Re: [ubuntu-uk] Website Hacked..... (now showing online?)
Matt Jones wrote: [snip] Looks like you just got away with it. Making a full site backup probably isn't a bad idea! Glad you got it sorted, And get phpbb and wordpress updated immediately, I suspect these were the attack vectors. I'm sure, if you don't feel confident about doing that yourself, there will be people on this list willing to help out pro bono. -n -- ubuntu-uk@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-uk https://wiki.ubuntu.com/UKTeam/
Re: [ubuntu-uk] Website Hacked.....
Alan Pope wrote: [snip] A highly damaging hack at UK-based web hosting company VAserv has taken a tragic turn for the worse after it was revealed that the boss of the Indian firm whose software was at the centre the attack, has hanged himself. General consensus is that he had lost one or several major contracts his consultancy firm held, and they were the major contributory factor to his taking his life. The VAserv debacle I think was just one of many straws that broke the camel's back. -n -- ubuntu-uk@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-uk https://wiki.ubuntu.com/UKTeam/
Re: [ubuntu-uk] Website Hacked.....
Hi John, On Sat, Jun 27, 2009 at 08:51:26PM +0100, John wrote: It looks like my site is gone. The host has not backed up as promised, and they are just saying its gone no backup. That's all I'm getting. They wont tell me what happened, they wont tell me how the hacker got in, tjhey wont tell me why there is no backup. Nothing. I am feeling very sick right now. I agree with others who have said that the web applications you are running are the most likely attack vector, and that you should make sure they are kept up to date. It's important that you understand how this happened, so if I were you I would insist that the hosting company tell you whether the damage was restricted to just you or not. This will give you some idea as to whether the entry point was software you are running or via some other customer's account. As for your backups, if you are paying for the hosting company to do backups (even if it's included in the price) and they didn't do them then this is very disappointing and makes the backup feature worthless. I see from the later posts in the thread that you seem to have got the data back so perhaps they found their backups. In any case, for the future, you aren't likely to get far disputing backup failures with any hosting company so it is best to assume responsibility yourself for this. That may mean just checking that backups your host does actually exist and are correct, or it may mean doing them yourself. 2.5GiB is not a large amount of data so there isn't really any excuse for not keeping a backup yourself. Cheers, Andy -- http://bitfolk.com/ -- No-nonsense VPS hosting [Open Source is] like trying to sell human rights to China because it might lead to more effective business models. -- David Kastrup signature.asc Description: Digital signature -- ubuntu-uk@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-uk https://wiki.ubuntu.com/UKTeam/
Re: [ubuntu-uk] Website Hacked.....
412 sites on a shared server is pushing it a bit. Really? Depends on the server! Absolutely, I know of firms that run upwards of a 1000 websites on a single server. Admittedly, they are small, low traffic sites and they are carefully monitored so if traffic starts building the sites are moved to less congested servers, but this kind of thing will happen when people pay peanuts for hosting... As the old saying goes, you get what you pay for. -- ubuntu-uk@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-uk https://wiki.ubuntu.com/UKTeam/
Re: [ubuntu-uk] Website Hacked.....
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 William Anderson wrote: Alan Pope wrote: [snip] A highly damaging hack at UK-based web hosting company VAserv has taken a tragic turn for the worse after it was revealed that the boss of the Indian firm whose software was at the centre the attack, has hanged himself. General consensus is that he had lost one or several major contracts his consultancy firm held, and they were the major contributory factor to his taking his life. The VAserv debacle I think was just one of many straws that broke the camel's back. -n Yeah. I think I read somewhere that his mother and sister had committed suicide earlier this year as well. - -- Many thanks Harry Rickards (GPG Key ID:58449F6F) - -BEGIN GEEK CODE BLOCK- Version: 3.1 GAT/GCM/GCS/GCC/GIT/GM d? s: a? C UL P- L+++ E--- W+++ N o K+ w--- O- M- V- PS+ PE Y+ PGP++ t 5 X R tv-- b+++ DI D G e* h! !r y? - --END GEEK CODE BLOCK-- -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.9 (GNU/Linux) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org iJwEAQECAAYFAkpHTkkACgkQ+9DWHFhEn2/z3QQAvmLzVuVCRd6hdo0aDnMhiO82 zXJoERRm+N5jwLAZzC5jvHquqRnfYQxGKnbVBRGnLJTVr7i9ITVjAUYcujnW8iWA oweZr+L568A4jWO5k1Fu9cYzNyPA7kgy99t4m9BYuTyL3AFHcBjlz13GSZlpnW3c 6U1NfBwiNVaAIYAI+tY= =j5uJ -END PGP SIGNATURE- -- ubuntu-uk@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-uk https://wiki.ubuntu.com/UKTeam/
Re: [ubuntu-uk] Website Hacked.....
