Tuesday, October 21, 2003


Well they didn't deface my website, but they did take advantage of a gapping hole I had left in my FTP server. I have to take full responsiblity for the hole too. I installed a webportal package called DotNetNuke. In doing so I broke some security settings I had in place.

I wasn't really happy with DotNetNuke and thus abandoned it, but I never reset my security. Shame on me. I certain know better.

One of the groups, Chaos-Crew left their signature, thanks guys. One pecker apparently didn't know what he was doing yet and made a HUGE mess of his/her directory structure. It may have been on purpose, but whatever.

I just formatted the drive and restored a backup. I put in place other security measures to prevent this from happening again, but I won't go into those.

I will say however that I blocked their subnets on the firewall. Sure they could spoof them and use another address, but that makes it more work. They were just using my server as a Warez server, so they'll probably just go find some other poor saps computer and hijack it.

Needless to say I'm a little irritated, but I also look on things like this as a challange. They had no other access to my system, near as I can tell, so it was rather benign. They helped me find a bad security hole that I had not fixed, now it is. Thanks guys. What would we do without you wonderful hackers trading your Dido and German version of the movie Terminator illegally on our servers? What I found rather funny too was the copy of Norton AntiVirus 2004 on my server. Gee don't you trust each others files? LOL

No comments: