Geekzone: technology news, blogs, forums
Guest
Welcome Guest.
You haven't logged in yet. If you don't have an account you can register now.


View this topic in a long page with up to 500 replies per page Create new topic
1 | 2 | 3 | 4
2460 posts

Uber Geek


  # 444847 2-Mar-2011 16:22
Send private message

babye: Same problem. WordPress site hosted at Orcon, via Kiwi Web Host. index.php hacked.

Just waiting for Orcon to restore the site.

You might be able to see the hacked page: http://www.boutereys.co.nz/wp-content/


Wow, you really should be keeping wordpress up to date. In a version that old, there's loads of security vulnerabilities.
 

3 posts

Wannabe Geek


  # 444852 2-Mar-2011 16:30
Send private message

Yeah, I'll be having a chat with my developers.

 
 
 
 


3889 posts

Uber Geek


  # 444858 2-Mar-2011 16:37
Send private message

redjet: PM me if you need any help.


Nice post! :) +1




Promote New Zealand - Get yourself a .kiwi.nz domain name!!!

Check out mine - i.am.a.can.do.kiwi.nz - don@i.am.a.can.do.kiwi.nz


6361 posts

Uber Geek

Moderator
Trusted
Lifetime subscriber

  # 444878 2-Mar-2011 17:01
Send private message

I've updated the subject line of this topic to be a little more descriptive - the original implied that Orcon had been hacked, when it's really only one user's account.

Cloud Guru
4060 posts

Uber Geek

Trusted
Snowflake
Subscriber

  # 444883 2-Mar-2011 17:07
Send private message

i attempted to get to http://www.mobiletune.co.nz a few days back and noticed it had been 'hacked by shiraz'. Checking their dns showed they were iserve/orcon hosted too.

looks like they are back up now. but it cost them a job the other day as i went somewhere else




3 posts

Wannabe Geek


  # 444889 2-Mar-2011 17:12
Send private message

Someone with a bit more time on their hands could google "shiraz hacker" and check out the dns for the sites showing up.

Cloud Guru
4060 posts

Uber Geek

Trusted
Snowflake
Subscriber

  # 444892 2-Mar-2011 17:15
Send private message

btw, i didnt contact orcon or mobiletune directly when i found the site was hacked, but i did tweet about it and included orcon twitter account in that.  no idea if anyone there followed it up.

http://twitter.com/#!/nzregs/status/40935129601937409





 
 
 
 


3512 posts

Uber Geek

Trusted

  # 444893 2-Mar-2011 17:15
Send private message

I have had a few situations in the past with customers getting their sites hacked. Had a couple times when they had chmod to 777 on Linux systems and that's easy for a hacker. Most often its a security exploit in the CMS. In all instances its just the index.whatever file being changed. I have never had a problem with hacking on Windows IIS, I think the tools the hackers use are mainly for Linux so even if they find something with poor security hosted on IIS they just ignore it.




Speedtest 2019-10-14


536 posts

Ultimate Geek


  # 444896 2-Mar-2011 17:24

Hosting providers have security pros (or at least, should have) monitoring their networks and ensuring security on their end. The only way, in an ideal world, to get hacked is for your password to be compromised or your website to be compromised.

There are rare events when web hosting providers get hacked, but it's far, far, far more common for it to be the user's fault.

3889 posts

Uber Geek


  # 444898 2-Mar-2011 17:26
Send private message

All site owners should have some sort of disaster recovery plan and most people don't. They generally don't care and don't think about it and don't want to.





Promote New Zealand - Get yourself a .kiwi.nz domain name!!!

Check out mine - i.am.a.can.do.kiwi.nz - don@i.am.a.can.do.kiwi.nz


2877 posts

Uber Geek

Trusted
Lifetime subscriber

  # 444903 2-Mar-2011 17:31
Send private message

After the CHC earthquake I really decided I should have some disaster recovery plan. I now backup all my customers websites (20+) weekly to Amazon S3, and also to dropbox in an easy to grab format. This is in addition to my hosting providers weekly backups.

Another measure is to make sure someone else knows where it all is.... A lot of the time stuff is in people heads....

Cheers, Matt.





My views (except when I am looking out their windows) are not those of my employer.

Cloud Guru
4060 posts

Uber Geek

Trusted
Snowflake
Subscriber

  # 444905 2-Mar-2011 17:33
Send private message

Zeon: I have never had a problem with hacking on Windows IIS


the older versions (nt4, win2k) with the default security used to be pretty vulnerable.  if you keep up with security patches etc, then not so much of a problem these days.

that said, if someone wanted to hack *you*, not just run a script, then it probably wouldnt matter what you ran.  if they were skilled and dedicated to the task then there is a good chance they would get in somehow.. no matter if you ran windows, linux or whatever.  it hard to put up a firewall to protect against social engineering.




