HACKED??
#2
Hi All
I didn't actually see this, but something was definitely done.
All appears to be running normally for now..
Maybe whoever it was would be good enough to contact me on webmaster@scoobynet.co.uk to discuss why, etc? I would be very interested.
If it was just sport, then fair play, I hope that will be the last of it. If not, it would be good to find out what the motive is / was.
All the best
webmaster
I didn't actually see this, but something was definitely done.
All appears to be running normally for now..
Maybe whoever it was would be good enough to contact me on webmaster@scoobynet.co.uk to discuss why, etc? I would be very interested.
If it was just sport, then fair play, I hope that will be the last of it. If not, it would be good to find out what the motive is / was.
All the best
webmaster
Trending Topics
#10
Yes same here, whilst it was going on I was able to look at older threads from earlier today. Cleared my cache so I was connecting
So looks like someone changed the front page, the properties showed a page of around 25 bytes, nowhere near this size it should be and the file type was different. Not the usual HTML document.
Didn't have time to screen capture the information. Damn
Cheers Phill C
So looks like someone changed the front page, the properties showed a page of around 25 bytes, nowhere near this size it should be and the file type was different. Not the usual HTML document.
Didn't have time to screen capture the information. Damn
Cheers Phill C
#15
I went on at about 18.50, looked at two topics at the top of General, but couldn't reply with quote, see profile etc. I just got the normal unable to display page screen. Didnt try normal reply tho. Came off, then unable to get back in.
David
David
#19
Scooby Senior
Join Date: Feb 2000
Location: West Midlands
Posts: 5,763
Likes: 0
Received 0 Likes
on
0 Posts
Is anyone else with a firewall getting intrusion logs?
I currently have 21 attempts (in batches of 3), the latest from node-d8e95045.powerinter.net [216.233.80.69] - so someone could be using other PCs as a springboard. Could Scoobynets IP log be compromised?
mb (forever paranoid!)
I currently have 21 attempts (in batches of 3), the latest from node-d8e95045.powerinter.net [216.233.80.69] - so someone could be using other PCs as a springboard. Could Scoobynets IP log be compromised?
mb (forever paranoid!)
#20
It appears that it's a very common problem being experienced by lots of web servers around the world..
A big thank you to everyone who let me know that it was happening, especially Ronnie (who was the first)..
and a HUGE thank you to Theo (EvilBevel) for his efforts in helping to get us back on track.
Thank you also to rsquire (Microsoft) for his support and information.
There is a patch which MS advises, but we are already running it.
I think it's unlikely to happen again, as whoever it is has made their point, and in fairness they appear to have done no damage at all, so we should be grateful for that.
All the best
Simon
A big thank you to everyone who let me know that it was happening, especially Ronnie (who was the first)..
and a HUGE thank you to Theo (EvilBevel) for his efforts in helping to get us back on track.
Thank you also to rsquire (Microsoft) for his support and information.
There is a patch which MS advises, but we are already running it.
I think it's unlikely to happen again, as whoever it is has made their point, and in fairness they appear to have done no damage at all, so we should be grateful for that.
All the best
Simon
#21
In answer to the questions about data being compromised.
I very much doubt it.
It seems that it is a Denial of Service type of worm. Which either defaces the attacked page (by placing the "hacked by chinese" message on it) or creating a traffic based DoS as a by-product of the way it is distributed.
In addition it looks like the way sites are chosen is completely random (which is a relief), so it is unlikely that there is any specific intention toward scoobynet.
Best regards
Simon
I very much doubt it.
It seems that it is a Denial of Service type of worm. Which either defaces the attacked page (by placing the "hacked by chinese" message on it) or creating a traffic based DoS as a by-product of the way it is distributed.
In addition it looks like the way sites are chosen is completely random (which is a relief), so it is unlikely that there is any specific intention toward scoobynet.
Best regards
Simon
#25
boomer,
Firewall hasn't had an attempt to probe ports since 3:40pm this afternoon. I am currently running anti virus software, but I guess it won't pick anything up.
Everyone on here should at least have Zonealarm 2.1 on thier PCs, dial up people as well. You never know what someone has uploaded to your PC, so please download it now!!!
Firewall hasn't had an attempt to probe ports since 3:40pm this afternoon. I am currently running anti virus software, but I guess it won't pick anything up.
Everyone on here should at least have Zonealarm 2.1 on thier PCs, dial up people as well. You never know what someone has uploaded to your PC, so please download it now!!!
#26
Scooby Regular
iTrader: (1)
Join Date: Feb 2001
Location: Nobbering about...
Posts: 16,067
Likes: 0
Received 0 Likes
on
0 Posts
Well at least that's explained it, I was on here when it went down, can't say I understand what you're all talking about as I'm computer illiterate but I'm just glad scoobynet is back up and running ok
I've not had anything from my firewall either
Sal
I've not had anything from my firewall either
Sal
#27
Scooby Regular
Join Date: May 2000
Location: MY00,MY01,RX-8, Alfa 147 & Focus ST :-)
Posts: 10,371
Likes: 0
Received 0 Likes
on
0 Posts
Didn't see it - but it doesn't sound good Word of warning if you intending to visit worm.com or any other dodgy hacker type websites, make sure your PC is protected (ZoneAlarm is the absolute minimum). These places are not for the inexperienced user. I would steer clear unless you know what you are doing.
Chris
Chris