Comments on: I’m Not 1337, I Was Hacked Today http://blog.andrewparker.net/2007/08/20/im-not-1337-i-was-hacked-today/ Tech, Entrepreneurship, and Venture Capital in New York City Wed, 08 Oct 2008 05:36:12 +0000 http://wordpress.org/?v=2.6.2 By: candice http://blog.andrewparker.net/2007/08/20/im-not-1337-i-was-hacked-today/#comment-75292 candice Fri, 24 Aug 2007 04:10:26 +0000 http://blog.andrewparker.net/2007/08/20/im-not-1337-i-was-hacked-today/#comment-75292 I'm seconding the possible sidebar thing. But your server logs probably have the best answers, they just take a while to extract. I would find a unix sysadmin junkie friend locally with a bit of free time, buy them a beer and hand them the shell account for a little while...this kind of "forensics" is fun. (and proof of having no time, I was going to post this comment, like, days ago.) I’m seconding the possible sidebar thing. But your server logs probably have the best answers, they just take a while to extract. I would find a unix sysadmin junkie friend locally with a bit of free time, buy them a beer and hand them the shell account for a little while…this kind of “forensics” is fun.

(and proof of having no time, I was going to post this comment, like, days ago.)

]]> By: Steve http://blog.andrewparker.net/2007/08/20/im-not-1337-i-was-hacked-today/#comment-74604 Steve Tue, 21 Aug 2007 10:45:20 +0000 http://blog.andrewparker.net/2007/08/20/im-not-1337-i-was-hacked-today/#comment-74604 You likely weren't hacked by such "traditional means" - it's likely that you were running some old code (from the looks of it last updated a year ago) and a remote execution php script exploited your site. It's nothing personal, these bots look for any potentially vulnerable site (generally via Google), and try to attack them all. To prevent this from happening in the future, just always try to keep your software updated to the most current version. You likely weren’t hacked by such “traditional means” - it’s likely that you were running some old code (from the looks of it last updated a year ago) and a remote execution php script exploited your site. It’s nothing personal, these bots look for any potentially vulnerable site (generally via Google), and try to attack them all. To prevent this from happening in the future, just always try to keep your software updated to the most current version.

]]> By: Nate Westheimer http://blog.andrewparker.net/2007/08/20/im-not-1337-i-was-hacked-today/#comment-74509 Nate Westheimer Tue, 21 Aug 2007 04:48:45 +0000 http://blog.andrewparker.net/2007/08/20/im-not-1337-i-was-hacked-today/#comment-74509 Everyone knows your password was "KING." Anyway, that sucks. I wonder if it could have been something from one of your widgets. It's interesting how we just grab js from all around the internet and allow folks to load junk onto our web pages. It's a dangerous world! Everyone knows your password was “KING.”

Anyway, that sucks. I wonder if it could have been something from one of your widgets. It’s interesting how we just grab js from all around the internet and allow folks to load junk onto our web pages. It’s a dangerous world!

]]>