Skip to content

The Perpetual Weblog

Filled With Those Events That Alter and Illuminate Our Times

Menu
  • About
Menu

Hacked!

Posted on April 19, 2006 by Ian

I’m posting the next couple of thngs separately just to keep them straight…

My web server has been hacked 3 times now!

The first two were through really poorly chosen passwords. I was doing some testing with the server, trying to set it up so that each of us could have networked “home” directories, so we could get at our e-mail and stuff from either the laptop or the desktop, even if the desktop computer was turned off. Unfortunately, I set up the kids’ accounts with a default password the same as their usernames…OOPS! I also wasn’t thinking that those accounts were visible from the net through SSH (Secure Shell). OOPS AGAIN! So, someone scanning the net found my SSH server and started trying usernames and passwords and eventually lucked onto BOTH the kids accounts. Once in, they only installed some IRC Eggdrop bot to listen in on IRC channels and setup for DDOS attacks (making my machine part of a “zombie network”). Easily rectified and actually kinda cool to track down and figure out what they did.

The third hack resulted in exactly the same damage, but they got in but exploiting a hole in the phpChat server I had been running. Remember that? It’s gone now, I can assure you! Luckily, they killed the entire web server when they did get in, so I caught on fairly quickly.

Even today, I’m continuously scanned on SSH — trying names and passwords — and on the web server — looking for vulnerable PHP apps. I can appreciate it as “kinda” cool, but these folks probably don’t even know what they are doing. “Script-kiddies” they’re called. They just find the programs online and run tem…they have no idea how they work or what EXACTLY they are doing. They get no respect from me!

3 thoughts on “Hacked!”

  1. Scott says:
    April 20, 2006 at 14:25

    Hmm now this is really interesting. Can you not back track these people and hack them or report them to someone?

  2. Ian says:
    April 20, 2006 at 18:14

    I did chase back one of the machines, and it turns out that their machine had been hacked too. That’s the way it usually goes, the machines that attack yours are just being used by the attackers. The guy I talked to gave me all sorts of tips on detecting, cleaning and tracing back the attackers. Pretty cool stuff.

  3. Scott says:
    April 21, 2006 at 21:38

    How interesting. its just like a giant cess pit out there isn’t it

Leave a Reply Cancel reply

Your email address will not be published.

©2025 The Perpetual Weblog | Built using WordPress and Responsive Blogily theme by Superb
Menu
  • About