Not sure this is really a "technical" question... but I'll bite: Hai Yi wrote: > a couple days ago one of my friends got hacked into her photo website, > ironically it turned out my business website was hacked too - I found > out yesterday. > > The website hasn't been restored yet, even I wrote an urgent email to > the support of my ISP, lunarpages.com, no response after 24 hours > except for an automatic email. This host used to be a good one, > responding to the requests in time and to the point; however it's > becoming a disappointment in recent years, I think it's time for me to > move my business else where. > > Anyway, I hope someone here can help me with a few questions: does the > ISP bear responsibility for such a security breach?
Depends how access was gained. Figuring that out can be difficult if the intruder is competent, but the sysadmin is more likely to be able to do this than you are, and they may not feel like sharing if it was their fault. > My site has yet to > see much business flow, but suppose there is a successful site being > hacked and the restoration is delayed, who is to blame for the loss? Refer to the contract language for your use of their hosting services. Keep in mind that if the security breach was through your password, you are almost certainly responsible. It is unlikely that the ISP will accept responsibility for any financial loss, even if they admit fault for the breach. > My homepage is replaced by the hacker's page of some crap, is that the > best he can do? Insufficient data. > what kind of attack it is? Insufficient data. > are they able to access my data? Insufficient data, but most likely yes. > I checked that my files are still there, but not sure if the > hacker has made a copy. I would assume so, unless you can confirm that a more limiting mode of access than shell access was employed. -- --------------------------------------------------------------------------- Jeff Newmiller The ..... ..... Go Live... DCN:<jdnew...@dcn.davis.ca.us> Basics: ##.#. ##.#. Live Go... Live: OO#.. Dead: OO#.. Playing Research Engineer (Solar/Batteries O.O#. #.O#. with /Software/Embedded Controllers) .OO#. .OO#. rocks...1k --------------------------------------------------------------------------- _______________________________________________ vox-tech mailing list vox-tech@lists.lugod.org http://lists.lugod.org/mailman/listinfo/vox-tech