Status update on xoops.org server hack

**john** · October 27th, 2005, 1:52 AM

You can get the whole story here .

John

**David** · October 27th, 2005, 1:55 AM

Looks like the same thing they had posted in their news before it went down again. I wish they'd get everything back up and going again.

**Kayla** · October 27th, 2005, 1:57 AM

Thanks for the update.

Interesting read.

**john** · October 27th, 2005, 2:41 AM

I hope they are able to reopen soon as well.

I think there's an opportunity here to learn (or at least be reminded) just how important it is to follow through on script installs to make sure that they are as secure as they can be. As can be seen here, a simple oversight can have serious repercussions.

I am glad to see that it wasn't an actual security issue with Xoops itself. That would have been even worse.

**David** · October 27th, 2005, 2:59 AM

Yeah, I second that about security with xoops. If it was a hole in Xoops, think of how easy it would be to find the xoops sites and kill them. I mean, there's a directory of thousands of sites right there. =/

I had my blog hacked a while back because I left the installation stuff there by accident. I had been going back and forth installing and deleting Wordpress and forgot about the install. Unfortunetly, I think the hacking was actually the hackers owning themselves because...well, let's face it. My blog isn't exactly the number one site in the world.

**john** · October 27th, 2005, 3:21 AM

Quote:

Originally Posted by David

I think the hacking was actually the hackers owning themselves because...well, let's face it. My blog isn't exactly the number one site in the world.

It depends on why they want to compromise your site. It may not have anything to do with you. Popularity may not even be an issue. In fact, they may prefer to hit a site that doesn't get any traffic.

The last time I got hacked, they didn't deface the site, they used my account to launch a DOS attack against another datacenter. My site's popularity didn't have squat to do with it. They found a hole, got in, and did their business.

Then I got the boot and came to Surpass. Looking back on it, getting hacked that time was a good thing, though I take all the steps I know how to so it hopefully doesn't happen again, since odds of finding an even better host are less than winning the lottery.

**David** · October 27th, 2005, 3:24 AM

Ooo....good point. I had an abuse related issue I noticed a few months back. I found under my blog a couple folders I didn't put there. Something ebay related that looked like someone was maybe trying to pull some kind of ebay scam. Alerted support and they told me I could delete them so I did.

Thread Tools	Search this Thread
Show Printable Version Email this Page	Search this Thread: Advanced Search
Rate This Thread
Rate This Thread:

October 27th, 2005, 1:57 AM	#3 (permalink)
Kayla Marketing Maven Surpass Staff Joined in May 2003 Lives in Orlando 24,749 posts Gave thanks: 946 Thanked 806 times	Thanks for the update. Interesting read.

Currently Active Users Viewing This Thread: 1 (0 members and 1 guests)