One of my company's development servers along with two of our client's servers were just hacked.

All files wiped out and islamic extremist propaganda put in its place. This means war! [Rant1]

And similar to another attack on our country of another nature in the past, they didn't come from Iraq, Iran, Syria, Afghanistan, Libya, 'palestine', etc. They originated from Saudi Arabia. [M2]

One of my company's development servers along with two of our client's servers were just hacked.

All files wiped out and islamic extremist propaganda put in its place. This means war! [Rant1]

And similar to another attack on our country of another nature in the past, they didn't come from Iraq, Iran, Syria, Afghanistan, Libya, 'palestine', etc. They originated from Saudi Arabia. [M2]


Man that sucks.


Here's to having a great disaster/CERT program in place!
Bring up back up servers on seperate location, reroute DNS

Pull those compromised servers down, amend firewall policies, path the intrusion, eliminate platforms, remove/replace drive, and NSA/DHS probably would like the drives that were compromised.

Man that sucks.


Here's to having a great disaster/CERT program in place!
Bring up back up servers on seperate location, reroute DNS

Pull those compromised servers down, amend firewall policies, path the intrusion, eliminate platforms, remove/replace drive, and NSA/DHS probably would like the drives that were compromised.

Fortunately, we don't have to do anything quite that elaborate. We had a copy of fckeditor's file manager without any restricted access to it. They just uploaded a .php file and ran the damn thing. Sloppy on our behalf, but we got'er fixed.

Man that sucks.


Here's to having a great disaster/CERT program in place!
Bring up back up servers on seperate location, reroute DNS

Pull those compromised servers down, amend firewall policies, path the intrusion, eliminate platforms, remove/replace drive, and NSA/DHS probably would like the drives that were compromised.

You forgot "trace IP, send 100 pounds of bacon wrapped C4"...

Fortunately, we don't have to do anything quite that elaborate. We had a copy of fckeditor's file manager without any restricted access to it. They just uploaded a .php file and ran the damn thing. Sloppy on our behalf, but we got'er fixed.

I used to use that piece of software, behind a user/pass wall.

Did they get shell access? Did you look for root kits? Unless you're running the latest and greatest Linux it's pretty likely that once they have a local shell they can find an exploit to elevate privileges and install a root kit. This isn't something they have to be a master hacker for, just copy/paste commands off websites and any retard can be hacking.

Honestly I don't think I'd trust the box again. In this day and age it is (should be) far easier to just blast off and nuke the site from orbit. It's the only way to be sure.

H.

I used to use that piece of software, behind a user/pass wall.

Did they get shell access? Did you look for root kits? Unless you're running the latest and greatest Linux it's pretty likely that once they have a local shell they can find an exploit to elevate privileges and install a root kit. This isn't something they have to be a master hacker for, just copy/paste commands off websites and any retard can be hacking.

Honestly I don't think I'd trust the box again. In this day and age it is (should be) far easier to just blast off and nuke the site from orbit. It's the only way to be sure.

H.


/agree... why I Said bring up the back up servers.

if they dont have that kind of resource, at least nuke/pave and restore from a previous backup. fix the exploit and then bring it back on line

You should back trace them.

You should back trace them.

And then find their location and send them some Tactical Bacon.

And then find their location and send them some Tactical Bacon.

why waste good bacon pickled pigs feet should be more than adequate.

Thank you fall for your advice...

After much deliberation, I'm going with the pickled pigs feet. I'm keeping my god-damned bacon.

why waste good bacon pickled pigs feet should be more than adequate.

While pickled pigs feet may be the Susan Boyle of pork products, bacon is the Chuck Norris, and....... ok yeah you're right, send the pigs feet.

WTH?

I thought this was an AMERICAN website where EVERYONE speaks ENGLISH!!!!

Shell, Linux, root kits, DNS, php files, cert kits???????? Didn't understand a damn word of it. Dang tech savvy college boys. Just keep waving it in our faces.

Bastards.[Rant1]

What are you talking about? All I saw was "bacon"!! Yum!

WTH?

I thought this was an AMERICAN website where EVERYONE speaks ENGLISH!!!!

Shell, Linux, root kits, DNS, php files, cert kits???????? Didn't understand a damn word of it. Dang tech savvy college boys. Just keep waving it in our faces.

College isn't required, patience and learning that any computer problem can be solved with this flowchart is all it takes:

http://imgs.xkcd.com/comics/tech_support_cheat_sheet.png

If you like solving abstract problems, then maybe computers are for you. It's one of the few fields where everything you need to learn from neophyte to master is available free online. Any old computer can run Linux (free), Amazon Web Services gives away free server time (micro instance), and several colleges have all their courseware online for free (MIT in particular).

Not to mention endless tutorials, examples, and forums where other people had your problem and got it solved. Just copy/paste that error message into google and away you go.

H.

always loved the flowchart
[ROFL1]