Omega Owners Forum
Chat Area => General Discussion Area => Topic started by: Nickbat on 15 May 2009, 12:29:11
-
But why would any hacker want to do this to a hobby site? >:(
http://news.bbc.co.uk/1/hi/technology/8049780.stm
-
Reading between the lines on that, I suspect it was probably a worm, rather than human attack.
To do some research a couple of years back, I set up a .asp website with no anti-sql injection protection, to see how long it would take the hackers. Once it did get hit, which actually took a surprising amount of time (probably becuase it was non standard software), it obviously got on to a 'suckers' list somewhere, as now all that site does is collect data about hack techniques (that I use to protect my genuine sites), but went through a phase of getting hundreds of hack attempts a day. I think it must now be off the suckers list, as not getting hit at all now...
-
And they got their just deserts for not having a backup strategy. Idiots.
-
Seems like, on top of this (or is it connected?), a new UK "admin" swept up all the member information for spamming.
Dirty tricks and skullduggery in a hobby forum. Who'd have thought it? :o
http://linux.myalbemarle.org/forums/viewtopic.php?f=32&t=41&st=0&sk=t&sd=a
-
And they got their just deserts for not having a backup strategy. Idiots.
They had a strategy....but not a good one:
"Yes, we dutifully backed up our servers every day. Unfortunately, we backed up the servers BETWEEN servers. That is, GREEN, our library server, would be backed up to PURPLE, our WEB/Forum server. That way, if one or the other failed, we would have a back up on the remaining active server. The hacker took out both servers, destroying our ability to use one or the other back up to remedy the situation."
:o :o
-
And they got their just deserts for not having a backup strategy. Idiots.
They had a strategy....but not a good one:
"Yes, we dutifully backed up our servers every day. Unfortunately, we backed up the servers BETWEEN servers. That is, GREEN, our library server, would be backed up to PURPLE, our WEB/Forum server. That way, if one or the other failed, we would have a back up on the remaining active server. The hacker took out both servers, destroying our ability to use one or the other back up to remedy the situation."
:o :o
Thats not a strategy, thats suicide.
Again, reading between the lines, they simply sync'd the 2. So when data corrupted/damaged, the shite gets replicated to other.
If they had any kind of strategy, they should be able to restore to a known good, just before it happened. Possibly even able to do phorensics to discover how it happened, and plug the hole.