[Balug-admin] Re: BALUG site cracked!: "H4ck3rsBr um passrinho que naum tinha cu foi caga e explodiu"
Michael Paoli
mp@rawbw.com
Sat Sep 3 17:03:07 PDT 2005
Well, maybe we ought to take more of this "conversation" "off-line",
and/or perhaps make an adjustment to its tone.
First of all, I think we ought to thank, and not forget, that most - if not
quite literally all - of this, is volunteer done/run/operated. So, we should
be thankful and appropriately appreciative of all the hard work that's been
done and what we have gotten. Sure, things haven't been and will likely
never be "perfect".
Sure, we can continue to work on ways to improve things. But we should be
cautious to do so in manners that well leverage and utilize what resources
we have, or potentially have, to work with. Of course we also want to
appropriately consider what does and/or doesn't work (and how well, with what
risks/trade-offs, etc.) in terms of general benefit and use to BALUG
"members" (users of site/lists, those that come to our meetings, etc.),
and also factors such as supportability, maintainability, etc.
I know I certainly appreciate the work that Michael Hubbard and Xavier
and others have done regarding site work and support, web page work,
materials contribution, etc.
And in general, it's best not to tick off those that have done and/or
continue to do significant good work / support for one's organization -
even if it may not be perfect and/or all that may be desired.
Anyway, hopefully we can mostly manage constructive useful dialogs.
Sorry if I might have sounded a wee bit alarmist when the main web page of
http://www.balug.org/ had been trashed, but I was mostly concerned about
how that looked for and reflected upon BALUG. I am quite glad that we did
get at least the most obvious damage (the web page defacement) corrected
relatively quickly.
Anyway, thanks again for everyone's work on the site and for BALUG, etc.
Quoting Xavier <balug-talk@xav.to>:
> michael@offroadgeek.com wrote:
> And without a back end view, its not easy or safe to assume that little
> has gone wrong. Moreover in the past worse has happened and nothing got
> done about it for a long time.
> > The hack that was used was a simple way to change the index.php file.
> The
> > hackers did not actually break into the server and no security is
> > compromised.
> Do you have immutable logs to verify that?
More information about the BALUG-Admin
mailing list