >> >> http://hamstercareforum.co.uk/ >> >> ?? I can see it I think >> >> -- >> alan cocks > > > Me too.. > > Chris > > -- > ubuntu-uk@lists.ubuntu.com > https://lists.ubuntu.com/mailman/listinfo/ubuntu-uk > https://wiki.ubuntu.com/UKTeam/ > Loo

Re: [ubuntu-uk] Website Hacked..... (now showing online?)

> > http://hamstercareforum.co.uk/ > > ?? I can see it I think > > -- > alan cocks Me too.. Chris -- ubuntu-uk@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-uk https://wiki.ubuntu.com/UKTeam/

Re: [ubuntu-uk] Website Hacked..... (now showing online?)

John wrote: > I run a website, and there's about 2.5 gigs of information on there. The > whole lot got deleted and the hackers put a picture of advertising who > they were. I have managed to get the host to restore as much as they can > back, well, they way they are trying to. > > What is worry

Re: [ubuntu-uk] Website Hacked.....

Quoting John : > It looks like my site is gone. The host has not backed up as promised, > and they are just saying its gone no backup. That's all I'm getting. > They wont tell me what happened, they wont tell me how the hacker got > in, tjhey wont tell me why there is no backup. Nothing. I am feel

Re: [ubuntu-uk] Website Hacked.....

John wrote: It looks like my site is gone. The host has not backed up as promised, and they are just saying its gone no backup. That's all I'm getting. They wont tell me what happened, they wont tell me how the hacker got in, tjhey wont tell me why there is no backup. Nothing. I am feeling ver

Re: [ubuntu-uk] Website Hacked.....

It looks like my site is gone. The host has not backed up as promised, and they are just saying its gone no backup. That's all I'm getting. They wont tell me what happened, they wont tell me how the hacker got in, tjhey wont tell me why there is no backup. Nothing. I am feeling very sick right

Re: [ubuntu-uk] Website Hacked.....

All, Some of you may or may not know that my latest job is working for a large UK hosting provider. The comments in-line below are based on my experiences in trying to protect our cluster from hacking attempts. Quoting Lucy : > 2009/6/27 Tony Arnold : >> John, >> >> John wrote: >>> I run a

Re: [ubuntu-uk] Website Hacked.....

Sean Miller wrote: > 412 sites on a shared server is pushing it a bit. > > I have 4 servers that I administer. The most difficult to deal with > is the one where customers install their own software, such as phpBB. > I have no control, and so fight a continuous battle against hackers > etc. > > Th

Re: [ubuntu-uk] Website Hacked.....

2009/6/27 Sean Miller : > On Sat, Jun 27, 2009 at 7:49 PM, Harry Rickards wrote: >> exploit in their control panel (the story even made it to slashdot, as >> the dev of the control panel hanged himself). My VPS was restored from > > Erm, that's a bit "beyond the call of duty", isn't it? > > I feel

Re: [ubuntu-uk] Website Hacked.....

On Sat, Jun 27, 2009 at 7:49 PM, Harry Rickards wrote: > exploit in their control panel (the story even made it to slashdot, as > the dev of the control panel hanged himself). My VPS was restored from Erm, that's a bit "beyond the call of duty", isn't it? I feel bad when sites get hacked (and ove

Re: [ubuntu-uk] Website Hacked.....

-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Sean Miller wrote: ... > If you can I'd recommend you purchase a VPS or something - they start > at only about £15/month. Then at least you're in control and aren't > at the mercy of other customers of your supplier in the way you are > with shared h

Re: [ubuntu-uk] Website Hacked.....

-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Lucy wrote: > But, I've just gone to furrycritters.co.uk in a browser (was telneting > to port 80 before, which gives a different response for some reason) > and it appears that it's been hacked by a group called ci...@ckerz > > A quick Google gave t

Re: [ubuntu-uk] Website Hacked.....

412 sites on a shared server is pushing it a bit. I have 4 servers that I administer. The most difficult to deal with is the one where customers install their own software, such as phpBB. I have no control, and so fight a continuous battle against hackers etc. The easiest is the one that only ru

Re: [ubuntu-uk] Website Hacked.....

