Re: Swan's site wildflowerstew.org hacked!


woodstock wrote:

> 1and1 sent her an email telling her that her site was defaced. Her ftp
> folders were in tact, and so it was simply republished.

Sounds to me like a general attack on sites that use PHP Nuke. That's
the thing when you use very popular software systems. Whenever a
security hole becomes known, a LOT of people know how to hack your
site. The attack was probably launched from another 1and1 account. I'm
just guessing that because when a big company hosts so many sites,
there are so many people with permission to access "their part" of the
filesystem (i.e. the hard drive(s). A well-administered server should
keep various accounts from getting in each others' way, but when you
are working with a system comprised of physical hardware, plus an
operating system, plus the web server, plus PHP, plus MySQL, plus
PHPNuke, you sometimes find a hole somewhere. Then all it takes is some
*** to exploit it. On one host I was using, which claimed to have
over 500,000 sites hosted, I found an easy way to totally rewrite any
of those websites. It wasn't even a hack... it was just a simple matter
of navigating up a directory tree.

Since you were notified by 1and1, it sounds like you were only one of
many, many sites that got defaced. Stuff like that just happens.

And no, it wasn't me.

.