You are viewing the older version of this Weblog. I have left this version available for those of you who do not have Javascript enabled in your web browser.

If you have Javascript enabled and would like to view the lastest version of this Weblog, please go here.
« Weekend pic(k)s... | Main |   » The wedding toast...

October 05, 2005

Informatio: , ,

Hacked...

hackedThe last twenty-eight hours, or so, have been rather stressful, as I’ve been trying to reassemble my website after being hacked. Thankfully, my webhost had a recent backup of my site and were (fairly) quick to restore it.

This isn’t the first time my site has been deleted by hackers either. It also happened to my music site back in May 2004. At that time, I wasn’t sure if my webhost would be able to restore a backup, but they came through for me in the end. And, while this time was a bit maddening, as well, I knew that some sort of backup would be found.

Anyway, since restoring the site, I’ve taken a few measures to improve security around here.

I lost one post (a good one too) because of this little annoyance — plus a handful of comments. Maybe I’ll attempt a repost of the lost post at some point (along with the comments I received via e-mail), but I’m not completely sure yet.

The hackers left a calling card in the form of two index files in the root of my site. Here’s what they said:

A n o m a l y   1 n   t h e   S y s t e m   C r E W
i S   B A C K   ! ! !

O O O . . . W W W . . . N N N . . . E E E . . . D D D . . .

We are:
V4mu  <*>  S0l4r1s  <*>  paulinhu  <*>  r3ckd4ll  <*>  magic

Need help ? #A1TS on irc.gigachat.net

Nice, eh?

Anyway, I hope they won’t bother me anymore.

In the meantime, I took the opportunity to do some cleanup on my server. I decided not to put my Photoblog back up (the new one or the old one), because I’m posting photos primarily on now. Because of this, there may be some broken links on some of my older posts, but I figure I can deal with that later (let me know if you find anything crucial).

Ugh.

I’m done for the day.

Posted at 12:58 pm

Trackback:

Trackback Link:

Please enable javascript to generate a trackback url

Comments (7):
lame. hackers die.

dennisthemenace () - October 05, 2005 at 1:22 pm

All hackers have really small peckers.

jean - October 05, 2005 at 3:51 pm

Effin script kiddies. Sorry Tim. Have you managed to figure out how they got in?

wheat () (URL) - October 05, 2005 at 3:56 pm

Word, people.

Yeah, Wheat… Well, I think so. Until just recently, “Register Globals” was set to ON in my php.ini file… I’m pretty sure that’s the only major security flaw that I had when all of this happened. I’m not completely sure exactly what they did, though. That item is now set to OFF, so we’ll see.

timsamoff () (URL) - October 05, 2005 at 4:05 pm

oh yeah. that.. yeah, i made that mistake once. Getcha every time with that php.ini. Try replacing the ball bearings, too.

dennisthemenace () - October 05, 2005 at 5:18 pm

A while back I lost a load of posts but managed to recover them – and the comments – thru the google cache.

I went into Bloglines, selected to view all old posts (yeah, I monitor my own blog!), got the permalink and googled it. The cached version was a dream! :-)

graham () - October 06, 2005 at 09:40 am

Yeah, I used the Google Cache last time my Blog was hacked — it helped out a lot. The only problem is that it doesn’t help with comments and things from other visitors.

This time, the hack happened before Google had time to Cache the lost post/comments. :-(

timsamoff () (URL) - October 06, 2005 at 10:19 am

Commenting has been permanently disabled. Please use the Contact button above.