![]() |
My site was hacked
Apparently someone got into my gallery script, and used it to commit credit card fraud.. don't ask me how, I have no idea how that even works.. but I got an email from ebay saying this was taking place and that I should take action right away..
Well anyway as of yet this only means I loose my gallery and my site aswell as all sites hosted by the server are down untill tomorrow. Hopefully this wont develop into anything bigger :mad: |
Sorry to hear that. Is this your ebay store that got hacked? You would think that ebay would have better security but then again, nothing is 100% effective......
|
Do you have any evidence of it apart from the email from eBay? If not, are you sure that email isn't phishing?
|
Please verify that it is eBay - you might be getting phished!!!!!
|
When I back from the movies today friend Bastiaan, who hosts my site, dropped a message on my msn, saying my site got hacked, and the server has been taken down because of it.
|
This happened to me a couple of years ago - I had noticed a sudden *massive* increase in hits, all from a website that didn't seem to link to mine - I figured it was some kid trying to boost his site-status by doing lots of referral spamming and so didn't give it much thought. Then, months and months later, I tried to get onto my site and it was down - I called the provider who accused me of phishing and said that due to misuse, they'd taken my site down at the request of the police and their various policies.
I don't know what happened, but I guess that the massive load of hits was some automated crack attempt, trying to break into the portion of my site that ran scripts, once a password with rights was found, they loaded up a fake banking site, and then had a bunch of spam sent out, asking people to fill in their credit card details - you know, the usual scheme. Anyway, the moral of the story is, I guess, if you have access, or are responsible for a site that is open to the internet, make sure that any usernames and passwords are strongly secure - mixes of letters, numbers and 'other' characters. It took about 3-4 months for them to break my password on my site - but it was a simple one - with properly secure password, it could take years and years. |
With a real proper password they won't be able to crack it for hundreds of years. :)
|
That's an absolutely ridiculous assumption. Fifteen digit alphanumeric randomized passwords nonwithstanding, there are hundreds of exploits for common web software that don't involve brute-force hacking of a password at all.
Just because you have a good password doesn't make you immune for "hundreds of years." |
So then, what do you recommend?
|
Jinn, yotta: Two words: Rainbow Tables.
MikeSty: Make your password a combination of lower, uppercase letters, punctuation and numerals. You can only go so far, but the longer the password, the better. |
Not to mention log in attempts by IP address.
Still isn't fool proof but will slow the process. |
Amen trache ;)
Yotta: Quote:
|
All times are GMT -8. The time now is 03:01 AM. |
Powered by vBulletin® Version 3.8.7
Copyright ©2000 - 2025, vBulletin Solutions, Inc.
Search Engine Optimization by vBSEO 3.6.0 PL2
© 2002-2012 Tilted Forum Project