3512 posts

Uber Geek

Trusted

  # 444912 2-Mar-2011 17:41
Send private message

Regs:
Zeon: I have never had a problem with hacking on Windows IIS


the older versions (nt4, win2k) with the default security used to be pretty vulnerable.  if you keep up with security patches etc, then not so much of a problem these days.

that said, if someone wanted to hack *you*, not just run a script, then it probably wouldnt matter what you ran.  if they were skilled and dedicated to the task then there is a good chance they would get in somehow.. no matter if you ran windows, linux or whatever.  it hard to put up a firewall to protect against social engineering.


Yes true. It's funny timing actually as one of our IIS web hosting servers came under a DDoS attack last week mainly from Hong Kong. Think it was just random but the thing that protected us in that instance was the sh!thouse international we have =p. But Vocus who provides upstream to our colo company nulled our IP straight away and everything was good again in about 30 mins.




Speedtest 2019-10-14


2460 posts

Uber Geek


  # 444914 2-Mar-2011 17:43
Send private message

In this case it wasn't anything to do with Orcon (nor the other sites getting hacked) but people not updating their own software.

4 posts

Wannabe Geek


  # 444916 2-Mar-2011 17:48
Send private message

Interesting. My website uses Joomla CMS. If word press has been hacked then it seems to be either aimed at both or something deeper.  I am with kiwiwebhost as well.  What happened was the menus are all changed to Hacked By Shiraz (in mysql), and then as soon as you make the mistake of logging into the administrator back end the home page changes to a fiery skull, as does the administrator backend page.  You can no longer log in through Joomla.  Orcon/Iserve finally restored the backup after 5 days of my site being down. However, the backup still has the hacked menu info in the mysql tables, so it's to an older version I must go... I guess.

I really want Orcon/iServe to identify how it happened to my site and at least 5-6+ others on the SAME server. Did we all have the same vulnerability?  Why are other sites around NZ and the world for that matter not getting the same hacked message if it is a joomla and word press security issue?  Maybe it is just a coincidence that our sites are all kiwiwebhost hosted.

1 | 2 | 3 | 4
View this topic in a long page with up to 500 replies per page Create new topic



Switch your broadband provider now - compare prices


Twitter and LinkedIn »



Follow us to receive Twitter updates when new discussions are posted in our forums:



Follow us to receive Twitter updates when news items and blogs are posted in our frontpage:



Follow us to receive Twitter updates when tech item prices are listed in our price comparison site:





News »

Intel introduces cryogenic control chip to enable quantum computers
Posted 10-Dec-2019 21:32


Vodafone 5G service live in four cities
Posted 10-Dec-2019 08:30


Samsung Galaxy Fold now available in New Zealand
Posted 6-Dec-2019 00:01


NZ company oDocs awarded US$ 100,000 Dubai World Expo grant
Posted 5-Dec-2019 16:00


New Zealand Rugby Selects AWS-Powered Analytics for Deeper Game Insights
Posted 5-Dec-2019 11:33


IMAGR and Farro bring checkout-less supermarket shopping to New Zealand
Posted 5-Dec-2019 09:07


Wellington Airport becomes first 5G connected airport in the country
Posted 3-Dec-2019 08:42


MetService secures Al Jazeera as a new weather client
Posted 28-Nov-2019 09:40


NZ a top 10 connected nation with stage one of ultra-fast broadband roll-out completed
Posted 24-Nov-2019 14:15


Microsoft Translator understands te reo Māori
Posted 22-Nov-2019 08:46


Chorus to launch Hyperfibre service
Posted 18-Nov-2019 15:00


Microsoft launches first Experience Center worldwide for Asia Pacific in Singapore
Posted 13-Nov-2019 13:08


Disney+ comes to LG Smart TVs
Posted 13-Nov-2019 12:55


Spark launches new wireless broadband "Unplan Metro"
Posted 11-Nov-2019 08:19


Malwarebytes overhauls flagship product with new UI, faster engine and lighter footprint
Posted 6-Nov-2019 11:48



Geekzone Live »

Try automatic live updates from Geekzone directly in your browser, without refreshing the page, with Geekzone Live now.


Support Geekzone »

Our community of supporters help make Geekzone possible. Click the button below to join them.

Support Geezone on PressPatron



Are you subscribed to our RSS feed? You can download the latest headlines and summaries from our stories directly to your computer or smartphone by using a feed reader.

Alternatively, you can receive a daily email with Geekzone updates.