Results 1 to 14 of 14
  1. #1
    Member greeneyes14j's Avatar
    Join Date
    January 18th, 2005
    Posts
    66
    I don't know if this had happened to anyone before, but twice this week some person has hacked into 2 of my sites and changed the password to the cpanel and changed the contact email so I can't get a new one.

    The first time they did it on one of the sites they deleted the main page and my links page, the other site just the password. Now this time they just changed the password and contact on both sites.

    Is there any way to get this to stop? My host can't find whose done it and I've scaned my pc numerous times with nothing infected.

    Also is there something they are doing that I'm not seeing? I don't find any codes put anywhere when I get back in the site and no links seem to be changed. What in the world is this person trying to gain other than making my life miseralbe?

  2. #2
    Affiliate Miester my2cents's Avatar
    Join Date
    January 18th, 2005
    Location
    far far away....
    Posts
    2,161
    about the only thing you can do is get a more secure password...

    this happens to me all the time... all a hacker needs is a script that hits your website with random combinations of letters and numbers... uuusually within an hour they're in...

    I have seen scripts the will make your passwords more secure... put you be hardpressed to get your host to install them to protect you... because if you have shared hosting what ever they do for you they do for everyone else on the server.. most host dont want to change there config for just one person...

    I just went through this with my dedicated server... my NOC sets up all server the same... then each is customized.. except it the user of the server that is responsible to make the changes... and remember what changes were make.. in the event of some problem or hardware crash..
    the server will be taken back to defualt config...

    took me all day to figure out why I had the problem... and then some convincing to allow it to be made.. I have a managed account...

    Joe
    ++++++++++++++++++++++++++++++++++++++++++
    that's my2cents, 'cuz I'm a legend in my own mind....

  3. #3
    I like traffic lights
    Join Date
    January 18th, 2005
    Location
    Southern hemisphere - away from Fukushima
    Posts
    2,936
    Stop using your pet's name or your dob as a password.

    plain dictionary/name/number passwords can be cracked in a very short time.

    Use a meaningless mix of letters and numbers.

    Or put up with unknown peole breaking into your servers and doing whatever the hell they want with them.

    Your choice.

  4. #4
    ABW Ambassador buy_online's Avatar
    Join Date
    January 18th, 2005
    Location
    Richmond, VA
    Posts
    3,234
    What Drewbert said.

    I had a site defaced about a year ago, and my biggest mistake was not changing my password for almost a year. I also could have seen some of the hacking attempts in my logs.

    Fred

  5. #5
    ABW Ambassador
    Join Date
    January 18th, 2005
    Location
    Sacramento, CA
    Posts
    1,263
    I recently had a site hacked through a flaw in vBulletin's calendar... I had everything restored, used the patch and took down the calendar to be safe. I just sold the site, so I no longer have to worry about it
    Hi, I'm a signature.

  6. #6
    Newbie
    Join Date
    January 18th, 2005
    Location
    Mount Pleasant, WI
    Posts
    41
    A while ago I read a great idea on creating passwords. Instead of "thinking" of a password, just use a random "pattern" on the keyboard that you will remember. I wouldn't be able to tell you any of my passwords without looking at a keyboard first. And I try to involve letters and numbers in all of them.

    Might help someone out...

    ScottyB

  7. #7
    Full Member
    Join Date
    January 18th, 2005
    Posts
    224
    Fred,
    <BLOCKQUOTE class="ip-ubbcode-quote"><font size="-1">quote:</font><HR>I had a site defaced about a year ago, and my biggest mistake was not changing my password for almost a year. I also could have seen some of the hacking attempts in my logs.
    <HR></BLOCKQUOTE>
    So how can you see the hacking attempts in your logs? I'd like to know this, so I can watch out for any attempts and change the password.

    Thanks,
    Rick K.9
    "Whether you think you can, or whether you think you can't...You're right!" -Henry Ford-

  8. #8
    Newbie
    Join Date
    January 18th, 2005
    Posts
    26
    Over the last two weeks I've been geting hacked BIG time.

