Webmastersite.net
Register Log In

security issue
hacker was able to carry a network attack through

Comments on security issue

fresco
Forum Regular

Usergroup: Customer
Joined: Feb 19, 2003

Total Topics: 23
Total Comments: 106
fresco
Posted Mar 31, 2008 - 10:10 AM:

Hi Everyone,

was away from version 3.12 (did not want to edit templates...)

well my host shit down the directory claiming that:

hacker was able to carry a network attack through wsnlinks scripts.

any idea what could be the hole?
Paul
developer

Usergroup: Administrator
Joined: Dec 20, 2001
Location: Diamond Springs, California

Total Topics: 61
Total Comments: 7868
Paul
Posted Apr 01, 2008 - 11:35 AM:

I emailed you and everyone else in early 2006 informing you that it was absolutely critical to upgrade to 3.3.21+ or you would be hacked. You refused to upgrade, so of course you got hacked. Probably many times, only noticed now.

I know you don't care much about your site, since you didn't think it worth putting a few hours a year into it, but on a shared web host you have a responsibility to the others hosted on the same server -- who will have their email blocked because of spam from your hacker, for example.
fresco
Forum Regular

Usergroup: Customer
Joined: Feb 19, 2003

Total Topics: 23
Total Comments: 106
fresco
Posted Apr 10, 2008 - 10:06 AM:

Nice to hear from you Paul.

I actually do care about my site I have designed my templates to what i wanted them to be and new features became far more advanced then what I needed, I was happy with my directory until this incident.

I did miss the warning email, and do not think that passing judgment is the right reaction.

Is there any way I can correct the security hole without upgrading?
Paul
developer

Usergroup: Administrator
Joined: Dec 20, 2001
Location: Diamond Springs, California

Total Topics: 61
Total Comments: 7868
Paul
Posted Apr 13, 2008 - 1:35 AM:

No. I don't even keep copies that old.

Just as you need to know traffic rules to drive, you need to know decent security practices to use software. The most fundamental security practice which applies to all software is that you keep it reasonably up to date.

Template updates are fairly simple since 4.1.0, but nothing can change the past.
fresco
Forum Regular

Usergroup: Customer
Joined: Feb 19, 2003

Total Topics: 23
Total Comments: 106
fresco
Posted Apr 13, 2008 - 3:50 PM:

got it pgrading... tnx
Search thread for
Download thread as
  • 0/5
  • 1
  • 2
  • 3
  • 4
  • 5



Sorry, you don't have permission to post posts. Log in, or register if you haven't yet.