Forum Groups
  All forums
    Help & Feedback
      Work in progress
      Finished Art
      Non-Max related

Featured Threads
  inspiration alert!!!
(37 replies)
  Indespensible MaxScripts, Plugins and 3rd Party Tools
(37 replies)
  The allmighty FREE Resources Thread !
(17 replies)
  spam alert!!!
(4886 replies)
  Maxforums member photo gallery index
(114 replies)
  Maxforums Member Tutorials
(89 replies)
  three cheers to maxforums...
(240 replies)
  101 Things you didnt know in Max...
(198 replies)
  A Face tutorial from MDB101 :D
(95 replies) Members Gallery
(516 replies)
(637 replies)
  Dub's Maxscript Tutorial Index
(119 replies)

Maxunderground news unavailable

First page  Go to the previous page   [01]  [02]  [03]  [04]  [05]  [06]  [07]  [08]  ...  Go to the next page  Last page
Wtf is wrong with this world ?
show user profile  killerbee2

site got hacked. Great way to contribute to a community.

read 1610 times
6/2/2011 3:25:09 AM (last edit: 6/2/2011 3:25:09 AM)
show user profile  gogodr
"I don't know what your motives are for getting this site down"

could have been a hosting problem and the website owner being a little paranoid though...

IF hacked, then yeah :/ must have been something personal against the owner.

Hello there

beautiful ;3

read 1605 times
6/2/2011 3:29:34 AM (last edit: 6/2/2011 3:30:13 AM)
show user profile  killerbee2
I'm the owner, and it's not a hosting problem, looks like they even deleted the mysql database.
Way to go.

read 1601 times
6/2/2011 3:34:04 AM (last edit: 6/2/2011 3:34:04 AM)
show user profile  gogodr
.___. got any enemy recently?

:: theories on how could the hacker do it:
if the site had any kind of way to submit information to the server then the hacking is simple if your uploading method doesn't have restrictions.

if there was no way to submit information from the site then the hacker could have managed to get your host and crack your sql password do delete the database.
as for the site being down it could have been made with spamming the host (( a dDos attack )) or by cracking the FTP and taking down the files.

if 1) sadly it could have been an amateur hacker just trying hacking methods.
if 2) it must be someone with a grudge on you since it takes quite some time to crack passwords.

Hello there

beautiful ;3

read 1598 times
6/2/2011 3:38:04 AM (last edit: 6/2/2011 3:45:48 AM)
show user profile  killerbee2
not really no, but apparently now I do.
I'll do everything within my power to track him down doh and settle this in person even if I have to travel to bujumbura.

read 1587 times
6/2/2011 3:41:34 AM (last edit: 6/2/2011 3:41:34 AM)
show user profile  LionDebt
fucksake, that sucks mate.

get Bolteon on them.
read 1586 times
6/2/2011 3:42:06 AM (last edit: 6/2/2011 3:42:06 AM)
show user profile  killerbee2
Sad thing is I've just been working for 6 hours on an AE script to properly load subtitles from an external textfile. So happy face went straight into angry face the moment I was about to post it to my blog.

read 1581 times
6/2/2011 3:51:17 AM (last edit: 6/2/2011 3:51:17 AM)
show user profile  gogodr
D: !

Hello there

beautiful ;3

read 1577 times
6/2/2011 3:52:29 AM (last edit: 6/2/2011 3:52:29 AM)
show user profile  Manolo
Damn, sorry to hear this. It would be quite odd for a total stranger to do that. It's probably some you know :(
Years ago some asshole -I've narrowed my suspicions a lot, but still...- hacked my personal mail and it was a nightmare.

Good luck tracking down the perp. Wasn't Hercules Poirot a belgian, anyway?


read 1567 times
6/2/2011 4:05:23 AM (last edit: 6/2/2011 4:05:23 AM)
show user profile  Kajico
gogodr is right, usually it's a few things.

Hackers testing out their hacking skills some do it maliciously to the point that they withhold your information for ransom. IE you get an email saying: If you want your mysql db back, send money to xxx.

Grudge against the site, it's more than likely though the first.

Hopefully you've made backups of all your data, if you have the easiest thing is to wipe out your installation clean and harden your security.

If you host this on your own server, tighten your over all server security, if you host on someone else's server, get a third party to do some penetration scanning for you and tell your host to harden their environment.

Do penetration scanning on your application, make sure your software is as up to date as possible and has no known vulnerabilities. Use convoluted usernames and strong passwords. See if your host runs in a suexec, or php5-itk environment so that way you can harden your file permissions. Having any file or folder set to 777 is an easy method of allowing outside scripts to be uploaded or injected onto your hosting environment. If you use php5-itk or suexec you can set your permissions to 750 or 740 which will lock down read/write/execute access from all users and groups except those that apache is running as.

Your mysql username and password is usually stored in plain text in one of your php scripts, easy way to fix this is is to use ioncube encoder and encode the config file of your application so none of the code is in plain text. if anybody gains access to your application's files they won't be able to retrieve your mysql username and password.

If there is ssh access to your web directories, make sure you use strong password, see if your host lets you setup ssh keys instead of standard password.

Sadly this happens all too often, I deal with it almost on a day to day basis at work. Sadly it is ultimately your responsibility to manage the security of your site, your host will not do it for you and they rarely ever take responsibility in these cases because if they did they would be up to their eyeballs in work. Running a website takes work, you just can't leave it out there expecting it not to get hacked, sadly it's going to happen. It's not your fault you got hacked, because frankly yeah that's what hackers are out to do, but it is your responsibility to secure your site as much as possible. I blame things like cPanel and Plesk, that make it easy for anybody to launch a site with their automated installation scripts. It doesn't secure shit for you, and frankly the more tools out there to help you manage your site, the more vulnerable your site is.

(\/) (°,,,°) (\/) Woop woop woop!

read 1566 times
6/2/2011 4:06:36 AM (last edit: 6/2/2011 4:16:22 AM)
show user profile  Bolteon
lets kill some fools, tom...

-Marko Mandaric

read 1542 times
6/2/2011 5:31:43 AM (last edit: 6/2/2011 5:31:43 AM)
show user profile  gogodr
if up for a dDos attack. I'm up for it.

Hello there

beautiful ;3

read 1539 times
6/2/2011 5:32:52 AM (last edit: 6/2/2011 5:32:52 AM)
show user profile  Nik Clark
I'll fly out there with you, KB. Motherfarking vandal hackers.

read 1510 times
6/2/2011 9:36:37 AM (last edit: 6/2/2011 9:36:37 AM)
show user profile  Sylverstalker
What a dick. I hope you get the bastard.

read 1503 times
6/2/2011 9:42:36 AM (last edit: 6/2/2011 9:42:36 AM)
show user profile  mrgrotey
Im confused, whats wrong the site? looks ok to me :/


read 1502 times
6/2/2011 9:43:49 AM (last edit: 6/2/2011 9:43:49 AM)
First page  Go to the previous page   [01]  [02]  [03]  [04]  [05]  [06]  [07]  [08]  ...  Go to the next page  Last page
#Maxforums IRC
Open chat window