| Author |
Message |
ceasar
Nuke Soldier
Joined: Mar 19, 2004
Posts: 12
|
 Posted:
Wed Apr 27, 2005 6:53 pm |
  |
My basketball site received this from this hacker XTech Inc. 2 days ago.
This was the index.html file, I just deleted this file and checked my site and don't see any damage as far as I can tell. This hacker posted his actions here - http://www.zone-h.com/en/defacements/view/id=2312390/
and noticed he's been busy. |
|
|
   |
|
fisicouk
Sergeant
Joined: Nov 25, 2004
Posts: 84
|
| Posted:
Thu Apr 28, 2005 5:01 am |
|
|
|
|
ceasar
Nuke Soldier
Joined: Mar 19, 2004
Posts: 12
|
| Posted:
Thu Apr 28, 2005 8:38 am |
|
hackers ip address is 69.56.179.82
phpnuke version is 7.5 and use sentinel 2.2.0 for security.
My mistake is not upgrading the phpbb, the current version is 2.0.10 but will be 2.0.13 this weekend. As far as I know all the patches are current. |
|
|
|
|
KiLZo
Private
Joined: Aug 17, 2003
Posts: 49
Location: Virginia Beach, VA
|
| Posted:
Mon May 02, 2005 3:22 pm |
|
Does anyone know anything about this group called g00ns .... and if so how can i take legal action against them..
This hammered KRVS.NET |
_________________
you will never get a purple heart hiding in a foxhole MOVEOUT! - RET USMC CAPT . Vietnam 1968 - no its not me ... but i am former USMC
 |
|
  |
|
Evaders99
Site Admin
Joined: Aug 17, 2003
Posts: 12349
|
| Posted:
Mon May 02, 2005 3:51 pm |
|
|
 |
|
syred
Nuke Soldier
Joined: Dec 05, 2004
Posts: 24
|
| Posted:
Mon May 02, 2005 4:28 pm |
|
| Quote: |
| hackers ip address is 69.56.179.82 |
* Dns resolved 69.56.179.82 to 69-56-179-82.theplanet.com
-
* Dns resolved semhs.com to 69.56.179.82
Well.. theplanet.com is your host, i guess this server is being used by 100webspace (or something)
You must have logs somewere, look at your logs, and you will find what the hacker did and how he passed your security systems, and what ever it was, update it. |
|
|
|
|
zaitsev
Corporal
Joined: May 30, 2004
Posts: 65
|
| Posted:
Mon May 09, 2005 11:04 pm |
|
i spoke to the planet:
| Quote: |
| Thank you for the notification. Our Manager and VP of Information Security have been and are handling this issue currently, as they keep popping in and out of The Planet's network. |
|
_________________
Free Image Hosting! |
|
|
|
jagan
Nuke Cadet
Joined: Jun 13, 2005
Posts: 1
|
| Posted:
Sun Jun 12, 2005 8:58 pm |
|
I have seen my web site http://www.indiabook.com index page changed to index.htm and this was hvaing written XTech Inc
I came to know about this in just 15 minutes after this change and i restored the old home page |
|
|
|
|
atsouch
Nuke Cadet
Joined: Jun 19, 2005
Posts: 1
|
| Posted:
Sun Jun 19, 2005 1:52 pm |
|
I have just experienced a "visit" by Xtech Inc. Do you know if they just change files (html or php) from the website or can they get root access to the server?
Is it safe to logon via telnet and just replace the php files? |
|
|
|
|
|
|
