Avi

Did anyone else notice Scoobynet was

<B>Hacked by Chinese!!</B>

?? Or was it me ??

Andy A

ex-webby

Hi All

I didn't actually see this, but something was definitely done.

All appears to be running normally for now..

Maybe whoever it was would be good enough to contact me on webmaster@scoobynet.co.uk to discuss why, etc? I would be very interested.

If it was just sport, then fair play, I hope that will be the last of it. If not, it would be good to find out what the motive is / was.

All the best

webmaster

SimonH

Hmmm yes I noticed that too. Bizarre.

Dream Weaver

Avi

Yes, I just logged on to be presented with:

"Hello, welcome to

Avi

I think the original message was

<B>Hacked by Chinese</B>

Andy W

I just couldn't access for about ten mins

Avi

Beat me to it DW

SDB

Avi

when you say it was mentioned on EVO.. do you mean that the scoobynet attack was mentioned on evo, or

Avi

Sorry SDB, just meant that someone had mentioned this attack on EVO before I posted here.

Andy

babber

Yes same here, whilst it was going on I was able to look at older threads from earlier today. Cleared my cache so I was connecting

So looks like someone changed the front page, the properties showed a page of around 25 bytes, nowhere near this size it should be and the file type was different. Not the usual HTML document.

Didn't have time to screen capture the information. Damn

Cheers Phill C

adyhicut

Yep i saw it too!

Well done Si for getting it back online

Ady

Dream Weaver

SDB

I still have it in memory so will upload a screen capture for you.

Should be up soon.

Si

EvilBevel

Hmmm ...

[This message has been edited by EvilBevel (edited 19 July 2001).]

Dream Weaver

And I dont have the page anymore - re-cached itself

DW

Shark

I went on at about 18.50, looked at two topics at the top of General, but couldn't reply with quote, see profile etc. I just got the normal unable to display page screen. Didnt try normal reply tho. Came off, then unable to get back in.

David

Andy W

did it just happen again?
Andy

Avi

Andy W - Didn't notice anything.

<B><I>Andy A</I></B>


[This message has been edited by Avi (edited 19 July 2001).]

Shark

Seems fine now, well quick to, tho I do have ADSL

David

boomer

Is anyone else with a firewall getting intrusion logs?

I currently have 21 attempts (in batches of 3), the latest from node-d8e95045.powerinter.net [216.233.80.69] - so someone could be using other PCs as a springboard. Could Scoobynets IP log be compromised?

mb (forever paranoid!)

SDB

It appears that it's a very common problem being experienced by lots of web servers around the world..

A big thank you to everyone who let me know that it was happening, especially Ronnie (who was the first)..

and a HUGE thank you to Theo (EvilBevel) for his efforts in helping to get us back on track.

Thank you also to rsquire (Microsoft) for his support and information.

There is a patch which MS advises, but we are already running it.

I think it's unlikely to happen again, as whoever it is has made their point, and in fairness they appear to have done no damage at all, so we should be grateful for that.

All the best

Simon

SDB

In answer to the questions about data being compromised.

I very much doubt it.

It seems that it is a Denial of Service type of worm. Which either defaces the attacked page (by placing the "hacked by chinese" message on it) or creating a traffic based DoS as a by-product of the way it is distributed.

In addition it looks like the way sites are chosen is completely random (which is a relief), so it is unlikely that there is any specific intention toward scoobynet.

Best regards

Simon

logiclee

Boomer,

I'm not getting any intrusion attemtps my firewall.

Lee

Andy W

I cant access the SWRT store either!

Avi

Nothing from my Firewall either

babber

boomer,

Firewall hasn't had an attempt to probe ports since 3:40pm this afternoon. I am currently running anti virus software, but I guess it won't pick anything up.

Everyone on here should at least have Zonealarm 2.1 on thier PCs, dial up people as well. You never know what someone has uploaded to your PC, so please download it now!!!

Scoobychick

iTrader: (1)

Well at least that's explained it, I was on here when it went down, can't say I understand what you're all talking about as I'm computer illiterate but I'm just glad scoobynet is back up and running ok

I've not had anything from my firewall either

Sal

Chris L

Didn't see it - but it doesn't sound good Word of warning if you intending to visit worm.com or any other dodgy hacker type websites, make sure your PC is protected (ZoneAlarm is the absolute minimum). These places are not for the inexperienced user. I would steer clear unless you know what you are doing.

Chris

JackClark

It's 'Code Red'

JackClark

boomer

JackClark,

thanks for the pointer (er, pointers) - very interesting!

mb