Comments on: StorageMojo: hacked! http://storagemojo.com/2008/05/06/storagemojo-hacked/ Data storage info & analysis Wed, 09 Jul 2008 12:31:52 +0000 http://wordpress.org/?v=2.5.1 By: Joe Gunroy http://storagemojo.com/2008/05/06/storagemojo-hacked/#comment-195592 Joe Gunroy Sat, 10 May 2008 01:44:54 +0000 http://storagemojo.com/?p=703#comment-195592 Open source isn't the issue, per se, as all the commercial website applications have had (and will have) their fair share of exploits, too. Inexpensive hosting does require the extra effort of "going it alone." But, this is more an issue with trying to be your own webmaster than with the choice of platform. Robin, I'm willing to bet you're not done. Chances are that whomever hacked you probably didn't do it because of your passwords, but more likely through some other vulnerability. If they got full access to your webhost (i.e., root) I'd recommend a complete reinstall, followed by patching every known vulnerability and then a good round of server hardening. Yes, it's a lot of work. Yes, it's unfortunate that you need to know all this stuff to be a webmaster. But, this is the path you have chosen. Open source isn’t the issue, per se, as all the commercial website applications have had (and will have) their fair share of exploits, too.

Inexpensive hosting does require the extra effort of “going it alone.” But, this is more an issue with trying to be your own webmaster than with the choice of platform.

Robin, I’m willing to bet you’re not done. Chances are that whomever hacked you probably didn’t do it because of your passwords, but more likely through some other vulnerability. If they got full access to your webhost (i.e., root) I’d recommend a complete reinstall, followed by patching every known vulnerability and then a good round of server hardening. Yes, it’s a lot of work. Yes, it’s unfortunate that you need to know all this stuff to be a webmaster. But, this is the path you have chosen.

]]> By: xfer_rdy http://storagemojo.com/2008/05/06/storagemojo-hacked/#comment-195588 xfer_rdy Fri, 09 May 2008 16:24:27 +0000 http://storagemojo.com/?p=703#comment-195588 Isn't open source wonderful ?? Sorry to hear you've been hacked... but hacking popular web sites, open source forums, and blog software is a hobby for too many. In part, that's why I took my site down. I didn't have the time to keep up with the spamming and hacking. This is good example of the problems with open source technology for business or professional purposes. "Its free isn't it" , well --- no, what's is your time worth... There are very few companies, at least under $300/mo, that will ensure your web/blog/forum site will mitigate or correct hacking. good luck x ------------------------------------------------ "Too much monkey business" -Chuck Berry Isn’t open source wonderful ??

Sorry to hear you’ve been hacked… but hacking popular web sites, open source forums, and blog software is a hobby for too many. In part, that’s why I took my site down. I didn’t have the time to keep up with the spamming and hacking.

This is good example of the problems with open source technology for business or professional purposes. “Its free isn’t it” , well — no, what’s is your time worth… There are very few companies, at least under $300/mo, that will ensure your web/blog/forum site will mitigate or correct hacking.

good luck

x
————————————————
“Too much monkey business”
-Chuck Berry

]]> By: Margaret http://storagemojo.com/2008/05/06/storagemojo-hacked/#comment-195559 Margaret Wed, 07 May 2008 18:15:18 +0000 http://storagemojo.com/?p=703#comment-195559 Scary stuff! Bloggers have to be pretty vigilant these days. Thanks for the links. ~Margaret Scary stuff! Bloggers have to be pretty vigilant these days. Thanks for the links.
~Margaret

]]> By: Francis http://storagemojo.com/2008/05/06/storagemojo-hacked/#comment-195558 Francis Wed, 07 May 2008 14:07:55 +0000 http://storagemojo.com/?p=703#comment-195558 Dreamhost has one redeeming feature, they let you spit up your websites by users. Make sure you have a different user for each domain you host and if one is hacked the others are secure. I'd be using media temple (they are much faster and more reliable) if they offered that. Dreamhost has one redeeming feature, they let you spit up your websites by users. Make sure you have a different user for each domain you host and if one is hacked the others are secure. I’d be using media temple (they are much faster and more reliable) if they offered that.

]]> By: Pieter Thoma http://storagemojo.com/2008/05/06/storagemojo-hacked/#comment-195557 Pieter Thoma Wed, 07 May 2008 09:16:10 +0000 http://storagemojo.com/?p=703#comment-195557 There is a security test plugin for wordpress. A must have! http://wordpress.org/extend/plugins/wp-security-scan/ There is a security test plugin for wordpress. A must have!

http://wordpress.org/extend/plugins/wp-security-scan/

]]> By: Amit Gurdasani http://storagemojo.com/2008/05/06/storagemojo-hacked/#comment-195556 Amit Gurdasani Wed, 07 May 2008 08:41:15 +0000 http://storagemojo.com/?p=703#comment-195556 IF this is dedicated hosting or something like a Xen VPS: I'd advise you to take it offline, power it off, do a clean operating system install on your host, restore from known-good backup, harden said known-good system and then take it online. The reason is that if the hackers ended up injecting code into the kernel, your view of the system might well be governed by said code -- their processes on the host may be hidden from view, providing a hidden, ready backdoor for them to come in again. In a nutshell, _you cannot trust the system_ unless you've rebuilt it with known-good components _from the bottom up_. And if you cannot trust what the system tells you, you cannot be certain that it's clean or secure. If it's shared hosting, you generally don't have control over the operating system -- but shared hosts tend to harden their systems against this sort of thing anyway. The best you can do is to back up the _data_, remove everything, reinstall the CMS, vet the data and restore the databases and configuration for the CMS. That way you can be sure you haven't missed anything. IF this is dedicated hosting or something like a Xen VPS: I’d advise you to take it offline, power it off, do a clean operating system install on your host, restore from known-good backup, harden said known-good system and then take it online.

The reason is that if the hackers ended up injecting code into the kernel, your view of the system might well be governed by said code — their processes on the host may be hidden from view, providing a hidden, ready backdoor for them to come in again. In a nutshell, _you cannot trust the system_ unless you’ve rebuilt it with known-good components _from the bottom up_. And if you cannot trust what the system tells you, you cannot be certain that it’s clean or secure.

If it’s shared hosting, you generally don’t have control over the operating system — but shared hosts tend to harden their systems against this sort of thing anyway. The best you can do is to back up the _data_, remove everything, reinstall the CMS, vet the data and restore the databases and configuration for the CMS. That way you can be sure you haven’t missed anything.

]]> By: Riot Nrrrd™ http://storagemojo.com/2008/05/06/storagemojo-hacked/#comment-195555 Riot Nrrrd™ Wed, 07 May 2008 02:10:23 +0000 http://storagemojo.com/?p=703#comment-195555 "Language = ru, whatever that means." As in RUssian. “Language = ru, whatever that means.”

As in RUssian.

]]> By: phil http://storagemojo.com/2008/05/06/storagemojo-hacked/#comment-195554 phil Wed, 07 May 2008 02:09:20 +0000 http://storagemojo.com/?p=703#comment-195554 "Language=ru" mean Russian. “Language=ru” mean Russian.

]]>