I have been looking up a lot of information about what happened with the server being hacked here. There are people all over the Internet spreading the news about it throughout forums, blogs, social networks, social bookmarking websites, and article directories.

Many of you are forgetting how great of a community there was here and still is. So what, someone got a bunch of emails and passwords. Why would you use your primary email for a forum anyways? As for the passwords, it has never been possible to break a newly-encoded vBulletin password so far. So what makes you think this hacker will be able to?

WebHostingTalk.com has been providing an incredible community for way too long for so many people to start turning their backs on them and spreading negative news around the Internet about them.

Just my thoughts. Feel free to chime in.

I Agree, Give the forums a break! The Only negeative view is I lost all my profile data and posts, but It has taken no time at all to fix my profile, and for the posts its only a matter of time.

TBH why would you want to hack some forums anyway? Not much negtive happens here? Maybe the hacker is the person with the problem not WHT!

Why would you use your primary email for a forum anyways?

Because I only have one personal email address? :rolleyes:

Do I win a cookie?

Because I only have one personal email address? :rolleyes:

Do I win a cookie?

You should always use a free email for stuff like forums and social networks. It will help prevent getting spam in your real email account that you use.

You should always use a free email for stuff like forums and social networks. It will help prevent getting spam in your real email account that you use.

Your pretty right.. You cant blame WHT for everything. It was out of there hands sadly.

Well I understand these things happen. and im fine with it. but for the people that cant access the premium forum section. and the fact they only had 1 dedicated with backups.

the only major loss that happend was the reviews of hosts and some AMAZING guides that are no longer here.

actually we have WHT clients with 200 % + spam and several clients getting scanned with what *could* be WHT usernames so there are many more negative views that you are perhaps luckily enough not needing to worry about. An yes - this is *since* the WHT backupservers hack which could be a coincidence or could be the result of email addresses being posted on the web ...

What concerns me is how the hacker managed to delete the offsite backup.

Bit pointless having it "offsite" if it's still connected to the server.

Bit pointless having it "offsite" if it's still connected to the server.
seemingly they found the backup server first and then the web server ...

seemingly they found the backup server first and then the web server ...Let's not forget, they had to get through the hard firewall first. :S

What happened is horrible... I didn't start this topic to say that it wasn't horrible. I started this topic because everyone needs to give the staff here a break. I am sure that half the people that are complaining about all this have even less security on their own website.

What happened is horrible... I didn't start this topic to say that it wasn't horrible. I started this topic because everyone needs to give the staff here a break. I am sure that half the people that are complaining about all this have even less security on their own website.

I'm not in that half. :)

I'm not in that half. :)

Then please explain to us what security measures that your website has that prevents it from going through everything that WHT has gone through in the past few years...?

Then please explain to us what security measures that your website has that prevents it from going through everything that WHT has gone through in the past few years...?

WHT has been hacked, and left without the ability to restore from backups.

My protection:
Two remote backup locations (NY, CA), which store the backups of my main server every six hours.
The cron jobs running these backups are each three hours off, which means a fresh backup is made every 3 hours.

All backups are archived on-server for a period of one month, however, the backups on the NY server are burned to DVD every week.
The two backup servers are only accessible by IP's on their whitelists, to everyone else, they're invisible.
This whitelist is very complex -- connections to the backup servers are allowed for only 1 hour (on each server), and blocked for 5.

For a hacker to do anything (and get away with it), servers would need to be hacked, credentials obtained, and backups deleted from each server in the hour access limit.
It would take 6 hours to remove the backups on each server, and magic to make the DVD containing them disappear.

By then, chances are I'm already in control. :)
Questions?

I use what ever email I want and Postini takes care of whatever SPAM I may have gotten from wherever. I never think about SPAM anymore.

And I agree, let's give WHT a second chance, or a third, or all the chances it needs. A resource like this is a treasure. And I sure do hope it will continue to be. There are other hosting forums, and let me say first, there is nothing so depressing as an empty Forum. You can hear your thoughts echo about the empty topics and threads.

So this is a call to all who have used and added to this forum over the years, let your pride go and come on back and let's get this bad boy rolling again! Dave

Guys, this could have happened to about anyone. All it takes is one determined attacker with plenty of time to waste. So yes, the rest of us are just lucky we aren't of interest... so far.

Best

Guys, this could have happened to about anyone. All it takes is one determined attacker with plenty of time to waste. So yes, the rest of us are just lucky we aren't of interest... so far.

Best

That is exactly what I was trying to say when I started the topic :)

For a hacker to do anything (and get away with it), servers would need to be hacked, credentials obtained, and backups deleted from each server in the hour access limit.
It would take 6 hours to remove the backups on each server, and magic to make the DVD containing them disappear.

By then, chances are I'm already in control. :)
Questions?

