Cleaning Up AA

Matt Barton's picture

In an effort to protect us against future hacks, I've done the following: (a) Applied all available patches for e107. We really need to dump this site soon and start using neo. I suggest archiving it and making it available as static HTML pages. This will make security much easier. (b) Put unused stuff in the trash can via cpanel. You guys might look there to make sure there's nothing in the trash that we need to keep. I found something called "shopping cart," "phptest," and "test chat." I can't remember what these are, but I put them in the trash for now. If we need them, I can always restore them. If not, let's delete them. (c) I changed the perms on various folders to restrict other people from mucking with them. Again, I'm not exactly sure how the turks did it, but it seems like they hacked our FTP passwords and replaced the files there. What's weird about this is that anonymous FTP is turned off via cpanel. So, somehow they guessed our passwords.

To that end, I'm changing the cpanel and FTP passwords to something weird and obtuse, which you'll be receiving via email soon.

Comments

Matt Barton
Matt Barton's picture
Offline
Joined: 01/16/2006
Hacked Stuff

BTW, I found a very suspicious file called MrPing in our aamain directory. Perhaps it was related to the Turkish hacking group? I don't know exactly what it was doing, but it was full of code and had the words HACKED in it, so I deleted it.

n/a

Comment viewing options

Select your preferred way to display the comments and click "Save settings" to activate your changes.