2009/6/27 Harry Rickards : > -BEGIN PGP SIGNED MESSAGE- > Hash: SHA1 > > Lucy wrote: > >> What I did: >> >> $ ping furrycritters.co.uk >> >> This revealed both the IP address and the reverse lookup, in this case >> victorious.eukhost.com (213.175.194.16). >> >> This was confirmed by doing:

Re: [ubuntu-uk] Website Hacked.....

-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Lucy wrote: > What I did: > > $ ping furrycritters.co.uk > > This revealed both the IP address and the reverse lookup, in this case > victorious.eukhost.com (213.175.194.16). > > This was confirmed by doing: > > $ dig -x 213.175.194.16 > > I also

Re: [ubuntu-uk] Website Hacked.....

2009/6/27 James Milligan : > On 27 Jun 2009, at 17:52, Matthew Daubney wrote: > >> >>> I just took a look and the sites still arent showing. >>> >>> John >>> >> >> Hiya, >> >> A VPS is a Virtual Private Server. Essentially its a virtual machine >> on >> someone elses server. By the looks of it, y

Re: [ubuntu-uk] Website Hacked.....

2009/6/27 Tony Arnold : > John, > > John wrote: >> I run a website, and there's about 2.5 gigs of information on there. The >> whole lot got deleted and the hackers put a picture of advertising who >> they were. I have managed to get the host to restore as much as they can >> back, well, they way t

Re: [ubuntu-uk] Website Hacked.....

On 27 Jun 2009, at 17:52, Matthew Daubney wrote: > >>> >> Hi Matt, oh dear, he comes some more of my ignorance, what is a >> VPS. My >> host is called EUKHost, and I have a shared server. I cant get them >> to >> open up about this, but some of the things that I have on there >> such as >>

Re: [ubuntu-uk] Website Hacked.....

John, John wrote: > I run a website, and there's about 2.5 gigs of information on there. The > whole lot got deleted and the hackers put a picture of advertising who > they were. I have managed to get the host to restore as much as they can > back, well, they way they are trying to. > > What i

Re: [ubuntu-uk] Website Hacked.....

> > > Hi Matt, oh dear, he comes some more of my ignorance, what is a VPS. My > host is called EUKHost, and I have a shared server. I cant get them to > open up about this, but some of the things that I have on there such as > the MODX CMS and Wordpress conflict with mod_security, and it has

Re: [ubuntu-uk] Website Hacked.....

2009/6/27 John : > Lucy wrote: >> 2009/6/27 John : >> >>> What is worrying me, is the password was a really strong password, 100 >>> strong according to the password generator, and I was wondering, how >>> they managed to get in. >>> >> >> Did you run any popular software, like Wordpress or phpBB?

Re: [ubuntu-uk] Website Hacked.....

Lucy wrote: > 2009/6/27 John : > >> I run a website, and there's about 2.5 gigs of information on there. The >> whole lot got deleted and the hackers put a picture of advertising who >> they were. I have managed to get the host to restore as much as they can >> back, well, they way they are tryi

Re: [ubuntu-uk] Website Hacked.....

Matthew Daubney wrote: > On Sat, 2009-06-27 at 17:14 +0100, John wrote: > >> I run a website, and there's about 2.5 gigs of information on there. The >> whole lot got deleted and the hackers put a picture of advertising who >> they were. I have managed to get the host to restore as much as the

Re: [ubuntu-uk] Website Hacked.....

2009/6/27 John : > I run a website, and there's about 2.5 gigs of information on there. The > whole lot got deleted and the hackers put a picture of advertising who > they were. I have managed to get the host to restore as much as they can > back, well, they way they are trying to. > > What is worr

Re: [ubuntu-uk] Website Hacked.....

On Sat, 2009-06-27 at 17:14 +0100, John wrote: > I run a website, and there's about 2.5 gigs of information on there. The > whole lot got deleted and the hackers put a picture of advertising who > they were. I have managed to get the host to restore as much as they can > back, well, they way the

[ubuntu-uk] Website Hacked.....

I run a website, and there's about 2.5 gigs of information on there. The whole lot got deleted and the hackers put a picture of advertising who they were. I have managed to get the host to restore as much as they can back, well, they way they are trying to. What is worrying me, is the password