 |
Your forum announcement here! |
|
 |
11-04-2008, 16:52
|
 |
Premium Member
|
|
Join Date: Nov 2005
Location: New Mexico
Posts: 584
|
|
Site hacked
My site got hacked yesterday and they injected p0rn links into some pages and also put 100's of porn HTML and redirects in my DIR's.
NickJ said it was accessed (Cpanel) with these IP's
86.149.17.234
59.161.47.187
212.183.227.130
200.55.109.88
190.72.166.212
81.184.151.235
Are these all proxys or waht ? What can be done to report these guy ? Its a Government (allbeit local Gov) but surely tehy can get punished for it ?
Is there even a wway to change my default FTP port to something obscure that only I would know so they cant upload stuff ?
Last edited by Brian : 11-04-2008 at 16:54.
|
11-04-2008, 17:07
|
 |
Moderator
|
|
Join Date: May 2007
Location: Newport, Wales
Posts: 728
|
|
Please use the above contacts for abuse complaints. |
11-04-2008, 20:46
|
|
Premium Member
|
|
Join Date: Nov 2005
Location: New Mexico
Posts: 584
|
|
Thanks, just got around to doing that.
What about having my FTP on an obscure port ?
|
11-04-2008, 21:44
|
|
Moderator
|
|
Join Date: May 2007
Location: Newport, Wales
Posts: 728
|
|
What type of web hosting do you have? 
VPS, shared hosting etc? |
11-04-2008, 22:00
|
 |
Chief Marketing Officer
|
|
Join Date: Sep 2005
Posts: 4,048
|
|
Quote:
Originally Posted by Brian
Thanks, just got around to doing that.
What about having my FTP on an obscure port ?
|
This is what I could see from FTP logs on the server :-
Quote:
Apr 10 02:59:06 hawk pure-ftpd: (clayton@59.161.47.187) [NOTICE] /home/clayton//public_html/downloads/wallpapers/backup/world-record-cock/hotel-allegro-resort-papagayo.html uploaded (30382 bytes, 3.48KB/sec)
Apr 10 02:59:24 hawk pure-ftpd: (clayton@59.161.47.187) [NOTICE] /home/clayton//public_html/downloads/wallpapers/backup/world-record-cock/dildo-butt-plug.html uploaded (29213 bytes, 2.78KB/sec)
Apr 10 02:59:41 hawk pure-ftpd: (clayton@59.161.47.187) [NOTICE] /home/clayton//public_html/downloads/wallpapers/backup/world-record-cock/gay-man-peeing.html uploaded (28854 bytes, 2.64KB/sec)
|
You had weak FTP password and someone managed to hack your FTP password to download - inject - upload on your website.
__________________
UK Web Hosting || Business Hosting || eUKhost Knowledgebase
Toll Free : 0808 262 0255 || MSN : mark @ eukhost.com || AIM : eukmark
A bunch of Sheep led by a Lion is better than a bunch of Lions led by a Sheep.
__________________________________________________
Great Opportunity :: Join our Affiliate Program for FREE and earn 20% commission on each referral.
|
11-04-2008, 22:02
|
|
Moderator
|
|
Join Date: May 2007
Location: Newport, Wales
Posts: 728
|
|
Quote:
Originally Posted by eUKhost.com
This is what I could see from FTP logs on the server :-
You had weak FTP password and someone managed to hack your FTP password to download - inject - upload on your website.
|
Lol, I don't think it's a good idea to post that publicly on the forums :P |
11-04-2008, 22:17
|
|
Premium Member
|
|
Join Date: Nov 2005
Location: New Mexico
Posts: 584
|
|
All passwords have been changed, so its far from weak now. But I was thinking what if FTP was on a different port would that not make it impossible to upload stuff, no ?
|
11-04-2008, 22:18
|
|
Moderator
|
|
Join Date: May 2007
Location: Newport, Wales
Posts: 728
|
|
Well, this is only possible if you have a VPS or Dedicated Server?
|
11-04-2008, 22:43
|
|
Chief Marketing Officer
|
|
Join Date: Sep 2005
Posts: 4,048
|
|
Quote:
Originally Posted by WelshTom
Well, this is only possible if you have a VPS or Dedicated Server?
|
Thats right. FTP port change will stop cPanel File Manager as well. We can set IP based permission for SSH, FTP, cPanel & WHM access on a VPS or Dedicated Server, but such settings cannot be done on a shared hosting server.
