23 replies to this topic

[rejected]

Easlier today my site was hacked, and everything was deleted, and the index.html file had some very nasty vulgar pictures, and then it said it was hacked by crappy html and had a link to http://www.omegagateway.com/boards. Does anyone know any ways that I might not know to stop hackers?

[rejected]

No, no one at all. I was too afraid that my friends would screw around with it, so I didn't even give it to them.

[7r33]

You should check your logs to see if any one tryed to brute force into your site... also turn stuff on so you need a username and pass to log onto any part of your site....

[rejected]

How would I check if anyone brute forced their way into it? I just found out I had an anonoumous ftp, so I they could've gotten in that way.

[7r33]

Well they may have done it thew anonoumous ftp... but i think theres a little thing called raw logs and userlogs or something along them lines look in the logs and see who else was on as a adimin by looking at there ip and if it is not yours then look up the ip and call there isp....

[7r33]

Call there isp and get there internet takenaway or get laws on them and you could find there isp threw isp lookup on the internet or ip look up.....................

[rejected]

Get laws on them? Do you mean like sue them or fine them or something? What proof would I have of them hacking my site though?

[rejected]

www.thyelite.trap17.com was my site, I changed the index so I wouldn't have to have those pictures there...

[7r33]

Ok and that helps me how.... heh um have kept the orignial files there could of been some clues.............................................!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!

[UnheroicHero]

First of all, I'd like to say that I am a regular at Omage Gateway and can state that without a shadow of a doubt, that activity is not condoned there.


Second, did you have a message board? If so, did you use a source code called whiteFyre?

[rejected]

I had a forum, invisionfree, and I havn't heard of whitefyre. Why? Does whitefyre have a big back door?

[UnheroicHero]

rejected, on Feb 12 2005, 10:39 PM, said:

I had a forum, invisionfree, and I havn't heard of whitefyre. Why? Does whitefyre have a big back door?

That's an understatement. The released source is full of major exploits.

[rejected]

Why is it out there then? If it didn't have the exploits, would it be any good to use? How would they get my password and stuff from it though?

[maddog39]

Man, alot of websites are being hacked that way. I think I have seen 3 so far. I remember phpbb.com was hacked that way. What I suggest you do is, post a message on your website that explains that you have been hacked and your rebuilding the site and it will be shut down till further notice, etc., etc. Then password protect your directories and limit all access to the site in anyway you can. Then slowly rebuild your site and bring it back up. A chance of a hacker even wanting to try and hack it again after that I think is pretty low.

[Inty]

Hello, I'm the co-owner/administrator of omegagateway.com

Either someone is setting us up, or you are lying (not accusing, just stating that those are the only two possible scenarios here). Go through any records you have if you have any doubt, check referrer sites, etc. If you think we did anything after all that, feel free to contact me via the account you signed up at my site with and I'll assist you in any way possible. Any case, this was brought to my attention and I felt the need to make a statement. Sorry for what happened; in our site's beginning days we were hacked three times and we still prospered. Best of luck friend

~joeynova

[rejected]

I'm wondering what I did to make them hack me, oh and I'm sorry UnheroicHero for going to Omage Gateway and accusing them of hacking, which is totally wrong, I'm sorry about that. How do I password protect the directories?

[Inty]

In your cPanel ther should be an icon that says "Password Protect Directories".

As for why you were hacked, unless you have enemies...it's because you exist. Some people need no more reason than that.

[rejected]

I'm sincerely sorry for going and blaming your site like that, I was kind of angry and ready to blame anyone who talked to me, and I checked all the referers and none of them came from you, I'm suspecting it was through the ftp. I'm sorry about that man, I really am.

[Dooga]

I recommend turning of FTP for now, and re-construct your site by uploading.

[whyme]

rejected, on Feb 12 2005, 07:26 PM, said:

Get laws on them? Do you mean like sue them or fine them or something? What proof would I have of them hacking my site though?

You can take legal action by "intrusion of personal/private information" as well as "hacking" IF, your data logs in cpanel were able to record any sentisve information that might reveal which ip messed around with your site. ideally, if the logs prove useful, and prove enough data, that "dingbat" can get sued for "loss of information" as well as "damaging of digital information". These are all possible leagal actions that you can take. Further more, you can request thier ISP to relase info about them. (Sorry, but some of my er, "law" information maybe wrong, i only know so much , but they can more or less be charged like that, just scroll through all your logs and stuff, and een better if you have some sort of remotely hosted statisctic tracker, go see those logs as well, like statcounter.com or the traker that rap17 is using)

[Inty]

No need to apologize at all man, no need at all. It was perfectly natural seeing as how some ass put my site's link on your site . God help me if I find who did that. I think you know where to contact me if you find out...

Also, logs probably won't do any good; if the hacker is smart enough to hack, he's smart enough to use a proxy.

~joeynova

[whyme]

Inty, on Feb 12 2005, 09:20 PM, said:

Also, logs probably won't do any good; if the hacker is smart enough to hack, he's smart enough to use a proxy.

~joeynova

hmm..i guess so, but, its always worth a try.

[electriic ink]

What was your site?

And... the laws I have no idea, but I'm sure if you do some research on a search engine and really are desperate to make sure they don't rehack:

1. Change your server
2. Change the passwords

How did they know who your server was?

Unless it was a subdomain...

[alamstore]

cmatcmextra, on Feb 13 2005, 09:52 AM, said:

What was your site?

And... the laws I have no idea, but I'm sure if you do some research on a search engine and really are desperate to make sure they don't rehack:

1. Change your server
2. Change the passwords

How did they know who your server was?

Unless it was a subdomain...

how can i prevent my site http://babu.madpage.com from getting hacked
also check the security of http://alampay.2ya.com