Results 51 to 75 of 537
Thread: Recent WHT down time
-
03-23-2009, 01:45 PM #51Web Hosting Master
- Join Date
- Feb 2006
- Location
- Kusadasi, Turkey
- Posts
- 3,379
Yes recently registered accounts were lost too. However the work on recovering the backups from corrupted servers is on the way, it make take a while and cost some money, but we all know it is possible, unless the hacker wiped the disk clean, which would possibly take days, and someone would have noticed it befor it's complete.
█ Fraud Record - Stop Fraud Clients, Report Abusive Customers.
█ Combine your efforts to fight misbehaving clients.
█ HarzemDesign - Highest quality, well designed and carefully coded hosting designs. Not cheap though.
█ Large and awesome portfolio, just visit and see!0
-
03-23-2009, 01:45 PM #52Web Hosting Master
- Join Date
- Jan 2006
- Location
- Athens, Greece
- Posts
- 1,481
Of course if anyone is interested there are some jobs still open from 2003
in the employments forum.0
-
03-23-2009, 01:45 PM #53Web Hosting Master
- Join Date
- May 2008
- Location
- Indore, India
- Posts
- 1,723
0
-
03-23-2009, 01:46 PM #54Dennis Johnson
- Join Date
- Jun 2001
- Location
- Kalamazoo
- Posts
- 33,412
0
-
03-23-2009, 01:49 PM #55Dennis Johnson
- Join Date
- Jun 2001
- Location
- Kalamazoo
- Posts
- 33,412
0
-
03-23-2009, 01:49 PM #56Junior Guru
- Join Date
- Aug 2008
- Posts
- 176
0
-
03-23-2009, 01:50 PM #57Temporarily Suspended
- Join Date
- Apr 2008
- Location
- Bury St Edmunds
- Posts
- 160
0
-
03-23-2009, 01:51 PM #58Web Hosting Master
- Join Date
- May 2008
- Location
- Indore, India
- Posts
- 1,723
0
-
03-23-2009, 01:52 PM #59Web Hosting Master
- Join Date
- Sep 2006
- Location
- Cardiff - United Kingdom
- Posts
- 1,569
Good luck in catching the idiot(s) who did this - there are so many pathetic morons around.
To clear one thing up - change all passwords which match your WHT one, and obviously change your WHT one too. The fact that they are encrypted with a salt means little since md5 was broken a few years back (I'm surprised vBulletin still use it). It doesn't mean that a hacker can get the plain text (i.e. your actual password) out of the hash, although this has other implications.0
-
03-23-2009, 01:53 PM #60Junior Guru
- Join Date
- Sep 2008
- Posts
- 191
Even then with how a lot of proxies work, how do you plan on tracking down the exact user when they might only have encrypted addresses stored in the logs? It'd be quite a feat to get to the end of things. Heck, they might not have even been using their own net connection to begin with. Wireless? Pinched cable? Easy enough.
Let's hope WHT secure themselves and don't have a third (that I'm aware of) serious security breach too soon0
-
03-23-2009, 01:55 PM #61Temporarily Suspended
- Join Date
- Apr 2008
- Location
- Bury St Edmunds
- Posts
- 160
Ive never understood why hackers once they found a exploit f*ck around with it, id email inet with sensitive data retrieved through the exploit then making them pay me to let them know where it is.
Hackers are dumb0
-
03-23-2009, 01:56 PM #62Web Hosting Master
- Join Date
- Jul 2008
- Posts
- 972
0
-
03-23-2009, 01:57 PM #63Web Hosting Master
- Join Date
- Feb 2006
- Location
- Kusadasi, Turkey
- Posts
- 3,379
The PM table has around 1,400,000 entries, averaging at 500 bytes per message. This would make the total dump 667 MBs of data.
The reaction time to the hack attempt was short enough to prevent generation of such a large dump, and prevent it from being downloaded it.
By comparison, the stolen user table was only 20 MBs in size. And the stolne version was a stripped down version of the user table, to decrease the size.
So, it's safe to assume the PMs were not stolen in bulk (unless they targeted specific PMs). But looking at the damage done, the hacker was not insterested in a targeted hack, but was interested a bulk clean up. So I would assume the PMs are safe, they are too much to steal.
And by thw way, what the heck do you share on PMs? Root passwords, credit card numbers? Most important data I transmit is my paypal address, which the hacker can use to make some donation█ Fraud Record - Stop Fraud Clients, Report Abusive Customers.
█ Combine your efforts to fight misbehaving clients.
█ HarzemDesign - Highest quality, well designed and carefully coded hosting designs. Not cheap though.
