l i n u x - u s e r s - g r o u p - o f - d a v i s
Next Meeting:
July 7: Social gathering
Next Installfest:
Latest News:
Jun. 14: June LUGOD meeting cancelled
Page last updated:
2010 Jan 25 19:59

The following is an archive of a post made to our 'vox-tech mailing list' by one of its subscribers.

Report this post as spam:

(Enter your email address)
Re: [vox-tech] my site was hacked
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [vox-tech] my site was hacked

Not sure this is really a "technical" question... but I'll bite:

Hai Yi wrote:
> a couple days ago one of my friends got hacked into her photo website,
> ironically it turned out my business website was hacked too - I found
> out yesterday.
> The website hasn't been restored yet, even I wrote an urgent email to
> the support of my ISP, lunarpages.com, no response after 24 hours
> except for an automatic email. This host used to be a good one,
> responding to the requests in time and to the point; however it's
> becoming a disappointment in recent years, I think it's time for me to
> move my business else where.
> Anyway, I hope someone here can help me with a few questions: does the
> ISP bear responsibility for such a security breach?

Depends how access was gained.  Figuring that out can be difficult if
the intruder is competent, but the sysadmin is more likely to be able
to do this than you are, and they may not feel like sharing if it was
their fault.

> My site has yet to
> see much business flow, but suppose there is a successful site being
> hacked and the restoration is delayed, who is to blame for the loss?

Refer to the contract language for your use of their hosting services.
Keep in mind that if the security breach was through your password,
you are almost certainly responsible.  It is unlikely that the ISP
will accept responsibility for any financial loss, even if they admit
fault for the breach.

> My homepage is replaced by the hacker's page of some crap, is that the
> best he can do?

Insufficient data.

> what kind of attack it is?

Insufficient data.

> are they able to access my data?

Insufficient data, but most likely yes.

> I checked that my files are still there, but not sure if the
> hacker has made a copy.

I would assume so, unless you can confirm that a more limiting mode
of access than shell access was employed.

Jeff Newmiller                        The     .....       .....  Go Live...
DCN:<jdnewmil@dcn.davis.ca.us>        Basics: ##.#.       ##.#.  Live Go...
                                       Live:   OO#.. Dead: OO#..  Playing
Research Engineer (Solar/Batteries            O.O#.       #.O#.  with
/Software/Embedded Controllers)               .OO#.       .OO#.  rocks...1k
vox-tech mailing list

LUGOD Group on LinkedIn
Sign up for LUGOD event announcements
Your email address:
LUGOD Group on Facebook
'Like' LUGOD on Facebook:

Hosting provided by:
Sunset Systems
Sunset Systems offers preconfigured Linux systems, remote system administration and custom software development.

LUGOD: Linux Users' Group of Davis
PO Box 2082, Davis, CA 95617
Contact Us

LUGOD is a 501(c)7 non-profit organization
based in Davis, California
and serving the Sacramento area.
"Linux" is a trademark of Linus Torvalds.

Sponsored in part by:
Sunset Systems
Who graciously hosts our website & mailing lists!