+ Post New Thread
Page 2 of 2 FirstFirst 12
Results 16 to 26 of 26
General Chat Thread, Virus Hunting Needle-In-A-Haystack in General; Hi , I am the owner of sense-lang.org. I just want to let you know that the problem has been ...
  1. #16

    Join Date
    Nov 2008
    Posts
    4
    Thank Post
    0
    Thanked 1 Time in 1 Post
    Rep Power
    0
    Hi ,
    I am the owner of sense-lang.org.
    I just want to let you know that the problem has been solved by deleting the htaccess file that had been rewrited by malicious program.
    Anyway thanks for your help
    Asaf

  2. Thanks to asaf from:

    OutToLunch (13th November 2008)

  3. #17

    Join Date
    Nov 2008
    Posts
    1
    Thank Post
    0
    Thanked 0 Times in 0 Posts
    Rep Power
    0
    I am new here. Just to confirm that it appears many accounts on IXwebhosting.com have been affected.

  4. #18

    ZeroHour's Avatar
    Join Date
    Dec 2005
    Location
    Edinburgh, Scotland
    Posts
    5,706
    Thank Post
    906
    Thanked 1,321 Times in 803 Posts
    Blog Entries
    1
    Rep Power
    445
    Cheers for the responses guys, welcome to EduGeek and I hope IX sort the whole out soon. I would look for compensation tbh as your reputation is directly affected by this.

  5. #19
    wsl
    wsl is offline

    Join Date
    Nov 2008
    Posts
    4
    Thank Post
    0
    Thanked 0 Times in 0 Posts
    Rep Power
    0

    corrupted .htaccess files

    Quote Originally Posted by WavMaker View Post
    My site is hosted at IXwebhosting.com. I've seen posts from other IX clients that their sites are being attacked the same way. The rogue .htaccess file is being uploaded via FTP. I've changed my FTP password.

    I'm on a Linux server with Apache - 1.3.31

    I see you are at IXwebhosting.com.
    So am I.
    I see you have experienced this problem November 11th.
    I was made conscious of it only by November 20th.

    I would like to know if you contacted the IXwebhosting.com administrators about this security matter.

    If you rather make your answer private let me know how we can do that.
    Thank you.

    -Roger
    in Québec City.

  6. #20
    wsl
    wsl is offline

    Join Date
    Nov 2008
    Posts
    4
    Thank Post
    0
    Thanked 0 Times in 0 Posts
    Rep Power
    0
    Quote Originally Posted by ZeroHour View Post
    Cheers for the responses guys, welcome to EduGeek and I hope IX sort the whole out soon. I would look for compensation tbh as your reputation is directly affected by this.
    How can we unite our efforts to look for compensation ?

  7. #21

    Join Date
    Nov 2008
    Location
    USA
    Posts
    4
    Thank Post
    0
    Thanked 1 Time in 1 Post
    Rep Power
    0
    Quote Originally Posted by wsl View Post
    I see you are at IXwebhosting.com.
    So am I.
    I see you have experienced this problem November 11th.
    I was made conscious of it only by November 20th.

    I would like to know if you contacted the IXwebhosting.com administrators about this security matter.

    If you rather make your answer private let me know how we can do that.
    Thank you.

    -Roger
    in Québec City.
    No, I did not alert IX Webhosting. They should be alerting me (and you) about it.

  8. #22
    contink's Avatar
    Join Date
    Jul 2006
    Location
    South Yorkshire
    Posts
    3,791
    Thank Post
    303
    Thanked 327 Times in 233 Posts
    Rep Power
    118
    I'd be interested in a full run down of what version of Apache, PHP, and what modules were installed as this sort of thing really is something to keep on top of.

    If you don't maintain the server though I would push for compensation (even if it's a free month or two) or better yet, get a much better managed service.

  9. #23
    wsl
    wsl is offline

    Join Date
    Nov 2008
    Posts
    4
    Thank Post
    0
    Thanked 0 Times in 0 Posts
    Rep Power
    0

    time stamp the hack began

    Can you confirm the date and time the .htaccess file(s) was updated?

    Thank you

  10. #24

    Join Date
    Nov 2008
    Location
    USA
    Posts
    4
    Thank Post
    0
    Thanked 1 Time in 1 Post
    Rep Power
    0
    Quote Originally Posted by wsl View Post
    Can you confirm the date and time the .htaccess file(s) was updated?

    Thank you
    Yes. My .htaccess file was hacked and replaced by the hacker's .htaccess file on Nov 7, 2008, at 7:58 pm, according to the IX server timestamp.

    And, I know of one other IX account whose .htaccess file was hacked on Nov 29, 2008, at 5:06 pm, according to the IX server timestamp.
    Last edited by WavMaker; 2nd December 2008 at 11:56 PM. Reason: additional info

  11. #25
    wsl
    wsl is offline

    Join Date
    Nov 2008
    Posts
    4
    Thank Post
    0
    Thanked 0 Times in 0 Posts
    Rep Power
    0
    Quote Originally Posted by WavMaker View Post
    Yes. My .htaccess file was hacked and replaced by the hacker's .htaccess file on Nov 7, 2008, at 7:58 pm, according to the IX server timestamp.

    And, I know of one other IX account whose .htaccess file was hacked on Nov 29, 2008, at 5:06 pm, according to the IX server timestamp.
    Mine were hacked twice :

    November 20th (no time provided) and November 27th 8:47 am

    I suppose the hacker's cron will hit again sooner or later.

  12. #26
    contink's Avatar
    Join Date
    Jul 2006
    Location
    South Yorkshire
    Posts
    3,791
    Thank Post
    303
    Thanked 327 Times in 233 Posts
    Rep Power
    118
    You really need to find out the vector the script is using to blow your site wide open.

    Any chance you could provide a bit more intel on what your site is/does and whether it has any PHP scripting or similar installed..

SHARE:
+ Post New Thread
Page 2 of 2 FirstFirst 12

Similar Threads

  1. New Virus?
    By apeo in forum Windows
    Replies: 8
    Last Post: 10th October 2008, 01:12 PM
  2. Job Hunting Survey - Please Help
    By SpecialAgent in forum Educational IT Jobs
    Replies: 11
    Last Post: 3rd April 2008, 07:09 PM
  3. Website Virus
    By karldenton in forum Web Development
    Replies: 6
    Last Post: 21st November 2007, 11:56 AM
  4. Virus Question
    By jlr58 in forum Windows
    Replies: 2
    Last Post: 27th June 2007, 08:06 PM

Thread Information

Users Browsing this Thread

There are currently 1 users browsing this thread. (0 members and 1 guests)

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •