My website was hacked!
#16
Moderator, Hertz; FlyerTalk Evangelist
Join Date: Nov 2005
Location: KRK
Programs: UA 1MM, BA GGL, Hyatt Glob, Hilton Diamond and others
Posts: 12,690
You talking about me or PTravel?
Module/ Latest Version /Installed Version
Apache Core 1.3.36 1.3.36
PHP 5.1.4/4.4.2 5.1.4
Passthrough Authentication 1.8 1.8
Bytes Logger 1.2 1.2
Bandwidth Limiter 1.4 1.4
FrontPage FrontPage/5.0.2.2635.SR1.2 5.0.2.2635.SR1.2
mod_ssl 2.8.27 2.8.27
OpenSSL 0.9.7h 0.9.7a
Im all updated
Module/ Latest Version /Installed Version
Apache Core 1.3.36 1.3.36
PHP 5.1.4/4.4.2 5.1.4
Passthrough Authentication 1.8 1.8
Bytes Logger 1.2 1.2
Bandwidth Limiter 1.4 1.4
FrontPage FrontPage/5.0.2.2635.SR1.2 5.0.2.2635.SR1.2
mod_ssl 2.8.27 2.8.27
OpenSSL 0.9.7h 0.9.7a
Im all updated
#18
In Memoriam, FlyerTalk Evangelist
Join Date: Jun 2000
Location: Benicia CA
Programs: Alaska MVP Gold 75K, AA 3.8MM, UA 1.1MM, enjoying the retired life
Posts: 31,849
For us neophytes, is it as easy to hack a banking or mutual find site, or do they have more safeguards built in for this type of thing?
#19
FlyerTalk Evangelist
Join Date: Oct 2000
Posts: 15,788
The sites in the news seem to lose their data by leaving laptops lying around to be stolen.
#20
FlyerTalk Evangelist
Join Date: Aug 2002
Location: Department of Homeland Sincerity
Programs: WN Platinum
Posts: 12,085
However, merely hacking into the web-hosting server is often not enough to compromise the back-end application, as was the case here.
The banking applications typically have their own security access via firewalls and other application authentication mechanisms.
The real problem comes from phishing when users are duped into giving up their user names and passwords via scam emails.
#21
FlyerTalk Evangelist
Join Date: Nov 2002
Location: DEN
Programs: UA 1MM, Delta Plat
Posts: 11,224
This wasn't one of the "adult" sites, was it?
http://www.glenstephens.com/
(This dude sells stamps, and he lives in Australia, or Oz. You make the connection)
http://www.glenstephens.com/
(This dude sells stamps, and he lives in Australia, or Oz. You make the connection)
#22
Join Date: Apr 2003
Location: RDM
Programs: UA General Member
Posts: 1,247
#23
Join Date: Jul 2005
Location: PEK
Programs: A3*G, UA Gold EY Silver
Posts: 8,956
It's possible to hack anything. Usually, however, it's easier to get information about anything using social engineering. I'd suggest reading two books by Kevin D. Mitnick: "Art of Deception" and "Art of Intrusion". The first is aimed at a broader audience than the second.
#25
Join Date: Jun 2005
Location: Near an airport
Programs: FB, EB, Delta, AC, PC, HH.
Posts: 1,991
I had my server hacked. A) it inherited flaws from a server my previous business partner had set. B) I was running a phpBB forum on there that had some serious holes in it. Found complete databases in my mysql with commands.
Pretty impossible for me to change host as I am the host and the guy who sysadmins it for me now is an absolute star. My former boss and one of the top blokes in the country on internet security and even designed and built firewalls.
New server, new installations and the phpBB is being chucked out.
/E
#27
Join Date: Apr 2005
Location: PHX
Posts: 3,796
The site appears to be running Apache 1.3.37 on Linux.
The homepage still has the invisible spam links. This tactic is used to raise their ranking in search engines because it makes their site look very popular.
The homepage still has the invisible spam links. This tactic is used to raise their ranking in search engines because it makes their site look very popular.
#28
Join Date: Sep 2000
Location: Circle City
Posts: 3,568
Yikes! One of the embedded codes on your home page. Good luck with getting everything straightened out.
<a href="hxxp://www.dr-tom.com/downloads/xanax/
commit-suicide-on-xanax.html">commit suicide on xanax</a>
The sad thing is that Dr Tom probably doesn't even know his site is being used to proliferate this stuff.
<a href="hxxp://www.dr-tom.com/downloads/xanax/
commit-suicide-on-xanax.html">commit suicide on xanax</a>
The sad thing is that Dr Tom probably doesn't even know his site is being used to proliferate this stuff.
Last edited by Darren; Apr 18, 2007 at 8:00 pm
#29
FlyerTalk Evangelist
Original Poster
Join Date: Mar 2004
Location: Newport Beach, California, USA
Posts: 36,062
The site appears to be running Apache 1.3.37 on Linux.
The homepage still has the invisible spam links. This tactic is used to raise their ranking in search engines because it makes their site look very popular.
The homepage still has the invisible spam links. This tactic is used to raise their ranking in search engines because it makes their site look very popular.
How are they doing this? I changed my password -- how are they getting in?
#30
Join Date: Nov 2005
Location: SIN / SFO
Programs: UA GS, SQ PPS, Hyatt Globalist, Marriott Titanium, Hilton Diamond, Accor Gold
Posts: 1,215
This can happen to anyone on occasion, but your host should definitely have tracked down and resolved the issue by now. I would strongly advise you get a different host, since your current one is apparently incompetent.