| Author |
Message |
darksied
Hangin' Around
Joined: Jan 27, 2004
Posts: 25
Location: New Jersey
|
 Posted:
Tue Feb 22, 2005 2:05 pm |
|
does anyone know who these people are first let me say i have nuke 7.6 patched 2.8 with sentinel 2.1.2 & auth turned on the config file is moved to another folder the permisions on files and folders are right. i do have coppermine installed and i did forget to delete the upload.php file is that how they changed my index.php. upload.php is now deleted i am the only one that can add images to coppermine via ftp. they also did not add them selves to the authors table i have my raw logs but i dont know what to look for can anyone help me in this dept.
I did have 3 new sign ups sentinel says the were from, israel, UK two of them were trying to access the webmail module which 7.6 does not have i have banned them via sentinel. i am using the logic that the only reason you would want to access the webmail module after registering would be to send spam.
I have replaced the index.php with a back up and all is well for now any ideas |
| |
|
  
|
|
chatserv
Member Emeritus
Joined: May 02, 2003
Posts: 1389
Location: Puerto Rico
|
| Posted:
Tue Feb 22, 2005 2:13 pm |
|
This was most likely caused by non-core Nuke add-ons like the one you mention and my_eGallery, double check the ones you have. |
| |
|
|
|
|
darksied
|
| Posted:
Tue Feb 22, 2005 3:24 pm |
|
would deleting the upload.php file be enough to stop this from happening again and if i am looking through my logs what should i be looking for.
i loaded the logs in bbedit and did a search for upload.php and found nothing |
| |
|
|
|
|
chatserv
|
| Posted:
Tue Feb 22, 2005 3:50 pm |
|
Coppermine had issues even with theme files, i'd lose it entirely. |
| |
|
|
|
|
manunkind
Client
Joined: Apr 26, 2004
Posts: 368
Location: Albuquerque, NM
|
| Posted:
Sat Feb 26, 2005 11:12 am |
|
Chat, in your own opinion, which picture gallery is the most secure? |
| |
|
|
|
|
dirtydoggt
New Member
Joined: Sep 06, 2003
Posts: 1
|
| Posted:
Sun Feb 27, 2005 9:17 pm |
|
Well today I come home to find out that my business website had been hacked and only said el33t Ownz . I just don't get these people that do this. Same type of low-lifes that stole everything out of my car or spraypaint somebody's wall. Seems to be a constant battle to keep these punks out. Makes me want to shy away from nuke completely. I'm running the newest version of Nuke-Platinum. I also am running the coppermine gallery. |
| |
|
|
|
|
chatserv
|
| Posted:
Sun Feb 27, 2005 11:28 pm |
|
Nothing is 100% secure, if it can be accessed through the net it can be attacked in one way or the other, the "|337" kids will find a way, but in my opinion the most secure and/or stable gallery out there is Menalto's gallery.
http://gallery.menalto.com |
| |
|
|
|
|
darksied
|
| Posted:
Mon Feb 28, 2005 12:39 am |
|
would it be better if you really want to just run coppermine 1.3.2 the standalone version in a subdomain with a separate sql database. |
| |
|
|
|
|
|
|
![[Valid RSS]](https://www.ravenphpscripts.com/images/valid-rss.png "Validate my RSS feed"){kind=small}
