Did anyone else notice Scoobynet was

<B>Hacked by Chinese!!</B>

?? Or was it me ??

Andy A

 

Hi All

I didn't actually see this, but something was definitely done.

All appears to be running normally for now..

Maybe whoever it was would be good enough to contact me on webmaster@scoobynet.co.uk to discuss why, etc? I would be very interested.

If it was just sport, then fair play, I hope that will be the last of it. If not, it would be good to find out what the motive is / was.

All the best

webmaster

 

Hmmm yes I noticed that too. Bizarre.

 

Avi

Yes, I just logged on to be presented with:

"Hello, welcome to

 

I think the original message was

<B>Hacked by Chinese</B>

 

I just couldn't access for about ten mins

 

Beat me to it DW

 

Avi

when you say it was mentioned on EVO.. do you mean that the scoobynet attack was mentioned on evo, or

 

Sorry SDB, just meant that someone had mentioned this attack on EVO before I posted here.

Andy

 

Yes same here, whilst it was going on I was able to look at older threads from earlier today. Cleared my cache so I was connecting

So looks like someone changed the front page, the properties showed a page of around 25 bytes, nowhere near this size it should be and the file type was different. Not the usual HTML document.

Didn't have time to screen capture the information. Damn

Cheers Phill C

 

Yep i saw it too!

Well done Si for getting it back online

Ady

 

SDB

I still have it in memory so will upload a screen capture for you.

Should be up soon.

Si

 

Hmmm ...

[This message has been edited by EvilBevel (edited 19 July 2001).]

 

And I dont have the page anymore - re-cached itself

DW

 

I went on at about 18.50, looked at two topics at the top of General, but couldn't reply with quote, see profile etc. I just got the normal unable to display page screen. Didnt try normal reply tho. Came off, then unable to get back in.

David

 

did it just happen again?
Andy

 

Andy W - Didn't notice anything.

<B><I>Andy A</I></B>


[This message has been edited by Avi (edited 19 July 2001).]

 

Seems fine now, well quick to, tho I do have ADSL

David

 

Is anyone else with a firewall getting intrusion logs?

I currently have 21 attempts (in batches of 3), the latest from node-d8e95045.powerinter.net [216.233.80.69] - so someone could be using other PCs as a springboard. Could Scoobynets IP log be compromised?

mb (forever paranoid!)

 

It appears that it's a very common problem being experienced by lots of web servers around the world..

A big thank you to everyone who let me know that it was happening, especially Ronnie (who was the first)..

and a HUGE thank you to Theo (EvilBevel) for his efforts in helping to get us back on track.

Thank you also to rsquire (Microsoft) for his support and information.

There is a patch which MS advises, but we are already running it.

I think it's unlikely to happen again, as whoever it is has made their point, and in fairness they appear to have done no damage at all, so we should be grateful for that.

All the best

Simon

 

In answer to the questions about data being compromised.

I very much doubt it.

It seems that it is a Denial of Service type of worm. Which either defaces the attacked page (by placing the "hacked by chinese" message on it) or creating a traffic based DoS as a by-product of the way it is distributed.

In addition it looks like the way sites are chosen is completely random (which is a relief), so it is unlikely that there is any specific intention toward scoobynet.

Best regards

Simon

 

Boomer,

I'm not getting any intrusion attemtps my firewall.

Lee

 

I cant access the SWRT store either!

 

Nothing from my Firewall either

 

boomer,

Firewall hasn't had an attempt to probe ports since 3:40pm this afternoon. I am currently running anti virus software, but I guess it won't pick anything up.

Everyone on here should at least have Zonealarm 2.1 on thier PCs, dial up people as well. You never know what someone has uploaded to your PC, so please download it now!!!

 

Well at least that's explained it, I was on here when it went down, can't say I understand what you're all talking about as I'm computer illiterate but I'm just glad scoobynet is back up and running ok

I've not had anything from my firewall either

Sal

 

Didn't see it - but it doesn't sound good Word of warning if you intending to visit worm.com or any other dodgy hacker type websites, make sure your PC is protected (ZoneAlarm is the absolute minimum). These places are not for the inexperienced user. I would steer clear unless you know what you are doing.

Chris

 

It's 'Code Red'

 

 

JackClark,

thanks for the pointer (er, pointers) - very interesting!

mb