IM WORKING VERY HARD TO GET THIS GUY AND TO BRING HIM DOWN, WE DETECTED HIS IP ADRESS, IF YOU HAVE ANY INFO LET US KNOW WHATS UP!!!
WE GOT
IP
ALREADY
WE NEED NAME, AND MORE INFO
ARE U BEEN HACKED?
 |
You're more than likely wasting your time. hacking and most certainly not their own email address. |
"ARE U BEEN HACKED?" .. I am going to guess English isn't your native language? |
RumpyBumpy is Spot-On!
Hackers wont spit out their IP address and more likely go through multi-level Proxy setup. There are even tricky IP masks that, not only hide the IP address, but also trick you in believing that you scored the right IP.. As for tracking some one down with their Email.. well, that is so premitive.. even the kids in Nigeria know how to hijack an email addy and use it.
Maybe it's not so easy to track down a hacker with convential software and tracking devices.. Trust me, I know this for sure.. but, one of the things that webmasters should consider is having alerts installed on their servers. Whether it's this script or any other script, if hacked, you will be alerted. These behave according to filters you put in place, for example, you might want an alert everytime a .htaccess is accessed or a file permission is modified.. Until, offcourse, they figure a way to hack your Anti-Hack Alert Systems.. And the battle continues. |
hi i have been hacked to and i am so f****** mad needs to stop now i am new to this and its giving me a headache |
mr420, sorry about your woes man, however, again, you must be on a shared host. if you are running 6.1.4 then this shouldnt have happened, if it did let us see your logs, what has most likely happened is that you are on a shared environment with register_globals on, and that basically allows somebody to place a remote shell script on that server, and to the best of my knowledge, there is nothing to stop access once they are on the server. the other crucial dealio here is that you should be smacked for not having a backup to load in its place. i see many of the members here who are sniveling about being hacked, and want to come in here complaining. have you lodged a complaint with your hosting provider, and let them know its their fault you were hacked, as the server was compromised, not only your dolphin script. lesson learned mr420, get a host with register_globals OFF, load up 6.1.4, and you shouldnt face this drama again. later, DosDawg When a GIG is not enough --> Terabyte Dolphin Technical Support - Server Management and Support |
well there dosdog just because someone is on a shared server or dedicated server dont mean jack. I have this person i have to fix his site every other day because of this dolphin hack a thon going around. specs host for web dedicated server safe mode is off and reg globals is off and he is running 6.1.4. the best part is host for web offering to remove the files for 65 bucks a wack every time it happens.....
They dont offer to help stop it in any way nor do they care. and the other thing thats getting to me is they seem to feel the need to go in and change all the folders to 755 and files to 644 so you know what that does to dolphin with out even asking... https://dolphin-techs.com - Skype: Dolphin Techs |
I just got hacked. I have VPS and just changed to 6.1.4 and got hacked by a shell script and I have register Golbals off in my php.ini file. been down 24 hours. I have been hacked twice... both times within 24 hours of have Dolphin Geeks upgrade my site. Is there something that makes you vulnerable when you upgrade? |
The biggest vulnerablity after a hack would come from not putting your security measures back in place after the upgrade. Mostly would depend on the upgrade you did but if you overwrote any previously set up security, then you would have to reset the security measures again.
Signed, Reginald |
IM WORKING VERY HARD TO GET THIS GUY AND TO BRING HIM DOWN, WE DETECTED HIS IP ADRESS, IF YOU HAVE ANY INFO LET US KNOW WHATS UP!!!
WE GOT IP ALREADY
WE NEED NAME, AND MORE INFO Burn me down on this one, You have the IP and email, now you NEED NAME AND MORE INFO? you mean like the hacker who hacked you would brandish their names? and if its too much to ask address too? try hacker forum and see if you can gat tools to do that its one in a zillion chance but hey trying is better than not doing anything at all.lol |
I'm sure he's still bizzy with that one ..... |
dolphin 6.1.4 is a hackers paradise i have been battling hackers all night my ISP told me index.php had been exploited so i replaced it, and lo and behold it still is exploited i had 32000 emails in queue on some phishing scheme, i now have to turn off the website until i can buy a new script to run that is a little more secure. African Phishers can go straight to hell |
Sammie, When you say this fix "stops remote access to your directories" does that also mean it would block Google and other search engine bots? |
Sammie, thanks for the advice! :D |
Your fix works well. After reading some of the posts here, if the fix is in place, should we still ban the IP addresses from where the hacking attempts come? Or, are they probably masked and thus not worth blocking? |
Blocking individual IP addresses will only work in a very narrow range of circumstances and is not a good solution. Many people access the internet with an IP address that is assigned dynamically. Only when some troublemaker has the same static IP address, will blocking that IP be of any use..... even then, many users access the internet through a proxy such as AOL, and blocking one of those IPs would result in thousands of people not being able to reach your site.
On one of my sites, I have found that the majority of hacking attempts, and spambot registration attempts, originate in Pacific rim countries. If your web site is intended to serve a single country. or very specific geographical area, a product like GeoIP may be useful to you. With the GeoIP Apache API installed on your server, you can easily block entire countries from accessing your site. http://www.maxmind.com/app/mod_geoip
Some people believe it is wrong to block entire countries, but If my website is all about Houston Astros Baseball, I don't care one bit if people in China and Indonesia can't access it ..... sorry China and Indonesia, it's nothing personal. With GeoIP, you can also block known anonymous proxy servers. You definitely want to block high risk countries like Nigeria. If you can block 75% of the planet from accessing your site, you will considerably reduce your number of hacking attempts. You will, or course, need to do this very selectively and carefully.
If you are on a dedicated server, you should have no problem installing GeoIP. If you are on a shared server, you will have to convince your hosting provider that the Apache Mod GeoIP, would be a worthwhile addition. My opinions expressed on this site, in no way represent those of Boonex or Boonex employees. |
Houstonlively, Thanks for your reply. I appreciate it. I will give it a try... |
I'm talking about blocking http requests. That has nothing to do with email.
GeoIP let's you block entire countries in a .htaccess file by country code instead of having to enter every block of IP addresses from that country. My opinions expressed on this site, in no way represent those of Boonex or Boonex employees. |
Below is the legacy version of the Boonex site, maintained for Dolphin.Pro 7.x support.
The new Dolphin solution is powered by UNA Community Management System.
The new Dolphin solution is powered by UNA Community Management System.