|
|
JISHOU, HUNAN — Yesterday, my site was hacked. In fact, I think the entire server was hacked. Someone by the name of GhOST61 replaced every single index.xxx file with his own 40-byte “neener neener — I hacked you” message.
My webhost, Planet Earth Hosting, told me the hacker managed to plant a rootkit somehow on the webserver, which I gather took down my site and a bunch of others. For those who don’t know, a rootkit is a nasty little of code that works its way into operating system of a computer (Linux, in this case) and gives the code free access as the “root” user, also known as the superuser or the administrator account. With that access, the hacker’s code can do just about anything.
All this guy did was replace our index pages — the first thing you see when you open a website — with his 40-byte taunt. It could have been much, much worse.
As it is, my hosts had to restore the operating system on the server — that’s like completely reinstalling Windows, with consequent loss of data. Then they restored the data from their backups. Unfortunately, the most recent backup was from the 3rd, so my last few posts were not restored.
But, thanks to the redundancy of feeding my blog into Facebook Notes, all I needed to do was do some copy-and-pasting from Facebook into WordPress, and voilà! I’m back in business, as good as new.
Possibly related posts:
[Rescued, thanks to Facebook Notes.]
JISHOU, HUNAN — And when the site went down, I was asleep.
Someone by the name of GhOST61 hacked my public web root directory overnight, replacing every index.xxx file with his own 40-byte masterpiece:
Hacked By GHoST61 — TurkSec
Rooted!
Fortunately, his little infiltration was but a minor annoyance, since all I needed to do was replace his index.xxx files with the correct ones. Once my daughter told me about the hack, I had everything (apparently) back to normal within an hour. It pays to have backups.
Meanwhile, I asked my web host to see how this guy managed to screw up my sites. From what I hastily read on the Internet this afternoon, he (or she) has done this to hundreds of sites all over the world. I’d like to find out how he did it, so I can prevent it from happening again.
As for your GhOST61, thanks for pointing out the fragility of our websites. Now, go fuck yourself.
Permanent link to this post (168 words, 1 image, estimated 40 secs reading time) Possibly related posts:
JISHOU, HUNAN — Website maintenance is a pain, but at least WordPress makes it easy to do.
A few weeks ago, I upgraded to the most recent version of WP, using the automatic update feature. This latest version is reportedly more secure and quicker loading. I had only one glitch that I only discovered yesterday: the archives plugin (in the left sidebar, click on “Archives by Title”) was not working with the new WP version. Installing the latest version of the plugin (SmartArchives) and making one change in the HTML for that page removed the glitch.
Today I upgraded to the latest version of the Atahualpa theme I use. This new version has an admin page that tweaks every single setting of the theme. As I discovered, if you don’t visit the admin page and start saving settings, your blog will be virtually blank. I’ve got it about 97% done, enough that the site looks much the same as it did yesterday. I still want to enlarge the post headline font size and make the header area a bit better looking, but those can wait for now.
As for my activity in the real world, I’m halfway through a week-long holiday. On Friday, I tutored a student in the afternoon, and on Saturday, had tutorials in the morning and afternoon. Saturday evening, I went to a party, about which I may blog later. Sunday was the first sunny day in several and I had the whole day free.
Possibly related posts:
JISHOU, HUNAN — I am happy to report that I can once again post to my Picasaweb photo site, as long as I use the Ultrasurf proxy client I downloaded a couple of months ago.
It’s slow, but at least I can use the 80 GB of Picasaweb storage space that I paid for. It also means my photos will automatically get posted to Facebook through the Picasa Facebook app.
So, as I wait for my photos to trickle slowly into my Picasaweb space, I can write some posts. Here’s the first one.
Permanent link to this post (94 words, 1 image, estimated 23 secs reading time) Possibly related posts:
JISHOU, HUNAN — Whilst traveling last week, I tried sending posts from my phone to the blog, with less than wonderful results.
Don’t get me wrong, the wp-mail.php script is a great feature of WordPress. You set up a secret email account, point WP to check the account, and it will take plaintext messages and post them on your blog. It didn’t work so smoothly for me, though.
First, my account with China Mobile doesn’t seem to have email services, but I can send multimedia messages. When I tried that with WordPress, it just took the MIME portion of the message and printed it as ASCII gobbledegook. So, I took the same message and sent it first to Gmail, which did display the text. But forwarding that message without the MIME attachment to WP just resulted in a blank post. In the end, I had to use a browser to post the blogs.
Clearly, I need to enable email services on my mobile account. It will make blogging while traveling a little more spontaneous.
Permanent link to this post (175 words, 1 image, estimated 42 secs reading time) Possibly related posts:
 Big spider This morning I visited my friend’s English class at Jishou National Experimental Primary School. While she spoke to some prospective parents, I wandered down the passageway and found this impressive looking spider waiting for his/her next meal. The leg span was easily 5 to 6 inches. Biggest spider I’ve ever seen in real life.
Permanent link to this post (56 words, 2 images, estimated 13 secs reading time) Possibly related posts:
UPDATE 28/7/2010 11:25 am: And now everything is back to “normal.” But Firefox went south on me, Winamp got trapped in a loop somehow, and even taskmgr couldn’t kill it. After I shut down the computer, and restarted, the “blocked” sites listed below were accessible again. So I laid blame on the Great Firewall, but maybe it was my laptop or Vista Home edition.
JISHOU, HUNAN — Yesterday, I could access a whole slew of my favorite websites. Today, I can’t. I blame the Great Firewall of China.
In fact, my own website (this one) is now blocked. I am using the Ultrasurf proxy to climb the Great Firewall just to post this.
And to aggravate me even more, Wikipedia seems also to be blocked, just as I was beginning the last phase of a long term project to edit Wiki entries about locations in Hunan, using my students’ research papers as the sources. I managed to edit the Jishou entry two days ago. Now, I’ll have to use the proxy to continue.
Here’s a partial list of what I could access yesterday, but cannot today.
And here’s what seems so far to be unaffected.
Possibly related posts:
|
Recent Comments