LeeGroups wrote: As the old saying goes, you get what you pay for. I have not used that old saying much at all since I started using linux -- alan cocks Ubuntu user -- ubuntu-uk@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-uk https://wiki.ubuntu.com/UKTeam/
Re: [ubuntu-uk] Website Hacked.....
On Sun, Jun 28, 2009 at 12:08 PM, alan caecl...@candt.waitrose.com wrote: LeeGroups wrote: As the old saying goes, you get what you pay for. I have not used that old saying much at all since I started using linux I've been stung a few times when it came to hosting... there was a company called (names changed to protect the innocent) Poorwebspace that I bought a reseller package from for a year or so... they had this incredibly vibrant community forum and it was a great time, I learned a lot and made many friends... but when it came down to the crunch the whole thing was basically some fella in Wales and his girlfriend. I remember at one stage the girlfriend (who doubled up as the support contact) was moved from support to accounts due to some customer making unnecessary sexual advances or something. Must be hard, eh, if you pretend to be a large company, think you've got it good, and folks are flirting with your girlfriend!! You would move her to accounts, I guess... or perhaps send her down to Tesco to buy some more cans of beer ;-) The internet, eh! Love it or loathe it you can't ignore it. Sean ps. if anybody wants webhosting give me a shout. I don't have a girlfriend, but I do have a server and a cat who sometimes visits. You can flirt with the cat if you want, but just remember - Tesco Own Brand doesn't do... if you want to really win the cat's heart it has to be Whiskas. -- ubuntu-uk@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-uk https://wiki.ubuntu.com/UKTeam/
Re: [ubuntu-uk] OT: Cat food was Website Hacked.....
Sean Miller wrote: ps. if anybody wants webhosting give me a shout. I don't have a girlfriend, but I do have a server and a cat who sometimes visits. You can flirt with the cat if you want, but just remember - Tesco Own Brand doesn't do... if you want to really win the cat's heart it has to be Whiskas. Oooh sounds like that cat has expensive tastes, my 7 cats eat what they're given (Tesco's own brand) and if they don't like it, well there is a nice variety of Seagulls outside for them to catch. Rob -- ubuntu-uk@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-uk https://wiki.ubuntu.com/UKTeam/
Re: [ubuntu-uk] Website Hacked.....
2009/6/28 Andy Smith a...@strugglers.net: Hi John, On Sat, Jun 27, 2009 at 08:51:26PM +0100, John wrote: It looks like my site is gone. The host has not backed up as promised, and they are just saying its gone no backup. That's all I'm getting. They wont tell me what happened, they wont tell me how the hacker got in, tjhey wont tell me why there is no backup. Nothing. I am feeling very sick right now. I agree with others who have said that the web applications you are running are the most likely attack vector, and that you should make sure they are kept up to date. Like I said in an earlier post, many other sites on the same server were also compromised. It's likely that he'll never find out which one was responsible. I agree that keeping everything up to date is essential though. [snip] In any case, for the future, you aren't likely to get far disputing backup failures with any hosting company so it is best to assume responsibility yourself for this. That may mean just checking that backups your host does actually exist and are correct, or it may mean doing them yourself. 2.5GiB is not a large amount of data so there isn't really any excuse for not keeping a backup yourself. Seconded, and there are many backup options that don't require downloading the whole 2.5GiB each time. -- ubuntu-uk@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-uk https://wiki.ubuntu.com/UKTeam/
Re: [ubuntu-uk] Website Hacked.....
Lucy wrote: [snip] Like I said in an earlier post, many other sites on the same server were also compromised. It's likely that he'll never find out which one was responsible. Other sites being compromised doesn't necessarily mean they were responsible for the damage to John's site, just indicative of an attack directly on the server or a mass attack on similarly vulnerable sites on the same server. -n -- ubuntu-uk@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-uk https://wiki.ubuntu.com/UKTeam/
Re: [ubuntu-uk] Website Hacked.....
2009/6/28 William Anderson ne...@well.com: Lucy wrote: [snip] Like I said in an earlier post, many other sites on the same server were also compromised. It's likely that he'll never find out which one was responsible. Other sites being compromised doesn't necessarily mean they were responsible for the damage to John's site, just indicative of an attack directly on the server or a mass attack on similarly vulnerable sites on the same server. True, but it makes finding the cause that much harder and the information I found indicated it was a mass attack. Just one of the many problems with shared servers and why it's so important to keep software up to date and to have your own backups :/ -- ubuntu-uk@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-uk https://wiki.ubuntu.com/UKTeam/
Re: [ubuntu-uk] Website Hacked.....
