|
|
JISHOU, HUNAN — This site went down not once, but twice because of some kind of Linux hack.
Thanks to my ever-reliable webhosts, Planet Earth Hosting, and my own backups, the downtime was just a few hours total, but it was still a pain in the ass.
The first incident was on the 6th, when someone named GhOST61 replaced all the index.xxxx pages in my public_html directory (and perhaps in everyone else’s on that server) with his own 40-byte taunt. My quick googlifying turned up a reference to a vulnerability in the Linux kernel that said GhOST61 has managed to exploit all over the place.
The crew at PE Hosting had to take down the webserver, reinstall Linux, then restore the files from their backups. Some of my more recent posts were missing, but I was able to recover them from the feeds I send to my Facebook notes. The site was back to normal up several hours later.
 Ella Koon 官恩娜- see below for details The following day I tried to post something here and got nowhere. The URL didn’t work; all I got was a Firefox message saying the server was not found.
Turns out another hacker torpedoed the same webserver while the PE Hosting crew was trying to harden the server against further attacks. So, they had to take the server down again, reinstall Linux a second time, and restore the files from their backups. My most recent posts were once again missing, but this time I had my own database backup. Instead of cutting and pasting from Facebook, I could use phpadmin to insert the missing posts back into my WordPress database at PE Hosting.
Possibly related posts:
[Rescued, thanks to Facebook Notes.]
JISHOU, HUNAN — And when the site went down, I was asleep.
Someone by the name of GhOST61 hacked my public web root directory overnight, replacing every index.xxx file with his own 40-byte masterpiece:
Hacked By GHoST61 — TurkSec
Rooted!
Fortunately, his little infiltration was but a minor annoyance, since all I needed to do was replace his index.xxx files with the correct ones. Once my daughter told me about the hack, I had everything (apparently) back to normal within an hour. It pays to have backups.
Meanwhile, I asked my web host to see how this guy managed to screw up my sites. From what I hastily read on the Internet this afternoon, he (or she) has done this to hundreds of sites all over the world. I’d like to find out how he did it, so I can prevent it from happening again.
As for your GhOST61, thanks for pointing out the fragility of our websites. Now, go fuck yourself.
Permanent link to this post (168 words, 1 image, estimated 40 secs reading time) Possibly related posts:
JISHOU, HUNAN — While poking around my own posts recently, I discovered that the third anniversary of my blog had completely slipped past me. Hard to believe it’s been that long.
In the past 37 months, I have written 472 posts, or about 13 blog entries (posts in WordPress lingo) a month — roughly 3 a week. My active readership seems kind of small, with roughly one comment for each post, but my ClustrMap‘s little Mercator projection is covered with red blobs over North and South America, Europe, China, Australia and the Middle East. So somebody must be reading me, even if they leave no comments behind. According to ClustrMap, SiteMeter and my own stats application, there have at least 40,000 visits to this URL since August 2006 — a mere pittance compared to, say, ScienceBlogs superstar PZ Myers, but a helluva lot more than I ever expected.
In the beginning, the blog was just a means for me to vent my frustrations at how willfully ignorant and unscientific Americans seem to be. I also had the intention, which has yet to find its full fruition, to make the blog a place to teach physics and astronomy. As the months passed, I found myself commenting on religion, civil liberties, evolution vs. intelligent design, music, film and a host of more random issues. Since August 2008 the focus understandably switched to my new life in China. I have a wide range of interests, so I suppose the blog reflects that.
Possibly related posts:
|
Recent Comments