[ale] I've been hacked!

Jim Lynch ale_nospam at fayettedigital.com
Wed Nov 21 14:19:18 EST 2007


James P. Kinney III wrote:
> Most likely it is a windows exploit (note the iframe tag) that installs
> something nasty like a bot infection of a backdoor.
>
> I HIGHLY recommend that ftp be TURNED OFF. Use sftp (part of the ssh
> tools package) instead. If the hosting provider does not support sftp,
> get a new one and proclaim loudly about the insecurity of the provider.
>   
I only use sftp, but ftp still is on and I don't see a way of turning it 
off.
> Further, notify the hosting provider of the security breach and the
> intent of your announcing of the breach to the security network and
> spamhous. It is an integrity issue that the hosting providers do all
> they can to ensure they are not the participants in the ongoing war of
> the crap on the net. If they choose to not exercise an acceptable level
> of due diligence, exercise your right to spend your hosting cash
> elsewhere while also exercising your free speech rights to proclaim to
> the world the facts of the situation.
>   
I did complain the last time when I got them to change the password but 
I don't think they did anything about it.  I'll try again.
> If you are aware of other hosting clients on this same machine, send
> them a notice with this information and the suggestion that they should
> also verify there site has not been tampered with as well.
>   
I don't know of any others.

I'm in the processing of moving that site to a bit more friendly one.  
One where I have some control over things.

Thanks,
Jim.
> On Wed, 2007-11-21 at 06:57 -0500, Jim Lynch wrote:
>   
>> Last summer I received notification from Google that a web page on one 
>>     



More information about the Ale mailing list