On 28 Jun 2009, at 13:41, Lucy lucybrid...@gmail.com wrote: 2009/6/28 William Anderson ne...@well.com: Lucy wrote: [snip] Like I said in an earlier post, many other sites on the same server were also compromised. It's likely that he'll never find out which one was responsible. Other sites being compromised doesn't necessarily mean they were responsible for the damage to John's site, just indicative of an attack directly on the server or a mass attack on similarly vulnerable sites on the same server. True, but it makes finding the cause that much harder and the information I found indicated it was a mass attack. Just one of the many problems with shared servers and why it's so important to keep software up to date and to have your own backups :/ Of course the attack could have come from one of the other websites' owners... You never know eh? James -- James Milligan lak...@lake54.com www.lake54.com www.killermentality.com www.twitter.com/lake54 -- ubuntu-uk@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-uk https://wiki.ubuntu.com/UKTeam/
Re: [ubuntu-uk] Videos on BBC News Website
John wrote: Gordon wrote: Sean Miller wrote: On Sat, Jun 27, 2009 at 8:45 AM, Gordongbpli...@gmail.com wrote: Anyone got an answer to playing these? They're Flash. They just played for me out of the box. Sean Hmmm. They just hang up here - what make of flash have you got installed? Hi, I had the same problem, make sure you have Adobe Flash installed from the Add/Remove section, if its not there, you need to install it from the Synaptic. Hope you manage to get it to work, it works for me now. John The only Adobe flash I can see is for 8.04 - I install it, not a lot seems to happen, I go to the BBC and it tells me I have the wrong version of Flash! I click on the link and I get to the page where I've been several times before, try the install and so on and so on! -- ubuntu-uk@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-uk https://wiki.ubuntu.com/UKTeam/
Re: [ubuntu-uk] Website Hacked.....
LeeGroups wrote: 412 sites on a shared server is pushing it a bit. Really? Depends on the server! Absolutely, I know of firms that run upwards of a 1000 websites on a single server. Admittedly, they are small, low traffic sites and they are carefully monitored so if traffic starts building the sites are moved to less congested servers, but this kind of thing will happen when people pay peanuts for hosting... As the old saying goes, you get what you pay for. Unfortunately, my circumstances are such that I cannot afford to pay a lot of money for hosting services. This Host has moved me around quite a few times to different servers. I wish I could afford to pay more. -- ubuntu-uk@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-uk https://wiki.ubuntu.com/UKTeam/
Re: [ubuntu-uk] Website Hacked.....
Lucy wrote: 2009/6/28 Andy Smith a...@strugglers.net: Hi John, On Sat, Jun 27, 2009 at 08:51:26PM +0100, John wrote: It looks like my site is gone. The host has not backed up as promised, and they are just saying its gone no backup. That's all I'm getting. They wont tell me what happened, they wont tell me how the hacker got in, tjhey wont tell me why there is no backup. Nothing. I am feeling very sick right now. I agree with others who have said that the web applications you are running are the most likely attack vector, and that you should make sure they are kept up to date. Like I said in an earlier post, many other sites on the same server were also compromised. It's likely that he'll never find out which one was responsible. I agree that keeping everything up to date is essential though. [snip] In any case, for the future, you aren't likely to get far disputing backup failures with any hosting company so it is best to assume responsibility yourself for this. That may mean just checking that backups your host does actually exist and are correct, or it may mean doing them yourself. 2.5GiB is not a large amount of data so there isn't really any excuse for not keeping a backup yourself. Seconded, and there are many backup options that don't require downloading the whole 2.5GiB each time. Hi, what backup options are there that dont require you to download the full site each time. It is some of my fault for relying on the host, I should never have done that. I need to learn more. John -- ubuntu-uk@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-uk https://wiki.ubuntu.com/UKTeam/
Re: [ubuntu-uk] Website Hacked.....
John, LeeGroups wrote: 412 sites on a shared server is pushing it a bit. Really? Depends on the server! Absolutely, I know of firms that run upwards of a 1000 websites on a single server. Admittedly, they are small, low traffic sites and they are carefully monitored so if traffic starts building the sites are moved to less congested servers, but this kind of thing will happen when people pay peanuts for hosting... As the old saying goes, you get what you pay for. Unfortunately, my circumstances are such that I cannot afford to pay a lot of money for hosting services. This Host has moved me around quite a few times to different servers. I wish I could afford to pay more. If you're that strapped for cash, why not get your broadband provider to give you a fixed IP address and move the site to a server running from home. Unless you are shoving out massive amounts of data per page, it will be more than adequate. You have full control of the server and should be able to lock it down pretty tightly. If yuor broadband provider won't, move to another one that will. Regards, D ubuntu/uk-2009-06-28.txubuntu-uk jake...@sky.com ++ | Dave Restall, Computer Nerd, Cyclist, Radio Amateur G4FCU, Bodger | | Mob +44 (0) 7973 831245 Skype: dave.restall Radio: G4FCU | | email : d...@restall.net Web : Not Ready Yet :-( | ++ | What's another word for thesaurus? | | -- Steven Wright | ++ -- ubuntu-uk@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-uk https://wiki.ubuntu.com/UKTeam/
Re: [ubuntu-uk] Website Hacked..... (now showing online?)
Hi everybody, I have just finished reading all of your posts. I have to say that I am overwhelmed by your concern and your support. I cannot thank you all enough for everything that you have done for me here. I am in the process of trying to find out from my Host what happened, and they dont seem to be wanting to give me any information. All I can get from them is they have fixed it and that is all I need to know. I am going through your posts again, to see if I can learn something an d put it to use, so that this doesnt happen again. I just want to say you are an amazing group of people, and I need to thank you all for your support. John -- ubuntu-uk@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-uk https://wiki.ubuntu.com/UKTeam/
[ubuntu-uk] G*d help me I just had to TRY to use Vits*
I have an application that runs in dos (real dos not a terminal) and I needed to know the IO port a piece of hardware used under M$, I *thought* it might be the same under Ubuntu but wanted to make sure. So I resurrected a machine that has been off for nearly 2 years, it was a dual boot of Vist* 64 and Ubuntu 8.04 64. I had to change the video card as I had canabalised it before to fix another machine, so I put in an old Nvidia 5200 (a reasonable card in it day), Ubuntu booted fine, then tried Vist*, BLOO** H**L what a shock to the system. SLOW to load, SLOW to show folders, and it didn't recognise the raid card (the one I wanted the IO info from) so I had to d/l a driver, then when it rebooted no VIDEO!! (it recognised that I had installed a NV 5200 card as it told me so, even told me it had installed the driver HA!) So eventually I found the card that used to be in it, and rebooted again, this time video/blank screen OOPS! WHY a blank screen for 10-20 seconds (monitor went to standby), then video again. Finally installed the driver (another re-boot) and was able to get the info I wanted. What a PAIN IN THE A**. I am glad I left it for dead TWO YEARS AGO! If I was still using it and contemplating the new W7 the price would be enough to put me off, I can buy A COMPLETE PC for the price of an UPGRADE license (Over £150) I found the Vista Experience a bit bland (performance on the goodness meter was 5.0) after running Compiz, NO control over what happens at all, you either get it or you don't, The side bar I tuned off after the first 5 minutes, and I don't feel that I have missed anything (other than the annoying prompts and no network issues) over the past 2 years. Way to go LINUX!! -- ubuntu-uk@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-uk https://wiki.ubuntu.com/UKTeam/
Re: [ubuntu-uk] Website Hacked.....
On 28/06/09 18:30, John wrote: snip / Hi, what backup options are there that dont require you to download the full site each time. It is some of my fault for relying on the host, I should never have done that. I need to learn more. John I would check out rsync first, your host will probably have it already installed if it is a Linux system, if you have the option, rdiff-backup is also well worth a look. HTH Al -- ubuntu-uk@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-uk https://wiki.ubuntu.com/UKTeam/
Re: [ubuntu-uk] Website Hacked.....
John wrote: Lucy wrote: 2009/6/28 Andy Smith a...@strugglers.net: [...] Seconded, and there are many backup options that don't require downloading the whole 2.5GiB each time. Hi, what backup options are there that dont require you to download the full site each time. It is some of my fault for relying on the host, I should never have done that. I need to learn more. John I have been using httrack web and it includes an option to update the information, presumably not replacing it all. -- alan cocks Ubuntu user -- ubuntu-uk@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-uk https://wiki.ubuntu.com/UKTeam/
Re: [ubuntu-uk] Ship-It Discs
Christopher McDade wrote: [...] Thanks Tony, Rob and Steve, appreciate the responses, sorry to take so long to get back to you. Will be great to plug the gap with the Ubuntu x86 ones. Hello, Chris. OK, but where do you want the CD's to be sent? Bye, Tony. -- Dr. A.J.Travis, University of Aberdeen, Rowett Institute of Nutrition and Health, Greenburn Road, Bucksburn, Aberdeen AB21 9SB, Scotland, UK tel +44(0)1224 712751, fax +44(0)1224 716687, http://www.rowett.ac.uk mailto:a.tra...@abdn.ac.uk, http://bioinformatics.rri.sari.ac.uk/~ajt -- ubuntu-uk@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-uk https://wiki.ubuntu.com/UKTeam/
Re: [ubuntu-uk] Website Hacked.....
John wrote: [snip] Hi, what backup options are there that dont require you to download the full site each time. It is some of my fault for relying on the host, I should never have done that. I need to learn more. check out the rsync, sitecopy, and mirror packages -n -- ubuntu-uk@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-uk https://wiki.ubuntu.com/UKTeam/