Geekzone: technology news, blogs, forums
Guest
Welcome Guest.
You haven't logged in yet. If you don't have an account you can register now.


View this topic in a long page with up to 500 replies per page Create new topic
1 | 2 | 3 | 4
2460 posts

Uber Geek


  #444847 2-Mar-2011 16:22
Send private message

babye: Same problem. WordPress site hosted at Orcon, via Kiwi Web Host. index.php hacked.

Just waiting for Orcon to restore the site.

You might be able to see the hacked page: http://www.boutereys.co.nz/wp-content/


Wow, you really should be keeping wordpress up to date. In a version that old, there's loads of security vulnerabilities.
 

3 posts

Wannabe Geek


  #444852 2-Mar-2011 16:30
Send private message

Yeah, I'll be having a chat with my developers.

 
 
 
 


3892 posts

Uber Geek


  #444858 2-Mar-2011 16:37
Send private message

redjet: PM me if you need any help.


Nice post! :) +1




Promote New Zealand - Get yourself a .kiwi.nz domain name!!!

Check out mine - i.am.a.can.do.kiwi.nz - don@i.am.a.can.do.kiwi.nz


6366 posts

Uber Geek

Moderator
Trusted
Lifetime subscriber

  #444878 2-Mar-2011 17:01
Send private message

I've updated the subject line of this topic to be a little more descriptive - the original implied that Orcon had been hacked, when it's really only one user's account.

Cloud Guru
4060 posts

Uber Geek

Trusted
Snowflake
Subscriber

  #444883 2-Mar-2011 17:07
Send private message

i attempted to get to http://www.mobiletune.co.nz a few days back and noticed it had been 'hacked by shiraz'. Checking their dns showed they were iserve/orcon hosted too.

looks like they are back up now. but it cost them a job the other day as i went somewhere else




3 posts

Wannabe Geek


  #444889 2-Mar-2011 17:12
Send private message

Someone with a bit more time on their hands could google "shiraz hacker" and check out the dns for the sites showing up.

Cloud Guru
4060 posts

Uber Geek

Trusted
Snowflake
Subscriber

  #444892 2-Mar-2011 17:15
Send private message

btw, i didnt contact orcon or mobiletune directly when i found the site was hacked, but i did tweet about it and included orcon twitter account in that.  no idea if anyone there followed it up.

http://twitter.com/#!/nzregs/status/40935129601937409





 
 
 
 


3528 posts

Uber Geek

Trusted

  #444893 2-Mar-2011 17:15
Send private message

I have had a few situations in the past with customers getting their sites hacked. Had a couple times when they had chmod to 777 on Linux systems and that's easy for a hacker. Most often its a security exploit in the CMS. In all instances its just the index.whatever file being changed. I have never had a problem with hacking on Windows IIS, I think the tools the hackers use are mainly for Linux so even if they find something with poor security hosted on IIS they just ignore it.




Speedtest 2019-10-14


536 posts

Ultimate Geek


  #444896 2-Mar-2011 17:24

Hosting providers have security pros (or at least, should have) monitoring their networks and ensuring security on their end. The only way, in an ideal world, to get hacked is for your password to be compromised or your website to be compromised.

There are rare events when web hosting providers get hacked, but it's far, far, far more common for it to be the user's fault.

3892 posts

Uber Geek


  #444898 2-Mar-2011 17:26
Send private message

All site owners should have some sort of disaster recovery plan and most people don't. They generally don't care and don't think about it and don't want to.





Promote New Zealand - Get yourself a .kiwi.nz domain name!!!

Check out mine - i.am.a.can.do.kiwi.nz - don@i.am.a.can.do.kiwi.nz


2892 posts

Uber Geek

Trusted
Lifetime subscriber

  #444903 2-Mar-2011 17:31
Send private message

After the CHC earthquake I really decided I should have some disaster recovery plan. I now backup all my customers websites (20+) weekly to Amazon S3, and also to dropbox in an easy to grab format. This is in addition to my hosting providers weekly backups.

Another measure is to make sure someone else knows where it all is.... A lot of the time stuff is in people heads....

Cheers, Matt.





My views (except when I am looking out their windows) are not those of my employer.

Cloud Guru
4060 posts

Uber Geek

Trusted
Snowflake
Subscriber

  #444905 2-Mar-2011 17:33
Send private message

Zeon: I have never had a problem with hacking on Windows IIS


the older versions (nt4, win2k) with the default security used to be pretty vulnerable.  if you keep up with security patches etc, then not so much of a problem these days.

that said, if someone wanted to hack *you*, not just run a script, then it probably wouldnt matter what you ran.  if they were skilled and dedicated to the task then there is a good chance they would get in somehow.. no matter if you ran windows, linux or whatever.  it hard to put up a firewall to protect against social engineering.




