Site may be up and down tonight while I fix the server it sits on.

<sigh>

Dan.

Dan I think its appreciated by all the work you do to keep the site running hun....Thank you so much...:grin2 :grin2

i agree well done that man

Finally sorted.
For those interested (I doubt there's many), I use cacti to monitor bandwidth at various sites and didnt notice a recent vunerability in it's cmd.php script (which sits in the web root! STUPID!)
http://lists.debian.org/debian-security-announce/debian-security-announce-2007/msg00005.html

I've contacted the US noc who own the IP space it came from, but I doubt i'll get anything back.

They only gained user level access as I have the server locked down quite tight and all they seemed to do is run the usual IRC bots which kill the cpu and fill up apache's error.log which killed mysql by filling up the /var partition, bringing the site down yesterday.

I've fixed cacti and if anything like this happens again, the hacker wont be able to make any outbound connections to download all their junk to the server. I've also added a load of things to my monitoring so hopefully I'll get notified before everyone starts hammering my Messenger ;)

In the words of Rik Mayall, Stoopid ooopid!

Dan.

was this all linked with the amount of spam posts recently Dan, and with the post i deleted as spam yesterday that was questioning the moderators role in being able to delete it?

Nah, i doubt it - has it been physically removed or can I still see it?

I suppose it's possible that it was via this site that someone decided to hack the server, but then that server gets targeted several times a day - it's just normally they cant get in ;)

Dan.

Finally sorted.
For those interested (I doubt there's many), I use cacti to monitor bandwidth at various sites and didnt notice a recent vunerability in it's cmd.php script (which sits in the web root! STUPID!)
http://lists.debian.org/debian-security-announce/debian-security-announce-2007/msg00005.html

I've contacted the US noc who own the IP space it came from, but I doubt i'll get anything back.

They only gained user level access as I have the server locked down quite tight and all they seemed to do is run the usual IRC bots which kill the cpu and fill up apache's error.log which killed mysql by filling up the /var partition, bringing the site down yesterday.

I've fixed cacti and if anything like this happens again, the hacker wont be able to make any outbound connections to download all their junk to the server. I've also added a load of things to my monitoring so hopefully I'll get notified before everyone starts hammering my Messenger ;)

In the words of Rik Mayall, Stoopid ooopid!

Dan.

*Nods Head*So thats Cacti, apaches, and immigrant members (hackers)...

We should rename this site the middle east! :laugh1 Whats next osama bin laden? :grin2

The IRC bots would happen even if they didnt have access... any member can bring them in by having their account hacked... be wary of sites that these new members post (no offence to new members) but especially if they havent posted a hello or anything... it could be something as innocent as a 'funny clip' that brings them in it happened on a gaming forum i was on.

Search your computer for spyware or something id advise..

'I swear... it was essex bikers that put those pictures and videos on my computer.. honest!':D

And whos Rik Mayall? :headbash

who is rick mayall?!?!?! hes the geezer from bottom and guest house paradiso and the young ones

who is rick mayall?!?!?! hes the geezer from bottom and guest house paradiso and the young ones

Young 'Tooey' he may know a little.....but not knowing who Rick Mayall is...well thats rather disappointing in my book:reading ......two slaps with the ruler over the palms of your hands 'Tooey'.....:jumping2 lolol

Young 'Tooey' he may know a little.....but not knowing who Rick Mayall is...well thats rather disappointing in my book:reading ......two slaps with the ruler over the palms of your hands 'Tooey'.....:jumping2 lolol

ow! You see if i had seen a picture i would know, i just didnt know him by name... Bottom was a hilarious program i used to love watching when i was little.

im younger than you and i knew it:grin2 :grin2