Geekzone: technology news, blogs, forums
Guest
Welcome Guest.
You haven't logged in yet. If you don't have an account you can register now.


View this topic in a long page with up to 500 replies per page Create new topic
1 | 2 | 3 | 4
kyhwana2
2469 posts

Uber Geek


  #444847 2-Mar-2011 16:22
Send private message

babye: Same problem. WordPress site hosted at Orcon, via Kiwi Web Host. index.php hacked.

Just waiting for Orcon to restore the site.

You might be able to see the hacked page: http://www.boutereys.co.nz/wp-content/


Wow, you really should be keeping wordpress up to date. In a version that old, there's loads of security vulnerabilities.
 

babye
3 posts

Wannabe Geek


  #444852 2-Mar-2011 16:30
Send private message

Yeah, I'll be having a chat with my developers.

 
 
 
 


DonGould
3892 posts

Uber Geek


  #444858 2-Mar-2011 16:37
Send private message

redjet: PM me if you need any help.


Nice post! :) +1




Promote New Zealand - Get yourself a .kiwi.nz domain name!!!

Check out mine - i.am.a.can.do.kiwi.nz - don@i.am.a.can.do.kiwi.nz


nate
6405 posts

Uber Geek

Moderator
Trusted
Lifetime subscriber

  #444878 2-Mar-2011 17:01
Send private message

I've updated the subject line of this topic to be a little more descriptive - the original implied that Orcon had been hacked, when it's really only one user's account.

Regs
Cloud Guru
4062 posts

Uber Geek

Trusted
Snowflake
Subscriber

  #444883 2-Mar-2011 17:07
Send private message

i attempted to get to http://www.mobiletune.co.nz a few days back and noticed it had been 'hacked by shiraz'. Checking their dns showed they were iserve/orcon hosted too.

looks like they are back up now. but it cost them a job the other day as i went somewhere else




babye
3 posts

Wannabe Geek


  #444889 2-Mar-2011 17:12
Send private message

Someone with a bit more time on their hands could google "shiraz hacker" and check out the dns for the sites showing up.

Regs
Cloud Guru
4062 posts

Uber Geek

Trusted
Snowflake
Subscriber

  #444892 2-Mar-2011 17:15
Send private message

btw, i didnt contact orcon or mobiletune directly when i found the site was hacked, but i did tweet about it and included orcon twitter account in that.  no idea if anyone there followed it up.

http://twitter.com/#!/nzregs/status/40935129601937409





 
 
 
 


Zeon
3630 posts

Uber Geek

Trusted

  #444893 2-Mar-2011 17:15
Send private message

I have had a few situations in the past with customers getting their sites hacked. Had a couple times when they had chmod to 777 on Linux systems and that's easy for a hacker. Most often its a security exploit in the CMS. In all instances its just the index.whatever file being changed. I have never had a problem with hacking on Windows IIS, I think the tools the hackers use are mainly for Linux so even if they find something with poor security hosted on IIS they just ignore it.




Speedtest 2019-10-14


oldmaknz
536 posts

Ultimate Geek


  #444896 2-Mar-2011 17:24

Hosting providers have security pros (or at least, should have) monitoring their networks and ensuring security on their end. The only way, in an ideal world, to get hacked is for your password to be compromised or your website to be compromised.

There are rare events when web hosting providers get hacked, but it's far, far, far more common for it to be the user's fault.

DonGould
3892 posts

Uber Geek


  #444898 2-Mar-2011 17:26
Send private message

All site owners should have some sort of disaster recovery plan and most people don't. They generally don't care and don't think about it and don't want to.





Promote New Zealand - Get yourself a .kiwi.nz domain name!!!

Check out mine - i.am.a.can.do.kiwi.nz - don@i.am.a.can.do.kiwi.nz


hairy1
2971 posts

Uber Geek

Trusted
Lifetime subscriber

  #444903 2-Mar-2011 17:31
Send private message

After the CHC earthquake I really decided I should have some disaster recovery plan. I now backup all my customers websites (20+) weekly to Amazon S3, and also to dropbox in an easy to grab format. This is in addition to my hosting providers weekly backups.

Another measure is to make sure someone else knows where it all is.... A lot of the time stuff is in people heads....

Cheers, Matt.





My views (except when I am looking out their windows) are not those of my employer.


