Mass Attack

Reply·Subscribe
DreamsUnlimited
DreamsUnlimitedAdvanced
4 posts
0
 

Ok, so my site has been sending out mass emails by the tens of thousands.  Seems either one of the people I gave access to my files loaded something on or while a user while browsing the site somehow installed through guestbook or forums or something some bad code.  My server has been shut down now 3 times in the last week.  First time was simple warning and tweaked some things.  then the second time, They removed some stuff from my tmp folder (bad files) and I pulled guest book which was getting huge hits online??  It also directed to a 'safehtml' folder and an XML from templates??  Now my site is down.  I am going to have the hosting company do an audit but I am thinking about crashing everything and starting again.  I so don't wnat to loose all the work but I am in over my head.  Has anyone had this challenge?  Has anyone had stuff entered into forums or anything??  Have you heard of profiles existing with admin being able to know?  I have no idea to what extent they couyld of buried it.

 

Do I need to wipe my VPS and start fresh??  Is that the only way to know for sure?? Anyone??  Any suggestions??  My domain has already sent out tons of spam mail about money overseas etc... I find it upsetting to know that people do this kind of thing.  How do I protect myself against it.  Does anyone suggest a SSL or am I now just being paranoid??

 

Do I need to just cruise all of the profiles and possible fields to see if something was entered.  Is it possible for there to be profiles that I can not see in admin?  I would like to get it clean and secure it..  I am not sure of my best next move.

Quote · 15 Jul 2008
theGhost
theGhostAdvanced
325 posts
0
 

Deepth Breath.... Good. Now lets start with a backup. Do you have one say a week/month ago? Reloading that should solve your problem without losing everything.

 

As for who set what attack/spam script? There have been several Dolphin sites hacked and corrupted in the past few days. Seems like you're one of the lucky ones. Make sure Register Globals is off as well as Safe Mode in your PHP Configuration file. Do this before you reload your Backup.

 

Boonex is working on a security patch should be out soon...

Quote · 15 Jul 2008
avhow
avhowAdvanced
206 posts
0
 

Hi,

You might want to read thorugh this post - http://www.boonex.com/unity/forums/group/Dolphin.htm#topic/Dolphin-not-secure-Hacked-.htm

Boonex have released information about the fix. It basically boils down to having your site hosted somewhere where they heve Register_Globals Off.

Read the post for full info.

Cheers

Max

Quote · 15 Jul 2008
Reply ›
 
 
Home
Features
Pricing
Hosting
Support
About
StartDemo
Below is the legacy version of the Boonex site, maintained for Dolphin.Pro 7.x support.
The new Dolphin solution is powered by UNA Community Management System.

Blogs

Dolphin.Pro News
BoonEx News
Our Journey
Social Software World
Community Voice

Help

Support Forums
Documentation
BoonEx at GitHub
Knowledge Base
Contact Support Team

Product

Dolphin.Pro Features
Live Demo & Sandbox
Download Packages
Pricing & Order
Contact Sales Team

Company

Contact Us
About BoonEx
Privacy Policy
Terms & Conditions
© BoonEx Pty Ltd