Virus warning from www.puppylinux.com/manuals.htm
Excuse me, I had no intention of hijacking this thread, just that the arrogance of some is overwhelming.
Concerning the substantive issue,
Quote from Barry
"I don't have any scripts left. Well, not exactly, WordPress is still there, I just renamed the directory to something no one will guess. Anyway, I shall reply to their reply.
Oh yeah, I've cleaned up my site, yet again."
Can't say I've ever encountered such a tolerant guy. The time to file suit would seem to have long past. Beating one's head against the proverbial doesn't help ( bit like MU with linuxcbon, who won't even disclose this affiliation!). I'd sue without further warning. Nothing to lose. Adverse publicity will help close them down in the long term.
Concerning the substantive issue,
Quote from Barry
"I don't have any scripts left. Well, not exactly, WordPress is still there, I just renamed the directory to something no one will guess. Anyway, I shall reply to their reply.
Oh yeah, I've cleaned up my site, yet again."
Can't say I've ever encountered such a tolerant guy. The time to file suit would seem to have long past. Beating one's head against the proverbial doesn't help ( bit like MU with linuxcbon, who won't even disclose this affiliation!). I'd sue without further warning. Nothing to lose. Adverse publicity will help close them down in the long term.
well ,here is the latest I will update this same postjamesbond wrote: Sample below:
with a time stamp
************************************************************
Last-Modified: Mon, 10 Mar 2008 12:53:00 GMT
Etag: "6ab0130-326b-af092300"
Content-Length: 12907
************************************************************
still clean from Mon, 10 Mar 2008 12:53:00 GMT
until -----> Wed, 12 Mar 2008 14:50:12 GMT
I know many others are monitoring also
big_bass
Last edited by big_bass on Wed 12 Mar 2008, 15:09, edited 6 times in total.
whilst we're sticking the boot in, I just received this email
Oooohhh I feel all inclined to give them some more money. So I can use ssl to ensure that all traffic to the site is encrypted. I wonder how safe the data is once it gets there?Dear Will,
SSL Certificates from only GBP 14.95
Before and After Upgrade
In addition to our focus on your account security, you can actually protect you and your visitors data even further by using a SSL certificate. This enables very strong and absolute protection from any third party gaining access to the sent data during transmission.
The use of secure communication between your website and its visitors is strongly recommended. Therefore we have reduced our prices for SSL certificates by amazingly 50% in order to enable as many people as possible to stay safe!
» Order your SSL certificate from only GBP 14.95
Why should you use SSL?
Before and After Upgrade
Did you know that any data without the use of SSL is sent in plain text? That means any personal data, credit card numbers, passwords etc. are sent to your site (for instance if you use a login form, webshop etc. on your hosting account) can be viewed (and abused) by anyone gaining access to your data transmission!
The best case scenario is your visitor submitting his confidential data via a secure line to your site using an SSL certificate. No one can read the data.
Thank you...
...very much for being with Servage Hosting. We are proud to host your site!
Best Regards,
Jakob, Servage Hosting
Will
contribute: [url=http://www.puppylinux.org]community website[/url], [url=http://tinyurl.com/6c3nm6]screenshots[/url], [url=http://tinyurl.com/6j2gbz]puplets[/url], [url=http://tinyurl.com/57gykn]wiki[/url], [url=http://tinyurl.com/5dgr83]rss[/url]
contribute: [url=http://www.puppylinux.org]community website[/url], [url=http://tinyurl.com/6c3nm6]screenshots[/url], [url=http://tinyurl.com/6j2gbz]puplets[/url], [url=http://tinyurl.com/57gykn]wiki[/url], [url=http://tinyurl.com/5dgr83]rss[/url]
- prehistoric
- Posts: 1744
- Joined: Tue 23 Oct 2007, 17:34
'bot hypothesis
@HairyWill,
Already explained. Servage is staffed with 'bots. Time to reject the null hypothesis?
Already explained. Servage is staffed with 'bots. Time to reject the null hypothesis?
-
- Posts: 141
- Joined: Sun 27 May 2007, 17:31
- Location: Bucharest, Romania
Time to drop Servage, definitely. Check this out:
http://www.hammersound.net/
Just found this when i was looking for some soundfonts for use with Fluidsynth. Site was hacked and the hacker left a message, saying "Servage - where security is no security."
Any of this could happen to us too.
http://www.hammersound.net/
Just found this when i was looking for some soundfonts for use with Fluidsynth. Site was hacked and the hacker left a message, saying "Servage - where security is no security."
Any of this could happen to us too.