The connections for 1 hour, whilst a good principal, won't be a lot of use now, as any hacker worth their salt would simply turn that off ONCE they're in. You've broadcast your security details on a public forum, not a good idea!!!

The connections for 1 hour, whilst a good principal, won't be a lot of use now, as any hacker worth their salt would simply turn that off ONCE they're in. You've broadcast your security details on a public forum, not a good idea!!!

I didn't even respond to his post. I was shocked he would post all his security details in a forum that anyone with an internet connection could read!

Then please explain to us what security measures that your website has that prevents it from going through everything that WHT has gone through in the past few years...?I didn't even respond to his post. I was shocked he would post all his security details in a forum that anyone with an internet connection could read!
The information I have posted imposes no significant threat to my configuration.
If you didn't expect a response, you shouldn't have requested one.

WHT has been hacked, and left without the ability to restore from backups.

My protection:
Two remote backup locations (NY, CA), which store the backups of my main server every six hours.
The cron jobs running these backups are each three hours off, which means a fresh backup is made every 3 hours.

All backups are archived on-server for a period of one month, however, the backups on the NY server are burned to DVD every week.
The two backup servers are only accessible by IP's on their whitelists, to everyone else, they're invisible.
This whitelist is very complex -- connections to the backup servers are allowed for only 1 hour (on each server), and blocked for 5.

For a hacker to do anything (and get away with it), servers would need to be hacked, credentials obtained, and backups deleted from each server in the hour access limit.
It would take 6 hours to remove the backups on each server, and magic to make the DVD containing them disappear.

By then, chances are I'm already in control. :)
Questions?

Nice backup strategy. Have you been doing it long-term, or did the WHT hacking inspire you to boost security?

-mike

Nice backup strategy. Have you been doing it long-term, or did the WHT hacking inspire you to boost security?

-mike

I have been using this strategy for just over a year.
If nothing else, I want to express the importance of offline backups (Tape, DVD).

The WHT hacking inspired me to an extent, I take the security of client data very seriously.
I personally don't see a reason a reason to make backups if these backups cannot be securely and privately maintained.

I have been using this strategy for just over a year.
If nothing else, I want to express the importance of offline backups (Tape, DVD).

The WHT hacking inspired me to an extent, I take the security of client data very seriously.
I personally don't see a reason a reason to make backups if these backups cannot be securely and privately maintained.

You do have a pretty incredible backup and security strategy. I actually expected a response like "that information is confidential" :)

I'm getting really fed up of coming onto the forums and seeing posts about what happened. Forums get hacked all the time, database servers get hacked all the time. It is a sign of the world we live in that this happens, but you know what, we will get over it. I mean, has anyones life been put at risk? NO (well maybe apart from the hacker if ppl find him) all that anyone has lost is some posts on a forum, I lost over 300 posts but am not complaining about it, it could have been a lot worse than this, at least the community is still alive and kicking.

it could have been a lot worse than this, at least the community is still alive and kicking.

I think that it will take A LOT more than an immature hacker to get WHT to shutdown or become inactive.

We don't know who did this, and we don't know why.
Until someone takes responsibility for the attack, it's best the demeaning and criticism stops.

Be glad we had something to come back to, and that the technical team did everything in their power to ensure the quickest recovery.

The person(s) responsible for carrying out the attack have a high level of technical knowledge.
We have yet to determine or hear of a motive, which to be honest, is worrying me.

The person(s) responsible for carrying out the attack have a high level of technical knowledge.
We have yet to determine or hear of a motive, which to be honest, is worrying me.

By "we" do you mean the staff at WHT? I am sure that they have suspicions about it. However, I guarantee you that nobody is about to take responsibility for the attack. The would be facing a HUGE lawsuit from a million-dollar company (iNet) as well as being blacklisted throughout many servers.

You should always use a free email for stuff like forums and social networks. It will help prevent getting spam in your real email account that you use.

I can't say I lose a lot of sleep over spam.

I can't say I lose a lot of sleep over spam.

In today's day and age, nobody should lose sleep over spam. It is never going to stop so their is no point in getting too upset about it :)

ok first off i hate to hear something like this happen to a place like ths... it must have been some 45 year old hacker still living with his mommy and has her bring him milk and cookies... no girl friend no life other than watching porn and making people have to send there time getting the site back up and running. for all those people that are upset they dont have the post count that had o well get a life and get off there backs... they are doing the best they can... for those of you that have never had a a site hacked let alone a server its not an easy task to solve the problem...

as for the guy that posted his security information here
WHT has been hacked, and left without the ability to restore from backups.

My protection:
Two remote backup locations (NY, CA), which store the backups of my main server every six hours.
The cron jobs running these backups are each three hours off, which means a fresh backup is made every 3 hours.

