[Balug-admin] Re: BALUG site cracked!: "H4ck3rsBr um passrinho que naum tinha cu foi caga e explodiu"
Michael Paoli
mp@rawbw.com
Sat Sep 3 11:43:14 PDT 2005
I did also drop dreamhost a pair of notes. Since I don't have "customer"
level access, it just went in on their general form, and they seem to only
"promise"/imply they'll read it within 24 hours ... and I don't know if that
would be even that "timely" and applicable over a 3 day holiday weekend.
Anyway, this is what I sent to their "Abuse Department" and "Public Relations":
Subject: cracked site - please pull
Can you please effectively pull (at least block port
80) until the person(s) legitimately responsible for
the site can repair it.
It is quite apparently cracked:
http://www.balug.org/
Thanks.
Quoting Michael Paoli:
> Michael Hubbard <michael@offroadgeek.com> - can you do anything about this?
>
> Thanks.
>
> Quoting Michael Paoli:
>
> > Can you try contacting dreamhost, and have them at least temporariliy
> > (virtually) pull the plug on at balug.org. TCP port 80 (pointing out to
> > them that it's apparently quite obviously cracked, if necessary), at
> > least until it can get fixed. Have you also tried contacting Hubbard?
> >
> > Better (temporarily) no page than a cracked one (and presumably site,
> etc.)
> >
> > *So far* Google cache has the uncracked page ... but that could change at
> > any time.
> >
> > It *seems* the lists are okay, ... but never know for sure (or who might
> be
> > watching their messages/content). Of course most of the info. that's
> sent
> > there is public or semi-public anyway.
> >
> > Quoting Xavier <balug-talk@xav.to>:
> >
> > > Michael Paoli wrote:
> > > > This doesn't look good:
> > > > http://www.balug.org/
> > > > "H4ck3rsBr um passrinho que naum tinha cu foi caga e explodiu"
> > > >
> > > > Who's got the access to get in and clean stuff up ASAP?
> > > >
> > > > Also, time to change all the site passwords (at least all the content
> > > > change access passwords), and to also ensure they only go across
> secure
> > > > communications channels, etc.
> > >
> > > Postnuke is once again nuked, only person I know with a reasonable level
>
> > > of access is Hubbard. At this point my admin pass on Postnuked is worth
>
> > > about the same as if I had scribbled "$1000" onto a sheet of toilet
> > paper.
> > >
> > > If the lists are down then this is a fine mess.
More information about the BALUG-Admin
mailing list