I got back from Cellardyke tonight to discover that my site had been hacked once again. This time I didn’t delete the files they’d dumped on my server; I’ve zipped them and sent them to my webhost for examination.
I’m now wondering if they’ve used a Linux kernel exploit to gain root access to the server. That’s pretty serious stuff, and if that is the case then I do hope my webhost get the kernel patched asap. If it’s not, then I hope they help me get to the root of this problem.
Yesterday was Jane and my 6th wedding anniversary. Iron and sugar, seemingly; Mum and Jenni gave us some chocolate raisins.
I spent the morning and early afternoon at a funeral in Selkirk; Jane spent the morning at the vets, and the afternoon at the zoo with friends. In the evening we drove over to Cellardyke (in separate cars) with friends Jonny and Emma and their family, ate fish and chips around the dining table, and watched fireworks over Anstruther.
Six years since we got married, on Sunday 25 July at St Thomas’s, Corstorphine. We’re taking antihistamines this year, seemingly it can get a little itchy.
The nice folks at Pipex emailed me this evening to say that they’d located the source of my website hack, from my website logs. It appears that on 9 July someone exploited a vulnerability in an old version of phpBB (I think it was 2.0.8) that was still residing on my server (albeit not being used).
The phpBB vulnerability allowed someone to upload a file (or files) to my server and execute them. I’ve no idea what they’ve been using them for: DOS attack, spamming, or just a simple site hijack?
I deleted phpBB from my server a couple of weeks ago, but too late! This evening I updated the phpBB forum on the exNYCgb website.
I’ve just sent an email to my webhost, HostEurope/Pipex, to ask if they can shed any light on how/why my website got hacked. This morning I received this email, written at 19:42 last night:
Check this address – some one has invaded your site
Kathrynhttp://www.garethjmsaunders.co.uk/index.html
and sure enough, my website front page had been replaced with a two word plain text file that read “F*ck .uk” (but with no asterisk).
I’ve now replaced the offending/offensive page with my original page and will await to see if Pipex can shed any light on how or why it was hacked, and what I (or they) can do to prevent this in the future.
Optimus keyboard …
… isn’t that the most beautiful piece of geek ‘porn’ you’ve ever seen. Today. On the internet. On my blog.
(Can you tell I’m filling time waiting for my mate Jonny to arrive from Bristol?)
Here’s an amazing piece of freeware software for identifying your PC’s CPU, motherboard and memory: CPU-Z.
CPU-Z runs on just about any version of Microsoft Windows from Windows 95 to XP, and beyond (including 64-bit versions); and gathers the following information:
Perfect for finding out exactly what kind of RAM upgrade your Mum’s PC might need, for example. I’m betting on PC133 SDRAM, based on what I think the motherboard is: a SiS 730. Answers on the blog tomorrow. (I just know you can’t wait!)
Update: Monday 25 July 2005
Mum’s PC is now safely back here in Edinburgh. I’ve unscrewed the case, removed the memory module and … drum roll … it’s a PC133 SDRAM DIMM Module.
Well done me.
Today was going so well, too. And then:
Still, I’ve been to church today and so at least I know that the Lord Jesus still loves me. Even if shoppers at Ikea and Argos don’t; our Flymo hedge trimmer wants to frustrate me; and the England cricket team … sighs.