NetBuilders, along with The Tech FAQ Proxy list, The Tech FAQ Blog, FreeEmoticons.us, and AtProxy, were vandalized today.
Unfortunately, the vandal destroyed quite a bit of the system. I've restored a backup of the NetBuilders database from earlier in the day, but all posts since the last backup have been lost.
The vandal claims to be a kid named "Yazan" from Palestanian.com.
I think the kid got in through a vulnerability in the script I was using in FreeEmoticons.us. He may also have gained access through a Wordpress 2.8.5 vulnerability before I upgraded to 2.8.6 a few days ago.
Really, we are running so many scripts on this server that my mother could vandalize it. Security is impossible in an environment as open as this, and people will always take advantage of that. Frequent backups are the best defense against these unhappy people sharing their unhappiness.
Submit Your Webmaster Related Sites to the NB Directory
I swear, by my life and my love of it, that I will never live for the sake of another man, nor ask another man to live for mine.
It is important that we are back on track quickly, I think we need to take more care in future for such kind of attack.
Yeah, i noticed this while trying to access NB. Good to hear we're back up again and that too quite quick.
Will, are you planning to take any action against this 'kid'?
Whois hasn't any useful info on him. He claims to be Palestinian but has named himself egyptian_hacker on whois.
nameservers are in france, hardly any more info on whois.
Last edited by Snak3; 30 November, 2009 at 17:01 PM. Reason: Screenshot Removed : The hacker doesn't deserve the attention
The Secret Definitive Guide To Finding Tons of PR4-PR8 Backlinks with ease <== Boost Your Website Rankings Overnight
Will it is good to see you backwill you do anything against the guy who hacked your sites. I am sure law provides you protection. I think you can trace this guy through the whois information of Palestine 4 Ever but there is another possibility what if this all was done by one of your competitors and the guy who hacked your sites did everything in such manner that everybody thinks it was done by Palestine 4 Ever and now you are after Palestine 4 Ever.