RE: Re: [OT] - HELP PLEASE we've been hacked.

["Paul Gale" <groups@xxxxxxxxxxxxxxxx>]

Dean - was this hacked server running on the IIS FTP server, or it's own
app?

How did you find it?

Paul.



> -----Original Message-----
> From: Dean Barrett [mailto:dean@xxxxxxx]
> Sent: 13 April 2004 16:59
> To: ukha_d@xxxxxxx
> Subject: RE: [ukha_d] Re: [OT] - HELP PLEASE we've been hacked.
>
> Thanks for that Mark.
>
> It wasnt Chris's advice particularly it was the ROFLOL - something i
didnt
> really need to know !!!
>
> Yes it looks like formatting might be the only approach which is a
pain in
> the arse but fine - if its what i have to do..
>
> My concern is if it is on other machines and i dont know..
>
> I really need to run windows as both CBus HomeGate and Geovision CCTV
run
> on
> windows only.
>
> With reference to paying - again if i have to so be it, but we're only
a
> little company and everything here is done in house, website etc. etc.
and
> i
> know how much IT bods charge :) - which is why there is so many of
them on
> here with fancy toys :)
>
>
>
> Dean.
>
>
>
>
>
>       Try our amazing lighting demonstration online now, and watch in
> realtime via our webcam. Click below and follow the CBus links.
>       www.rolec.net
>       dean@xxxxxxx
>       Tel: 01908-210677
>       Fax: 01908-210678
>      The information in this internet E-mail is confidential and is
> intended
> solely for the addressee. Access, copying or re-use of information in
it
> by
> anyone else is unauthorised. Any views or opinions presented are
solely
> those of the author and do not necessarily represent those of The
Rolec
> Group or any of its affiliates. If you are not the intended recipient
> please
> contact wrongmail@xxxxxxx
>
>   -----Original Message-----
>   From: Mark Harrison (Yahoo!) [mailto:mph@xxxxxxx]
>   Sent: 13 April 2004 16:40
>   To: ukha_d@xxxxxxx
>   Subject: Re: [ukha_d] Re: [OT] - HELP PLEASE we've been hacked.
>
>
>   >   I appreciated your laughter - but was looking for something a
little
>   more
>   > constructive...
>
>   I think that Chris gave good advice.
>
>   >   Surely formating is not the only solution - i assume my IIS
security
>   > patches were not upto date. - looking for suggestions to remove
> without
>   > formatting preferably.
>
>   Alas, with the nasty hacker types out there, there is no substitute.
> There
>   WILL be back doors :-(
>
>
>   In my opinion, Chris only went half way. "Format and consider
installing
> a
>   different web server" would have been my recommendation.
>
>   - I do not say this out of some dislike of Microsoft - I think that
they
>   write a lot of great software.
>
>   - I do not say this out of some geek-like desire to only use free
> software -
>   I think that non-free (as in costs money) has its place, and that
non-
> free
>   (as in Open Source) has its place.
>
>   - I do not say this because ANY web server is bug-free and
exploit-free
> -
> I
>   can only think of one piece of code that I _trust_ to be bug-free,
and
>   that's the core from the Inmos T8000. [bonus points to anyone who
can
> tell
>   me WHY I make that claim.]
>
>   The Microsoft web product set suffers from one fundamental design
flaw -
> I
>   am hard pressed to think of a single high-profile (on a global
scale)
> site
>   that uses it, with the exception of sites where Microsoft has
committed
>   significant development funding.
>
>   If your webserver is primarily static HTML, then moving away from
IIS to
>   something like Apache would be straightforward.
>
>   If your webserver is more complex, and relies on backend databases,
then
>   migration would, obviously, be much more complex.
>
>   >   Oh and without having to resort to paying people :)
>
>   No problem - continue to ask away here. Of course, if you do decide
you
> have
>   budget... :-)
>
>   Regards,
>
>   M.
>
>
>
>   UK Home Automation Meet 2004 - BOOK NOW!
>   http://www.ukha2004.com
>
>   http://www.automatedhome.co.uk
>
>   Member Offers - http://www.freeranger.co.uk/ukha
>
>
>
>
--------------------------------------------------------------------------
> --
> --
>   Yahoo! Groups Links
>
>     a.. To visit your group on the web, go to:
>     http://groups.yahoo.com/group/ukha_d/
>
>     b.. To unsubscribe from this group, send an email to:
>     ukha_d-unsubscribe@xxxxxxx
>
>     c.. Your use of Yahoo! Groups is subject to the Yahoo! Terms of
> Service.
>
>
>
> [Non-text portions of this message have been removed]
>
>
>
>
> UK Home Automation Meet 2004 - BOOK NOW!
> http://www.ukha2004.com
>
> http://www.automatedhome.co.uk
>
> Member Offers - http://www.freeranger.co.uk/ukha
> Yahoo! Groups Links
>
>
>
>
>