My small message board has been hacked.
Ugh! Talk about a nightmare.
Anyway, my computer savvy friend was able to get the IP# of the hacker, and I have a full report on their IP#'s including some proxies they tried to use.
It took place on Memorial Day.
Who can I report it to? Is there such a thing as the Internet police?
Thank you in advance.
You can report it to their ISP if you managed to get a hold of that info.
I did that. Thanks.
Just curious. What do you think they will do?
Then what can be done to the hackers?
I’m curious about what makes you think this IP was the one that hacked it? What was actually done?
My friend checked the logs and was able to see who logged in as a admin besides me on the day.
(some cases different IP’s on the same url minutes away from each other, this is probably a single person connecting through a proxy, and occaisonally
messing up and connecting with their real address)
They went in and deleted all the posts, forum topics and posters.
Oh, and I am the only admin and i have no mods.
Patty and Chuck
I know that a certain message board software (PhpBB?) has had a weakness which got widely reported. Since then, all the lesser hackers with little knowledge and even less intelligence have been pretending to act as if they are some genius computer-hacking wizards. Here is a website that fell victim to these clowns:
http://www.guitarnuts.com/phpBB2/index.php
Not that I am defending hackers, but the ones who attacked your message board were probably not very computer savvy.
But they still shouldn’t be able to get away with it.
BTW - My forum was a phpbb forum
Patty and Chuck
Oh I certainly don’t want those clowns to get away with it and I wish you luck with tracking those idiots down.
A great many members of the “GuitarNuts” message board wanted the site owner to do just that but he didn’t pursue it.
Again, good luck.
I post to a board where people submit their fiction stories. It was attacked last week by a hacker. I have my story backed up on my computer, but a lot of people lost a lot of work. It’s pretty awful.
You have to wonder why these jerks don’t try to hack big govermnent or media websites instead of targeting little guys in the background. Practice maybe?
It’s easier and the specific methods used mostly don’t work on big sites. A lot of the times when something like a board for a small website is hacked, the person who did it was probably a “script kiddie”. That is, someone who didn’t come up with the exploit but is instead using what other people have discovered.
A small site is probably not going to have its own message board script, it’s simply too much effort and what not, so they rely on existing board software packages. Eventually someone comes along and finds a security hole in the software package, and then posts details of the hole (and possibly explicit instructions about how to take advantage of it, or a script that does so progamatically) to the web, IRC, wherever. People then pick that up and use it to hack instances of the board software, but they can only do so until the security hole is patched. Large sites, if they’re running a message board, are more likely to be running custom software, or if they’re running a commercial package, to keep up to date on the patches, so they’re typically less vulnerable than small sites who may be lax in their patching.