My Site got hacked :-((

	Home Register Search Help Login

Sponsors

Shopping Cart Software
Ecommerce software integrated into Frontpage, Dreamweaver and Golive templates. No monthly fees and available in ASP and PHP versions.

Website Templates
We also have a wide selection of Dreamweaver, Expression Web and Frontpage templates as well as webmaster tools and CSS layouts.

Frontpage website templates
Creative Website Templates for FrontPage, Dreamweaver, Flash, SwishMax

Search Forums

Recent Posts

Todays Posts
Most Active posts
Posts since last visit
My Recent Posts
Mark posts read

My Site got hacked :-((

View related threads: (in this forum | in all forums)

Logged in as: Guest

Users viewing this topic: none

Printable Version

All Forums >> Web Development >> General Web Development >> My Site got hacked :-((

Page: [1]


bernieboy31 Posts: 80 Joined: 3/5/2005 From: London, United Kingdom Status: offline	My Site got hacked :-(( - 3/2/2008 19:35:20 I run a small community site Bllcks-to-pca.org [where, due to the naughty word checker on this forum, = o]* for suffers of Prostate Cancer, which got hacked Sat night by "KimLiksiZ DEVLET" ("MUSLIM_HaCkER"). The hack involved addition of a bunch of index.* and default.* files in every site directory and sub-directory. Any idea how this can happen and bstards like this can get access? There is only one FTP and FP account for site updates which is mine and my PC is secure. The site is prmarily .asp using FP as the basis and is on a shared windows server. I have quieried the hosting service about it. So far all they have come back with is "Do I have Content Management System?"* The answer to which is no. Advice please kind gurus as I don't want to spend anymore Sundays deleting crap files on the site via FTP. (The databases were all OK - thank heavens) TIA Bernie < Message edited by bernieboy31 -- 3/2/2008 19:41:47 >


treetopsranch Posts: 1059 From: Cottage Grove, OR, USA Status: offline	RE: My Site got hacked :-(( - 3/2/2008 21:49:51 Change your password(s) now. _____________________________ Don from TreeTops Ranch, Oregon "I've got a taste for quality and luxury" (in reply to bernieboy31)


BobbyDouglas Posts: 5469 Joined: 5/15/2003 From: Arizona Status: offline	RE: My Site got hacked :-(( - 3/2/2008 22:08:52 You should contact your host, they should help you with getting this fixed. quote: Any idea how this can happen and b*stards like this can get access? - Most likely it is the fact you're running an ASP script that isn't secure. Something that needs to be updated that never was. Those are usually the most common causes for defaced sites. _____________________________ Arizona Web Design - Mr Bobs Web Design in Arizona The Arizona Web Hosting Challenge (in reply to treetopsranch)


bernieboy31 Posts: 80 Joined: 3/5/2005 From: London, United Kingdom Status: offline	RE: My Site got hacked :-(( (Solved) - 3/3/2008 6:02:54 Below from my hosting service. Is this "BS"? Quote We are aware that at approximately 10PM on Saturday 1st March approximately 100 users had their site's index files overwritten without their consent. This was made possible due to an undisclosed vulnerability in Microsoft Windows Server 2003 which allowed the hacker to gain write permissions over directories outside of his web root. This allowed him to write, briefly, to other user's websites. We have since prevented this exploit from being run again and are urgently seeking a patch for the issue from Microsoft. At no point was the server compromised and, thanks to the nature of our clustered system, the only system affected at all was the .122 web server. No other servers including email or DNS were affected. Unquote The rest of the response was grovelling apologies (in reply to BobbyDouglas)


caz Posts: 3547 Joined: 10/10/2001 From: Somewhere south of Chester, UK Status: offline	RE: My Site got hacked :-(( (Solved) - 3/3/2008 6:27:55 I vaguely remember that Windows Server was included in the last Patch Tuesday batch of MS updates, perhaps they were a bit slow/ham fisted in applying them? Have they changed your password? If not you should do it through your cp and look at using Spooky Login for password protecting your site, if you don't already. But they have acknowledged that it was not your fault, nor that of the other 99 sites and it has happened to many of us in the past so don't beat yourself up too much about it. _____________________________ Do not meddle in the affairs of cats, for they are subtle and will dance, or more on your keyboard. Cheshire cat. www.doracat.co.uk I remember when it took less than 4hrs to fly across the Atlantic. (in reply to bernieboy31)


bernieboy31 Posts: 80 Joined: 3/5/2005 From: London, United Kingdom Status: offline	RE: My Site got hacked :-(( (Solved) - 3/3/2008 6:54:11 Cheers Caz First thing I did yesterday before clearing out the crap files was a p/word change on everything - C/panel, FTP and FP. I already have a "derivation" of spooky on the site for the Members Area. Thanks for the comfort !! (in reply to caz)


BobbyDouglas Posts: 5469 Joined: 5/15/2003 From: Arizona Status: offline	RE: My Site got hacked :-(( (Solved) - 3/3/2008 10:52:41 There is always a chance for a security issue/hole. The best hosts are the ones that find it quickly and patch it up ASAP. You can ask them for more information regarding what the security issue was, or how they "patched" it. They could just be giving you BS, or they could really be on top of their game. It does sound a bit fishy that there was an exploit in the server, but only one of the servers was affected. Seems to me if there is an exploit for windows server 2003, all servers would be affected. Their explanation is perfectly fine for an average user. However, I personally would expect more of a technical explanation, with details on what exactly was fixed. _____________________________ Arizona Web Design - Mr Bobs Web Design in Arizona The Arizona Web Hosting Challenge (in reply to bernieboy31)

Page: [1]

All Forums >> Web Development >> General Web Development >> My Site got hacked :-((

Page: [1]

Jump to: 1

New Messages	No New Messages
Hot Topic w/ New Messages	Hot Topic w/o New Messages
Locked w/ New Messages	Locked w/o New Messages

Post New Thread

Reply to Message

Post New Poll

Submit Vote

Delete My Own Post

Delete My Own Thread

Rate Posts