I was trying to get on the forum eairler and i kept getting redirected to some goons forum. What was that all about ?
WTF is this goons crap
- Thread starter Texanmutt
- Start date
- Latest activity Latest activity:
- Replies 72
- Views 10K
- Status
Looks like another forum is jealous of us or something and feel they must keep trying to hack the site.
Our ISP is now looking into the issue.
Our ISP is now looking into the issue.
Here is a good explanation:
http://news.netcraft.com/archives/2005/07/04/php_blogging_apps_vulnerable_to_xmlrpc_exploits.html
Looks like the server was vulnerable to attacks. Were the libraries updated after you moved the server to the new software?
It was too suspicious that it happened just before the chat.
http://news.netcraft.com/archives/2005/07/04/php_blogging_apps_vulnerable_to_xmlrpc_exploits.html
Looks like the server was vulnerable to attacks. Were the libraries updated after you moved the server to the new software?
It was too suspicious that it happened just before the chat.
I saw this posted and thought "what in the world are you talking about" and sure enough shortly thereafter I see it pop up on mine for a little bit but now can access the pages again (for now).
The jerks managed to hack a Team Speak server admin page 3 months ago that the gaming community I belong to uses.
From there they got root access to our entire box. Man it was a freaking mess because they hid root kits all over the file system. Ended up FDisking the box and starting over with an even stricter firewall.
From there they got root access to our entire box. Man it was a freaking mess because they hid root kits all over the file system. Ended up FDisking the box and starting over with an even stricter firewall.
I went back to goonland this morning and found this......... so were not the only ones...
where is golfreview.com?
<HR style="COLOR: #181b16" SIZE=1><!-- / icon and title --><!-- message -->I'm a golfer and my normal golf forum directed me here? Can you tell me what happend?
<!-- / message -->
where is golfreview.com?
<HR style="COLOR: #181b16" SIZE=1><!-- / icon and title --><!-- message -->I'm a golfer and my normal golf forum directed me here? Can you tell me what happend?
<!-- / message -->
you can't secure your webserver only with a firewall. This damn bastards are using the port 80 ... you have this open doors in your forum-scripts. That's the problemTheDishNetworkInstaller said:
Well in our case yes we could be because its was Team Speak they attacked. The admin control panel isn't on port 80 and we didn't run a web server on the server just games and team speak. Game Ports are wide open the rest are firewalled and only admins for the gaming community can get to it.
In this case all they can do is log the attacks, patch or disable the vulnerable module in the forums and let the FBI or who ever deal with it. If they did patch it then there's obviously still a root kit some where on the machine. In which case fdisking the drive and starting from scratch is probably the only way to stop these idiots once and for all and not installing the vulnerable software till its be patched and proven not to be vulnerable to the attack anymore.
In this case all they can do is log the attacks, patch or disable the vulnerable module in the forums and let the FBI or who ever deal with it. If they did patch it then there's obviously still a root kit some where on the machine. In which case fdisking the drive and starting from scratch is probably the only way to stop these idiots once and for all and not installing the vulnerable software till its be patched and proven not to be vulnerable to the attack anymore.
I was also wondering what happened. I thought my computer got infected with spyware or something.
I typed in g00ns forum into Google and it looks like they have attacked a lot of sites. I hope they get caught and arrested. People like that are truely scum!
I typed in g00ns forum into Google and it looks like they have attacked a lot of sites. I hope they get caught and arrested. People like that are truely scum!
I had no problem until late this morning local time.
All my Sat/Guys bookmarks now take me to goon-net a**holes etc.
I used an old email to work my way to these working pages.
Does anyone see this post?
All my Sat/Guys bookmarks now take me to goon-net a**holes etc.
I used an old email to work my way to these working pages.
Does anyone see this post?
You might want to...
...use a tool like Nessus to do vulnerability testing on your servers before you make them available. It would have detected the vulnerability they exploited. It's constantly updated, it's free, and someone has to pretty much come up with a zero-day exploit to hack you.
...use a tool like Nessus to do vulnerability testing on your servers before you make them available. It would have detected the vulnerability they exploited. It's constantly updated, it's free, and someone has to pretty much come up with a zero-day exploit to hack you.
- Status
