Welcome to the MacNN Forums.

If this is your first visit, be sure to check out the FAQ by clicking the link above. You may have to register before you can post: click the register link above to proceed. To start viewing messages, select the forum that you want to visit from the selection below.

You are here: MacNN Forums > Community > MacNN Lounge > My Server Got Hacked :(

My Server Got Hacked :(
Thread Tools
Ghoser777
Professional Poster
Join Date: Dec 2000
Location: Chicago, Illinois
Status: Offline
Reply With Quote
Dec 21, 2004, 03:40 PM
 
Go to www.fahrenbacher.com and see for yourself Well, I guess something was insecure enough on my linux box for that to happen... I just don't know what.
     
Disgruntled Head of C-3PO
Professional Poster
Join Date: Jul 2001
Location: In bits and pieces on Cloud City
Status: Offline
Reply With Quote
Dec 21, 2004, 03:46 PM
 
why would they bother just to do something boring like that?
"Curse my metal body, I wasn't fast enough!"
     
ManOfSteal
Addicted to MacNN
Join Date: Aug 2004
Location: Outfield - #24
Status: Offline
Reply With Quote
Dec 21, 2004, 03:53 PM
 
They must want Meteorologist updated from it's original creator...

     
spiky_dog
Mac Elite
Join Date: Dec 1999
Location: Plainview, NY
Status: Offline
Reply With Quote
Dec 21, 2004, 04:16 PM
 
Originally posted by Disgruntled Head of C-3PO:
why would they bother just to do something boring like that?
it's an automated attack on sites running phpbb, i think. or maybe there's some other link. i just know that one of the sites i visit daily, the forums at cameracourage.com, also was hit by this attack.

[searches] yup, it's phpbb that's the vector: http://www.infoworld.com/article/04/...ntyworm_1.html

The worm, dubbed Santy.A, uses a vulnerability in a popular free software package called phpBB to spread across the Internet, infecting computer servers that host online bulletin boards and defacing those sites with the words "This site is defaced!!! NeverEverNoSanity WebWorm."
     
kosmonaft
Fresh-Faced Recruit
Join Date: Dec 2004
Location: Skokie, IL
Status: Offline
Reply With Quote
Dec 21, 2004, 05:30 PM
 
Is there a way we can prevent this from happening again in Linux?
     
GFitzy
Dedicated MacNNer
Join Date: Feb 2000
Location: New Haven, CT
Status: Offline
Reply With Quote
Dec 21, 2004, 05:46 PM
 
more info here: http://secunia.com/advisories/13481/

-gfitzy
     
The Milkman
Forum Regular
Join Date: Sep 2001
Location: .be
Status: Offline
Reply With Quote
Dec 22, 2004, 02:48 AM
 
Net Worm Uses Google to Spread: Slashdot.org
Moderation is a fatal thing. Nothing succeeds like excess.
Oscar Wilde
     
sir_hc
Fresh-Faced Recruit
Join Date: Feb 2003
Location: Southampton, UK
Status: Offline
Reply With Quote
Dec 22, 2004, 06:12 AM
 
If it is is phpBB then it is all versions under 2.0.11 that are vulnerable. It is documented on the phpBB site here and there is now 2.0.11 fix released that can be downloaded from here.

I run a web host and I strongly advised all my cients to upgrade and not just perform the code swap fix. So far only one site got attacked in this way.

(Sorry pasted a wrong link just now - all fixed.)
     
   
Thread Tools
 
Forum Links
Forum Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts
BB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Top
Privacy Policy
All times are GMT -4. The time now is 07:30 AM.
All contents of these forums © 1995-2017 MacNN. All rights reserved.
Branding + Design: www.gesamtbild.com
vBulletin v.3.8.8 © 2000-2017, Jelsoft Enterprises Ltd.,