All backups are archived on-server for a period of one month, however, the backups on the NY server are burned to DVD every week.
The two backup servers are only accessible by IP's on their whitelists, to everyone else, they're invisible.
This whitelist is very complex -- connections to the backup servers are allowed for only 1 hour (on each server), and blocked for 5.

For a hacker to do anything (and get away with it), servers would need to be hacked, credentials obtained, and backups deleted from each server in the hour access limit.
It would take 6 hours to remove the backups on each server, and magic to make the DVD containing them disappear.

By then, chances are I'm already in control. :)
Questions?

dude.... ok for the part about the whitelist all they would have to do is spoof the ips which isnt hard to do any monkey can search google for a program to do it. once they do that they have to access the server which judging by the fact you posted all this information on the internet your password must be something stupid like password. then once in they can turn off the blocks... and erase the hard drive... or just mess with you and leave a trojan.... do you use dvdr or dvdrw? i noticed that you are so cocky to post your measures but you didnt give your url?? if you really felt it couldnt be hacked you would have posted it.. thats my rant for today

Uh I don't even know why we keep talking about this! We should simply move on and enjoy WHT. Why are we making a big deal about this, we aren't helping in anyway if we keep bring this up. We need to help the community.

all they would have to do is spoof the ips which isnt hard to do any monkey can search google for a program to do it.

Just wanted to point out that if IP spoofing is "so easy" I suggest you take your own advice and go do it - trust me, it'll be a learning experience... But right now you're speaking authoritatively on a subject you clearly have no idea about at all.

While I think the poster you're replying to certainly seems to have a lot of "bike helmet syndrome" in his words, in essence he's making some good points.

dude im not a hacker but i know how to and of course im not gona post the exact details on hacking a server like that if you want i could post a step by step tutorial you may think your all cocky just wait to the one day when your site does get hacked and you come crying here that it was hacked im just going to laugh i was if i really wanted to get to your backup servers i would go to the main server and take control of that then i would have access to your backup server... but theres no point dude im about to finish up school to be a hacker and go work for the government so yes if you want me to post the exact details let me know ill be happy to but what would be the point??? its not right to hack sites... and for the one that quoted me let me guess you are one of those 40 year olds still living with your mom that has to come to these forms to try and discredit people

I think WHT should just give up trying to recover backups.. if anything just get people's accounts back. Life is continuing as usual now here..

dude im not a hacker but i know how to and of course im not gona post the exact details on hacking a server like that if you want i could post a step by step tutorial you may think your all cocky just wait to the one day when your site does get hacked and you come crying here that it was hacked im just going to laugh i was if i really wanted to get to your backup servers i would go to the main server and take control of that then i would have access to your backup server... but theres no point dude im about to finish up school to be a hacker and go work for the government so yes if you want me to post the exact details let me know ill be happy to but what would be the point??? its not right to hack sites... and for the one that quoted me let me guess you are one of those 40 year olds still living with your mom that has to come to these forms to try and discredit people

I think you should go home to your mommy who hands you milk and cookies.

Sure, they guy might have come off with a cocky tone, but who cares?

His strategy is quite strong. And chances are, he's not even using passwords to allow connections from one server to another. I know I sure as hell don't. I only have password authentication enabled on a single port to each of my servers, and that port is to the Softlayer private backend.

If you manage to break into the Softlayer back end, and then break into my servers, chances are, you'll have managed your way in anyway because you have more knowledge and expertise than any other person I have come across to this date.

Seriously, just sit this one out. You're looking more "cocky" than he is at this point, and he's a pretty smart dude.

On another note, we should all be grateful that this whole scenario is over. Sure, things aren't as they once were, but who cares? It was a loss, but we can take it. Nothing in life is perfect and/or lasts forever ;)

I think WHT should just give up trying to recover backups.. if anything just get people's accounts back. Life is continuing as usual now here..

Agreed. It may be more important to just get the community rolling again and not even worry about the backups. By the time the backups may be recovered then the members here could have just added all the information back themselves. This should really just be an experience that the community grows from.

TBH why would you want to hack some forums anyway? Not much negtive happens here?

Tell that to all the people that get exposed for fake reviews, spamming, shill accounts, using fake business names, lying in general, etc... A few active frauds here just got their images doctored. Unless you count screenshots & Google cache. :D

You can be sure that there are plenty of active members that are glad this happened, even if they didn't have anything to do with it.

Tell that to all the people that get exposed for fake reviews, spamming, shill accounts, using fake business names, lying in general, etc... A few active frauds here just got their images doctored. Unless you count screenshots & Google cache. :D

You can be sure that there are plenty of active members that are glad this happened, even if they didn't have anything to do with it.

Whoever did it definitely had a motive. A lot of time was invested into doing this and it was obviously done to harm WHT. If the hacker simply wanted everyone's emails and passwords then he would not have deleted everything. He is probably an angry owner of a small and immature hosting company that had bad reviews here.