3528 posts

Uber Geek

Trusted

  #444912 2-Mar-2011 17:41
Send private message

Regs:
Zeon: I have never had a problem with hacking on Windows IIS


the older versions (nt4, win2k) with the default security used to be pretty vulnerable.  if you keep up with security patches etc, then not so much of a problem these days.

that said, if someone wanted to hack *you*, not just run a script, then it probably wouldnt matter what you ran.  if they were skilled and dedicated to the task then there is a good chance they would get in somehow.. no matter if you ran windows, linux or whatever.  it hard to put up a firewall to protect against social engineering.


Yes true. It's funny timing actually as one of our IIS web hosting servers came under a DDoS attack last week mainly from Hong Kong. Think it was just random but the thing that protected us in that instance was the sh!thouse international we have =p. But Vocus who provides upstream to our colo company nulled our IP straight away and everything was good again in about 30 mins.




Speedtest 2019-10-14


2460 posts

Uber Geek


  #444914 2-Mar-2011 17:43
Send private message

In this case it wasn't anything to do with Orcon (nor the other sites getting hacked) but people not updating their own software.

4 posts

Wannabe Geek


  #444916 2-Mar-2011 17:48
Send private message

Interesting. My website uses Joomla CMS. If word press has been hacked then it seems to be either aimed at both or something deeper.  I am with kiwiwebhost as well.  What happened was the menus are all changed to Hacked By Shiraz (in mysql), and then as soon as you make the mistake of logging into the administrator back end the home page changes to a fiery skull, as does the administrator backend page.  You can no longer log in through Joomla.  Orcon/Iserve finally restored the backup after 5 days of my site being down. However, the backup still has the hacked menu info in the mysql tables, so it's to an older version I must go... I guess.

I really want Orcon/iServe to identify how it happened to my site and at least 5-6+ others on the SAME server. Did we all have the same vulnerability?  Why are other sites around NZ and the world for that matter not getting the same hacked message if it is a joomla and word press security issue?  Maybe it is just a coincidence that our sites are all kiwiwebhost hosted.

1 | 2 | 3 | 4
View this topic in a long page with up to 500 replies per page Create new topic



Twitter and LinkedIn »



Follow us to receive Twitter updates when new discussions are posted in our forums:



Follow us to receive Twitter updates when news items and blogs are posted in our frontpage:



Follow us to receive Twitter updates when tech item prices are listed in our price comparison site:





News »

Withings launches three new devices to help monitor heart health from home
Posted 13-Feb-2020 20:05


Auckland start-up Yourcar matches new car buyers with dealerships
Posted 13-Feb-2020 18:05


School gardens go high tech to teach kids the importance of technology
Posted 13-Feb-2020 11:10


Malwarebytes finds Mac threats outpace Windows for the first time
Posted 13-Feb-2020 08:01


Amazon launches Echo Show 8 in Australia and New Zealand
Posted 8-Feb-2020 20:36


Vodafone New Zealand starts two year partnership with LetsPlay.Live
Posted 28-Jan-2020 11:24


Ring launches indoor-only security camera
Posted 23-Jan-2020 17:26


New report findings will help schools implement the digital technologies curriculum content
Posted 23-Jan-2020 17:25


N4L to upgrade & support wireless internet inside schools
Posted 23-Jan-2020 17:22


Netflix releases 21 Studio Ghibli works
Posted 22-Jan-2020 11:42


Vodafone integrates eSIM into device and wearable roadmap
Posted 17-Jan-2020 09:45


Do you need this camera app? Group investigates privacy implications
Posted 16-Jan-2020 03:30


JBL launches headphones range designed for gaming
Posted 13-Jan-2020 09:59


Withings introduces ScanWatch wearable combining ECG and sleep apnea detection
Posted 9-Jan-2020 18:34


NZ Police releases public app
Posted 8-Jan-2020 11:43



Geekzone Live »

Try automatic live updates from Geekzone directly in your browser, without refreshing the page, with Geekzone Live now.


Support Geekzone »

Our community of supporters help make Geekzone possible. Click the button below to join them.

Support Geezone on PressPatron



Are you subscribed to our RSS feed? You can download the latest headlines and summaries from our stories directly to your computer or smartphone by using a feed reader.

Alternatively, you can receive a daily email with Geekzone updates.