    First they get in to my account on the web host and make a trouble ticket requesting my dedicated server be unpluged and re-sold. I then change the passwords. They also hack my political message board, and cancle one of my domains through godaddy, which is another message board. Even though the domain was locked, I later noticed every domain but that was was locked, like they unlocked it. Next day they make a second trouble tick, one to downgrade the memory on my server, even though I changed the password to the memebrs area. Grrr! Next there back at my video game message board. They delete the database! I change the mySQL password and use the back-up from a day or two ago. Next they delete threads and move everything around (vBulletin). Then they delete tables, and then delete the database again. I then use the back-up again. Next day they delete the domain off my server, and edit my profile on another message board. Looks like it's not through vBulletin that there using to hack me. Through out this I change the admin/root passwords a couple of times, and change the domain password before they hack the site! After about a week of this, I delete the vBulletin, and downgrade to WWWBoard. THEY STILL HACK the index page of the site even with vBulletin taken off!!! So now we know there not using vBulletin. Looks like they got root access some how. I change the site to redirect to another vBulletin site where the owner says they are 'secure'. A few days later (today) the hacker hacks there site!!! Now it looks like they might be using a script some where else to hack sites and not even using my passwords.

  9. #9
    Full Member BrattyKitty's Avatar
    Join Date
    January 18th, 2005
    Location
    Ontario
    Posts
    260
    <BLOCKQUOTE class="ip-ubbcode-quote"><font size="-1">quote:</font><HR> Stop using your pet's name or your dob as a password.

    plain dictionary/name/number passwords can be cracked in a very short time. <HR></BLOCKQUOTE>

    I agree wholeheartedly!


    Try using random letters and numbers like others have already said. Mine is sooooooo randomly put together and case sensitive it drives ME nuts.
    Never argue with an idiot.
    The person watching, may not be able to tell the difference!

    :female: :star: :envelope: [url="http://www.bridalbasics.ca/"]:weddingca[/url]

  10. #10
    I like traffic lights
    Join Date
    January 18th, 2005
    Location
    Southern hemisphere - away from Fukushima
    Posts
    2,936
    nintendo, I think you need to check to see if your PeeCee has a keylogger running on it.

    Sounds like everytime you change a password, they know what the new one is straight away.

    Go out and buy a Mac, log on to your servers from it and change all your passwords (to something other than dictionary words) and see if your problems go away.

  11. #11
    Newbie
    Join Date
    January 18th, 2005
    Posts
    3
    ... or just use Linux!

  12. #12
    ABW Ambassador buy_online's Avatar
    Join Date
    January 18th, 2005
    Location
    Richmond, VA
    Posts
    3,234
    "... or just use Linux!"

    Cause no one would ever hack into a Linux box !

    Come on, give us a break.

    Fred

  13. #13
    Newbie
    Join Date
    January 18th, 2005
    Posts
    3
    sir, I meant Linux for the desktop! Or better yet OpenBSD! Noone is going to hack that when properly set up.

  14. #14
    Member
    Join Date
    January 18th, 2005
    Posts
    51
    Nintendo .. sounds like you're being keylogged, i agree with drewbert

    and sounds like you're also using the same password at different places (for example on your host as well as at go-daddy). for every single thing that i do, i have a different password. i never repeat them.

    there are crooked admins on sites or elsewhere that if for example, you use a particular password to sign up for their message board, they can view the password file (coz you've signed up on their site), they then see certain sites associated with your name (googling you or maybe its even in your messageboard profile) so they then try that same password that you used on their messageboard.

  15. Newsletter Signup

+ Reply to Thread

Similar Threads

  1. Hacker problems, help someone?
    By Paul_Ward in forum Midnight Cafe'
    Replies: 5
    Last Post: December 2nd, 2004, 10:04 AM
  2. Hacker alert!!!!
    By esr615 in forum Midnight Cafe'
    Replies: 4
    Last Post: December 21st, 2003, 11:19 AM
  3. Hacker on the lose
    By Asif in forum Commission Junction - CJ
    Replies: 58
    Last Post: November 13th, 2003, 09:04 AM
  4. What was the deal with the hacker?
    By SSanf in forum Midnight Cafe'
    Replies: 8
    Last Post: February 2nd, 2002, 05:49 PM

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •