Talk to me about web servers.

From Danielle Corsetto of Girls With Slingshots:

From Randy Millholand of Something Positive:

When I tried to access GWS on Friday, Firefox blocked it as an attack site. Danielle Corsetto tweeted that there had been a malware attack against the site, but it had been fixed but Firefox/Google warnings would be up for 24 hours.

So my questions are:

  1. Does anyone here know what actually happened to the Blind Ferret’s servers?
  2. Why does Randy say they are ‘’ being rebuilt", what does that mean exactly? Can’t they just go to a restore point from before what ever happen happened?

Thanks

I have no idea what Blind Ferret is. But “just go to a restore point from before what ever happen happened” makes the assumption that they have frequent backups, which in my experience is often not the case, especially with small-scale operations as this sounds to be (one server, one admin, silly name, etc.). It also makes the assumption that they know when the compromise happened, so they know the safe point to restore to. And even if both of those things are the case, there may have been important changes that happened after the restore point which need to be re-created, depending on how fast-changing the system is.

In other words, it’s probably not as easy as it sounds.

Yup, what FoundWaldo said.

It’s very common for web sites to be hacked in order to distribute malware. Nothing unusual about that.

“rebuilt” suggests to me that they’ve started with a fresh server reinstall and are piecing it back together from original copies stored elsewhere.

Sorry. Blind Ferret Entertainment seems to be primarily a web host for several webcomics, but are involved in other related things. In my humble & uneducated opinion they seem to know what they are doing. But then I don’t know jack so there you go.

I figured as much, but was curious about the details.

Thanks.