█ Large and awesome portfolio, just visit and see!0
-
03-23-2009, 01:58 PM #64Dennis Johnson
- Join Date
- Jun 2001
- Location
- Kalamazoo
- Posts
- 33,412
0
-
03-23-2009, 01:58 PM #65Web Hosting Master
- Join Date
- Feb 2005
- Posts
- 1,358
I don't know how you stored the backups, but it shouldn't be much of an issue to recover the deleted data if the hacker didn't do too many overwrites. I'm sure you already have a data recovery company on the job though.
Eleven2 Web Hosting - World-Wide Hosting, Done Right!0
-
03-23-2009, 02:00 PM #66Web Hosting Master
- Join Date
- Jul 2008
- Posts
- 972
That's because it was stripped down to only username, salt, email and pw, in reality I'm sure the table is at least 10x that size. The hacker managed to destroy the backups and take a dump of the user table, what's to say they didn't dump the entire DB, but only posted the user table publicly?
0
-
03-23-2009, 02:01 PM #67Web Hosting Master
- Join Date
- Aug 2004
- Location
- Canada
- Posts
- 3,785
The scariest part of all of this is we saw a noticable drop in the traffic to our website. Time to diversify my forum whoring
█ Tony B. - Chief Executive Officer
█ Hawk Host Inc. Proudly serving websites since 2004
█ Quality Shared and Cloud Hosting
█ PHP 5.2.x - PHP 8.1.X Support!0
-
03-23-2009, 02:01 PM #68Dennis Johnson
- Join Date
- Jun 2001
- Location
- Kalamazoo
- Posts
- 33,412
0
-
03-23-2009, 02:02 PM #69Devil's Advocate
- Join Date
- Jul 2005
- Location
- Edinburgh
- Posts
- 3,883
hmm...
good luck wht
you have my support as always.
owm‹(•¿•)›
Life's what you make it.0
-
03-23-2009, 02:02 PM #70Disabled
- Join Date
- Jun 2004
- Location
- Hyderabad India
- Posts
- 1,103
Hi, what about the off site tape backups, say weekly means you might loose only a week data.
Also i wonder how exactly a backup server can be known to a outsider person and initiate a hack attempt from that host unless he is insider or friend to insider.0
-
03-23-2009, 02:05 PM #71Dennis Johnson
- Join Date
- Jun 2001
- Location
- Kalamazoo
- Posts
- 33,412
0
-
03-23-2009, 02:08 PM #72Web Hosting Industry Expert
- Join Date
- Dec 2007
- Location
- Indiana, USA
- Posts
- 19,178
What scares me more than a double-hashed password of mine being out there (a password I use in only one place and change regularly IMHO) is the fact that if they had full access to the DB servers they *very* easily could have dumped every table and gotten PM's, Premium Member PayPal addresses, etc... There are surely root passwords in PMs from other members - why on earth you would send a root PW in a PM is beyond me but I know a few individuals I speak with on WHT and outside of WHT have sent this information.
This could end up being catastrophic for iNet/WebHostingTalk if the hackers actually dumped more confidential information - I hope that it's not going to be any larger an issue than it already is but if businesses begin to be compromised due to this and damages caused iNet could find themselves in some *very* hot water very quickly.
They most certainly had access to the DB server so they theoretically could have dumped any tables they wanted - I wouldn't hold my breath in saying that it it wasn't copied.
If you passed any sensitive information via PMs or other means on the forum I recommend anybody who did so to *change* the passwords or to take any other necessary security actions as soon as possible.█ Michael Denney - MDDHosting.com - Proudly hosting more than 37,800 websites since 2007.
█ Ultra-Fast Cloud Shared and Pay-By-Use Reseller Hosting Powered by LiteSpeed!
█ cPanel • Free SSL • 100% Uptime SLA • 24/7 Support
█ Class-leading support that responds in minutes, not days.0
-
03-23-2009, 02:09 PM #73WHT Addict
- Join Date
- Feb 2004
- Location
- Australia
- Posts
- 121
Is this a attack on VB.. some 0day exploit?
lol each time i post my posts get edited.. ???Last edited by strat; 03-23-2009 at 02:10 PM. Reason: An ordering URL would be nice...
0
-
03-23-2009, 02:11 PM #74Web Hosting Industry Expert
- Join Date
- Dec 2007
- Location
- Indiana, USA
- Posts
- 19,178
Last edited by Wrench; 10-14-2008 at 08:10 PM. Reason: mispelling
█ Michael Denney - MDDHosting.com - Proudly hosting more than 37,800 websites since 2007.
█ Ultra-Fast Cloud Shared and Pay-By-Use Reseller Hosting Powered by LiteSpeed!
█ cPanel • Free SSL • 100% Uptime SLA • 24/7 Support
█ Class-leading support that responds in minutes, not days.0
-
03-23-2009, 02:11 PM #75Temporarily Suspended
- Join Date
- Apr 2008
- Location
- Bury St Edmunds
- Posts
- 160
0