Regs
Cloud Guru
4062 posts

Uber Geek

Trusted
Snowflake
Subscriber

  #444905 2-Mar-2011 17:33
Send private message

Zeon: I have never had a problem with hacking on Windows IIS


the older versions (nt4, win2k) with the default security used to be pretty vulnerable.  if you keep up with security patches etc, then not so much of a problem these days.

that said, if someone wanted to hack *you*, not just run a script, then it probably wouldnt matter what you ran.  if they were skilled and dedicated to the task then there is a good chance they would get in somehow.. no matter if you ran windows, linux or whatever.  it hard to put up a firewall to protect against social engineering.




Zeon
3630 posts

Uber Geek

Trusted

  #444912 2-Mar-2011 17:41
Send private message

Regs:
Zeon: I have never had a problem with hacking on Windows IIS


the older versions (nt4, win2k) with the default security used to be pretty vulnerable.  if you keep up with security patches etc, then not so much of a problem these days.

that said, if someone wanted to hack *you*, not just run a script, then it probably wouldnt matter what you ran.  if they were skilled and dedicated to the task then there is a good chance they would get in somehow.. no matter if you ran windows, linux or whatever.  it hard to put up a firewall to protect against social engineering.


Yes true. It's funny timing actually as one of our IIS web hosting servers came under a DDoS attack last week mainly from Hong Kong. Think it was just random but the thing that protected us in that instance was the sh!thouse international we have =p. But Vocus who provides upstream to our colo company nulled our IP straight away and everything was good again in about 30 mins.




Speedtest 2019-10-14


kyhwana2
2469 posts

Uber Geek


  #444914 2-Mar-2011 17:43
Send private message

In this case it wasn't anything to do with Orcon (nor the other sites getting hacked) but people not updating their own software.

buggerit
4 posts

Wannabe Geek


  #444916 2-Mar-2011 17:48
Send private message

Interesting. My website uses Joomla CMS. If word press has been hacked then it seems to be either aimed at both or something deeper.  I am with kiwiwebhost as well.  What happened was the menus are all changed to Hacked By Shiraz (in mysql), and then as soon as you make the mistake of logging into the administrator back end the home page changes to a fiery skull, as does the administrator backend page.  You can no longer log in through Joomla.  Orcon/Iserve finally restored the backup after 5 days of my site being down. However, the backup still has the hacked menu info in the mysql tables, so it's to an older version I must go... I guess.

I really want Orcon/iServe to identify how it happened to my site and at least 5-6+ others on the SAME server. Did we all have the same vulnerability?  Why are other sites around NZ and the world for that matter not getting the same hacked message if it is a joomla and word press security issue?  Maybe it is just a coincidence that our sites are all kiwiwebhost hosted.

1 | 2 | 3 | 4
View this topic in a long page with up to 500 replies per page Create new topic




News »

Vodafone NZ upgrades international submarine network
Posted 25-Sep-2020 09:09


Jabra announces wireless noise-cancelling airbuds, upgrade existing model
Posted 24-Sep-2020 14:43


Nokia 3.4 to be available in New Zealand
Posted 24-Sep-2020 14:34


HP announces new HP ENVY laptops aimed at content creators
Posted 24-Sep-2020 14:02


Logitech introduce MX Anywhere 3
Posted 21-Sep-2020 21:17


Countdown unveils contactless shopping with new Scan&Go tech
Posted 21-Sep-2020 09:48


HP unveils new innovations for businesses adapting to rapidly evolving workstyles and workforces
Posted 17-Sep-2020 15:36


GoPro launches new HERO9 Black camera
Posted 17-Sep-2020 09:45


Telecommunications industry launches new 5G Facts website
Posted 17-Sep-2020 07:56


New Zealand ranks 3rd in world in GSMA index
Posted 15-Sep-2020 10:13


Trend Micro Security Suite adds web monitoring to prevent identity theft
Posted 14-Sep-2020 15:37


NVIDIA to acquire Arm for US$ 40 billion
Posted 14-Sep-2020 12:27


Epson launches its next gen A3+ colour EcoTank multi-function printer
Posted 10-Sep-2020 16:08


Sony launches three new native 4K SXRD home cinema projectors
Posted 9-Sep-2020 18:00


Catalyst Cloud brings Kubernetes-based open-source web hosting solution to market
Posted 9-Sep-2020 17:54



Geekzone Live »

Try automatic live updates from Geekzone directly in your browser, without refreshing the page, with Geekzone Live now.


Support Geekzone »

Our community of supporters help make Geekzone possible. Click the button below to join them.

Support Geezone on PressPatron



Are you subscribed to our RSS feed? You can download the latest headlines and summaries from our stories directly to your computer or smartphone by using a feed reader.

Alternatively, you can receive a daily email with Geekzone updates.