hosting gurus - hacking
i probably should have post here, but i've started a discussion in the "general discussion" area titled "getting hacked". could you please give me your suggestions, input, comments, and so on.
thanks in advance
----------
My Site Got Hacked, Check It Out!
http://www.birminghamnet.com
Traffic-Website.com free traffic, affiliate programs, hosting, & domain names.
My Site got hacked, but i'm coming back?
Zee posted this at 03:43 — 10th September 1999.
They have: 18 posts
Joined: Apr 1999
Hmm.. just a couple of questions... who are you hosting with? NT or Unix based? How many FTP/Telnet accounts were you using? Did you give any of your passwords out to anyone? What kind of any, CGI scripts were you running? I'm no hacker or security expert, but I'm just wondering how they got in... did you get back control of yer site yet?
www.whoTEK.com
Kilroy posted this at 18:07 — 10th September 1999.
They have: 11 posts
Joined: Aug 1999
Just a quick note,
I had an acquaintance that had his site severly defaced and hacked. His upline, after a few days of investigation, said they somehow got access via his "Hitbox Counter" program... Not sure if this is possible... but may be something to look into.. alot of the external program, (ie counters, bbs, cgi scripts) apparently may allow it somehow, depending upon your server's setup???.... has anyone else experienced a hacking????
fairhousing posted this at 20:09 — 10th September 1999.
They have: 1,587 posts
Joined: Mar 1999
i'll be posting more info in the "general discussion" topic area under "getting hacked" when i get some time.
more forum member input is appreciated
thanks in advance
----------
My Site Got Hacked, Check It Out!
http://www.birminghamnet.com
Traffic-Website.com free traffic, affiliate programs, hosting, & domain names.
My Site got hacked, but i'm coming back?
JP Stones posted this at 22:03 — 12th September 1999.
They have: 2,390 posts
Joined: Nov 1998
This is very interesting indeed, anyone have any more info?
JP
----------
[red]The Next Step in Website Development [/red] - http://www.what-next.com
The Webmaster Promotion and Resource Center
fairhousing posted this at 00:00 — 13th September 1999.
They have: 1,587 posts
Joined: Mar 1999
all of my files were deleted. the only file left was the crackers taunting index.html file. however, they still had access whenever the passwords were changed. anyways, i can't really go into much more detail about it at this point.
----------
My Site Got Hacked, Check It Out!
http://www.birminghamnet.com
Traffic-Website.com free traffic, affiliate programs, hosting, & domain names.
My Site got hacked, but i'm coming back?
Anonymous posted this at 23:14 — 13th September 1999.
They have: 5,633 posts
Joined: Jan 1970
JP, to answer your question about hacking with a CGI:
)
there are some scripts around that let you pass information about where a file to print on the web-page (e.g., the hit-counter) resides, so if you pass a different path, like:
http://www.blah.com/cgi-bin/hit.cgi?path=/etc/passwd
you'll find the whole unix-password file printed on your browser-window
and before you even try, i think every half-educated server-admin should know about this and use shadow-passwords that can't be accessed by everybody.
later
patrick
JP Stones posted this at 21:34 — 15th September 1999.
They have: 2,390 posts
Joined: Nov 1998
Thanks Patick!
JP
----------
[red]The Next Step in Website Development [/red] - http://www.what-next.com
The Webmaster Promotion and Resource Center
Want to join the discussion? Create an account or log in if you already have one. Joining is fast, free and painless! We’ll even whisk you back here when you’ve finished.