jason8612

You talking about me or PTravel?

Module/ Latest Version /Installed Version
Apache Core 1.3.36 1.3.36
PHP 5.1.4/4.4.2 5.1.4
Passthrough Authentication 1.8 1.8
Bytes Logger 1.2 1.2
Bandwidth Limiter 1.4 1.4
FrontPage FrontPage/5.0.2.2635.SR1.2 5.0.2.2635.SR1.2
mod_ssl 2.8.27 2.8.27
OpenSSL 0.9.7h 0.9.7a

Im all updated

birdstrike

PTravel. Apologies for the confusion, we must have been typing at the same time.

tom911

For us neophytes, is it as easy to hack a banking or mutual find site, or do they have more safeguards built in for this type of thing?

birdstrike

It's not impossible for a major site to be compromised, but it it not usually by this kind of hacking. They have IT people on the payroll 24x7 who are looking out for this kind of issue and cooperate closely with the software vendors to close holes before they can be exploited.

The sites in the news seem to lose their data by leaving laptops lying around to be stolen.

UALOneKPlus

Depending on if the financial institution is using an off the shelf software or home-grown application, the risks may vary.

However, merely hacking into the web-hosting server is often not enough to compromise the back-end application, as was the case here.

The banking applications typically have their own security access via firewalls and other application authentication mechanisms.

The real problem comes from phishing when users are duped into giving up their user names and passwords via scam emails.

redbeard911

This wasn't one of the "adult" sites, was it?

http://www.glenstephens.com/


(This dude sells stamps, and he lives in Australia, or Oz. You make the connection)

winkydink

The legacy V1 of Apache is still maintained. The most recent release is 1.3.37

Palal

It's possible to hack anything. Usually, however, it's easier to get information about anything using social engineering. I'd suggest reading two books by Kevin D. Mitnick: "Art of Deception" and "Art of Intrusion". The first is aimed at a broader audience than the second.

Kagehitokiri

Art of Intrusion is all true stories though, as opposed to the hypotheticals in Art of Deception. i found both to be very enlightening.

Emma65

But - is it a linux server or a windows server? I'm thinking of that virus that attacked windows 2000 servers a few years ago and attached stuff at the bottom of each html page after the </html> tag.

I had my server hacked. A) it inherited flaws from a server my previous business partner had set. B) I was running a phpBB forum on there that had some serious holes in it. Found complete databases in my mysql with commands.

Pretty impossible for me to change host as I am the host and the guy who sysadmins it for me now is an absolute star. My former boss and one of the top blokes in the country on internet security and even designed and built firewalls.

New server, new installations and the phpBB is being chucked out.

/E

Emma65

sorry - deleted for double post

alanh

The site appears to be running Apache 1.3.37 on Linux.

The homepage still has the invisible spam links. This tactic is used to raise their ranking in search engines because it makes their site look very popular.

Darren

Yikes! One of the embedded codes on your home page. Good luck with getting everything straightened out.

<a href="hxxp://www.dr-tom.com/downloads/xanax/
commit-suicide-on-xanax.html">commit suicide on xanax</a>

The sad thing is that Dr Tom probably doesn't even know his site is being used to proliferate this stuff.

PTravel

Unbelievable! I just checked it this morning!

How are they doing this? I changed my password -- how are they getting in?

Scifience

They aren't using your password, obviously. Since it is shared hosting, no doubt someone else on your server (or the host itself) is running a script or some piece of software that has a security hole in it that is allowing the hackers to access and modify the content on the server.

This can happen to anyone on occasion, but your host should definitely have tracked down and resolved the issue by now. I would strongly advise you get a different host, since your current one is apparently incompetent.