Hacked by islamic extremists!

[jhood001]

One of my company's development servers along with two of our client's servers were just hacked.

All files wiped out and islamic extremist propaganda put in its place. This means war!

And similar to another attack on our country of another nature in the past, they didn't come from Iraq, Iran, Syria, Afghanistan, Libya, 'palestine', etc. They originated from Saudi Arabia.

[Byte Stryke]

One of my company's development servers along with two of our client's servers were just hacked.

All files wiped out and islamic extremist propaganda put in its place. This means war!

And similar to another attack on our country of another nature in the past, they didn't come from Iraq, Iran, Syria, Afghanistan, Libya, 'palestine', etc. They originated from Saudi Arabia.

Man that sucks.


Here's to having a great disaster/CERT program in place!
Bring up back up servers on seperate location, reroute DNS

Pull those compromised servers down, amend firewall policies, path the intrusion, eliminate platforms, remove/replace drive, and NSA/DHS probably would like the drives that were compromised.

[jhood001]

Man that sucks.


Here's to having a great disaster/CERT program in place!
Bring up back up servers on seperate location, reroute DNS

Pull those compromised servers down, amend firewall policies, path the intrusion, eliminate platforms, remove/replace drive, and NSA/DHS probably would like the drives that were compromised.

Fortunately, we don't have to do anything quite that elaborate. We had a copy of fckeditor's file manager without any restricted access to it. They just uploaded a .php file and ran the damn thing. Sloppy on our behalf, but we got'er fixed.

[TFOGGER]

Man that sucks.


Here's to having a great disaster/CERT program in place!
Bring up back up servers on seperate location, reroute DNS

Pull those compromised servers down, amend firewall policies, path the intrusion, eliminate platforms, remove/replace drive, and NSA/DHS probably would like the drives that were compromised.

You forgot "trace IP, send 100 pounds of bacon wrapped C4"...

[Hoosier]

Fortunately, we don't have to do anything quite that elaborate. We had a copy of fckeditor's file manager without any restricted access to it. They just uploaded a .php file and ran the damn thing. Sloppy on our behalf, but we got'er fixed.

I used to use that piece of software, behind a user/pass wall.

Did they get shell access? Did you look for root kits? Unless you're running the latest and greatest Linux it's pretty likely that once they have a local shell they can find an exploit to elevate privileges and install a root kit. This isn't something they have to be a master hacker for, just copy/paste commands off websites and any retard can be hacking.

Honestly I don't think I'd trust the box again. In this day and age it is (should be) far easier to just blast off and nuke the site from orbit. It's the only way to be sure.

H.

[Byte Stryke]

I used to use that piece of software, behind a user/pass wall.

Did they get shell access? Did you look for root kits? Unless you're running the latest and greatest Linux it's pretty likely that once they have a local shell they can find an exploit to elevate privileges and install a root kit. This isn't something they have to be a master hacker for, just copy/paste commands off websites and any retard can be hacking.

Honestly I don't think I'd trust the box again. In this day and age it is (should be) far easier to just blast off and nuke the site from orbit. It's the only way to be sure.

H.

/agree... why I Said bring up the back up servers.

if they dont have that kind of resource, at least nuke/pave and restore from a previous backup. fix the exploit and then bring it back on line

[Irving]

You should back trace them.

[mcantar18c]

You should back trace them.

And then find their location and send them some Tactical Bacon.

[DFBrews]

And then find their location and send them some Tactical Bacon.

why waste good bacon pickled pigs feet should be more than adequate.

[jhood001]

Thank you fall for your advice...

After much deliberation, I'm going with the pickled pigs feet. I'm keeping my god-damned bacon.