cancel
Showing results for 
Search instead for 
Did you mean: 

Web Site Warning: Defacement Contest Sunday

N/A

Web Site Warning: Defacement Contest Sunday

Quote

However, I'm moving it to the "Everything Internet" forum. Smiley

Thomas


Thanks Thomas, wasn't sure whether to do this in the beginning, I decided on the top forum so support could see it in-case they wanted to monitor it.
7 REPLIES
N/A

Web Site Warning: Defacement Contest Sunday

Felt this was a very important announcement, not sure what Sunday they mean but everyone with websites should take notice:

http://www.eweek.com/article2/0,3959,1174366,00.asp
Community Veteran
Posts: 6,111
Thanks: 1
Registered: 05-04-2007

Web Site Warning: Defacement Contest Sunday

I'd heard of this myself some time back, but totally forgotten about it, so thank you very much for bringing it to our attention!

However, I'm moving it to the "Everything Internet" forum. Smiley

Thomas
Community Veteran
Posts: 6,111
Thanks: 1
Registered: 05-04-2007

Web Site Warning: Defacement Contest Sunday

Whoops... neither of us checked the date of that article did we? July 2nd. So it's all happened anyway. Smiley

Thomas
Community Veteran
Posts: 6,983
Thanks: 8
Registered: 10-04-2007

Web Site Warning: Defacement Contest Sunday

Yes reading the article it would have been the 4th of July which of course is the American Inndependance day.
N/A

Web Site Warning: Defacement Contest Sunday

Quote
Whoops... neither of us checked the date of that article did we? July 2nd. So it's all happened anyway. Smiley

Thomas


Yes, I overlooked this too, reason being it was on the Postnuke website as a security issue.

I think it still highlights the importance of being cautious with passwords and making sure you have backups of your website in case somebody managed to hack into it.

It is especially important with Plusnet customers who are using the CGI-BIN as whilst looking at a problem for a plusnet customer, I navigated to their CGI space, which didn't have an index file and ultimately showed a folder called phpmyadmin. Guess what. Wasn't password protected and I could have wiped their tables and caused mayhem, and I'm not a hacker. Anyone could have done this.

Anyway, thanks for pointing out it has elapsed, I can now rest that my postnuke site is safer Wink
Community Veteran
Posts: 6,111
Thanks: 1
Registered: 05-04-2007

Web Site Warning: Defacement Contest Sunday

Quote
It is especially important with Plusnet customers who are using the CGI-BIN as whilst looking at a problem for a plusnet customer, I navigated to their CGI space, which didn't have an index file and ultimately showed a folder called phpmyadmin. Guess what. Wasn't password protected and I could have wiped their tables and caused mayhem, and I'm not a hacker. Anyone could have done this.

I have to admit, I was guilty of leaving my phpMyAdmin folder without an index file once... but one of my observant moderators put me right soon enough! Mind you, I still haven't sorted out .htaccess... (I've removed phpMyAdmin from my webspace, but I need to do it for another folder)...

Oh well. Smiley

Thomas
Community Veteran
Posts: 6,983
Thanks: 8
Registered: 10-04-2007

Web Site Warning: Defacement Contest Sunday

Yes it's surprising how many people try and have a look at your CGI space.
Since I added an index file with a php counter on it there have been several hundred hits. None of my file would call this index file up so its snoopers Tongue
I keep resetting the counter now and again so its easier see changes.