__________________
UK Web Hosting || Business Hosting || eUKhost Knowledgebase
Toll Free : 0808 262 0255 || MSN : mark @ eukhost.com || AIM : eukmark
A bunch of Sheep led by a Lion is better than a bunch of Lions led by a Sheep.
__________________________________________________
Great Opportunity :: Join our Affiliate Program for FREE and earn 20% commission on each referral.
|
11-04-2008, 22:45
|
|
Premium Member
|
|
Join Date: Nov 2005
Location: New Mexico
Posts: 584
|
|
OK well I only repaid for my package in Jan so ill see how much I have left in teh budget to do a VPS. Are they hosted in the US too ?
|
11-04-2008, 22:46
|
|
Moderator
|
|
Join Date: May 2007
Location: Newport, Wales
Posts: 728
|
|
Nope, VPS and Dedicated servers are situated in the UK.
Edit: However (although I'm not sure), eUKhost may be able to set you one up in the US if that's what you want.
|
12-04-2008, 02:30
|
|
Premium Member
|
|
Join Date: Nov 2005
Location: New Mexico
Posts: 584
|
|
I can only do US mate.
|
12-04-2008, 04:25
|
|
Premium Member
|
|
Join Date: Nov 2005
Location: New Mexico
Posts: 584
|
|
Spoke to Danny in sales and he said they have some in the US. So off to see the City Manager on monday to see how much we have left in the budget.
|
12-04-2008, 20:39
|
|
Chief Marketing Officer
|
|
Join Date: Sep 2005
Posts: 4,048
|
|
Quote:
Originally Posted by Brian
Spoke to Danny in sales and he said they have some in the US. So off to see the City Manager on Monday to see how much we have left in the budget.
|
There should not be any problem on hawk if you keep on changing your FTP password once in a month. Hacker managed to login in first attempt so he must have managed to crack or sniff your password easily. If he had attempted to login with wrong credentials for 3 times then he would have got blocked on the server.
We maintain multiple backups of your account and you can download one backup once in a month from cpanel control panel. please PM your old password as I would like to know how someone could access your account so easily.
__________________
UK Web Hosting || Business Hosting || eUKhost Knowledgebase
Toll Free : 0808 262 0255 || MSN : mark @ eukhost.com || AIM : eukmark
A bunch of Sheep led by a Lion is better than a bunch of Lions led by a Sheep.
__________________________________________________
Great Opportunity :: Join our Affiliate Program for FREE and earn 20% commission on each referral.
|
12-04-2008, 23:20
|
|
Premium Member
|
|
Join Date: Nov 2005
Location: New Mexico
Posts: 584
|
|
PM sent .
|
13-04-2008, 13:56
|
|
Chief Marketing Officer
|
|
Join Date: Sep 2005
Posts: 4,048
|
|
Quote:
Originally Posted by Brian
PM sent .
|
got it
There should be at least one upper case character and at least one special character in your password. That makes it impossible for hackers to crack your password.
Passwords with same case and numbers can be cracked easily using Brute Force tools.
__________________
UK Web Hosting || Business Hosting || eUKhost Knowledgebase
Toll Free : 0808 262 0255 || MSN : mark @ eukhost.com || AIM : eukmark
A bunch of Sheep led by a Lion is better than a bunch of Lions led by a Sheep.
__________________________________________________
Great Opportunity :: Join our Affiliate Program for FREE and earn 20% commission on each referral.
|
|
Currently Active Users Viewing This Thread: 1 (0 members and 1 guests)
|
|
|
| Thread Tools |
|
|
| Display Modes |
 Linear Mode
|
Posting Rules
|
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts
HTML code is Off
|
|
|
All times are GMT. The time now is 09:21.
|
|
|