[b]Toshi Portege 4010[/b] | PIII Tualatin 933MHz | 512MB RAM | Cyberblade 16MB | 30GB | WiFi, IrDA | ~5 hrs runtime | WinMe :( |
[img]http://img230.imageshack.us/img230/8125/userbar654682fy5.gif[/img]
[img]http://img230.imageshack.us/img230/8125/userbar654682fy5.gif[/img]
I wonder whether the black hats have been on the forums and hence are aware of the counter mesures in place. I know that servage is a bad host and am not denying that.
I need help with my forum. [b][u]LINK:[/u][/b][url]http://www.programers.co.nr/[/url]
[url]http://www.freewebs.com/programm/iframe.html[/url] is my gateway page...
[url]http://www.freewebs.com/programm/iframe.html[/url] is my gateway page...
Don't wonder. Presume yes. Fortify accordingly. Compute wisely.bobwrit wrote:I wonder whether the black hats have been on the forums and hence are aware of the counter mesures in place.
[size=84][i]hangout:[/i] ##b0rked on irc.freenode.net
[i]diversion:[/i] [url]http://alienjeff.net[/url] - visit The Fringe
[i]quote:[/i] "The foundation of authority is based upon the consent of the people." - Thomas Hooker[/size]
[i]diversion:[/i] [url]http://alienjeff.net[/url] - visit The Fringe
[i]quote:[/i] "The foundation of authority is based upon the consent of the people." - Thomas Hooker[/size]
- BarryK
- Puppy Master
- Posts: 9392
- Joined: Mon 09 May 2005, 09:23
- Location: Perth, Western Australia
- Contact:
After arguing with Servage, I cleaned up my site, made sure all scripts were gone, checked dir/file permissions, changed passwords, then waited. Servage indicated they were trying to fix it, myself and guys in this thread were monitoring my site. Then on 9th March, just one file got hacked, puppylinux.com/index.html. I got the feeling that the hacker just wanted to show that he/she could still do it, but was cautious in just hacking one file.
I cleaned it immediately, but I renamed the hacked file to index.htlHACKED-9MAR08, just in case Servage admin wanted to see it.
Well, guess what, today that same index.html has been hacked, and the index.htmlHACKED-9MAR08 has been removed. Just the one file again, the hacker is showing that he can delete any file on my site.
Someone is toying with me.
Today I received an email from someone who came across my news page and was relieved as he has also been plagued with his site (hosted by Servage) being hacked, and being told by Servage customer support that no one else has that problem.
It is interesting that puppylinux.org, which is hosted on another Servage account, appears to be uncompromised. Perhaps it is just a particular "cluster" that is compromised. I'm on Sevage's cluster 39.
I've paid for one year with Servage, just used 3 months of that. They only have a 5 day money back guarantee, and from stories I've read even that is hard to get.
I have decided that even if Servage fix my security problem, I'm leaving, simply on principle. Their customer support tell outright lies.
Also a comment about my experiences with their technical support: they don't seem to have the ability nor the authority to actually fix anything. They just have a set of standard replies to send, and that's it. Probably the penalty paid from out-sourcing the customer support (I read somewhere that's what Servage has done). I need customer support where you talk to an actual admin guy.
Thanks to recent donations from Ian and pakt (Ian in particular, a quiet guy who doesn't say much on this forum, but he is very keen on Puppy and supports me by sending a cheque every now and then), I can afford to signup with another host. I've had some recommendations, I'll have a bit of a look around tonight.
I cleaned it immediately, but I renamed the hacked file to index.htlHACKED-9MAR08, just in case Servage admin wanted to see it.
Well, guess what, today that same index.html has been hacked, and the index.htmlHACKED-9MAR08 has been removed. Just the one file again, the hacker is showing that he can delete any file on my site.
Someone is toying with me.
Today I received an email from someone who came across my news page and was relieved as he has also been plagued with his site (hosted by Servage) being hacked, and being told by Servage customer support that no one else has that problem.
It is interesting that puppylinux.org, which is hosted on another Servage account, appears to be uncompromised. Perhaps it is just a particular "cluster" that is compromised. I'm on Sevage's cluster 39.
I've paid for one year with Servage, just used 3 months of that. They only have a 5 day money back guarantee, and from stories I've read even that is hard to get.
I have decided that even if Servage fix my security problem, I'm leaving, simply on principle. Their customer support tell outright lies.
Also a comment about my experiences with their technical support: they don't seem to have the ability nor the authority to actually fix anything. They just have a set of standard replies to send, and that's it. Probably the penalty paid from out-sourcing the customer support (I read somewhere that's what Servage has done). I need customer support where you talk to an actual admin guy.
Thanks to recent donations from Ian and pakt (Ian in particular, a quiet guy who doesn't say much on this forum, but he is very keen on Puppy and supports me by sending a cheque every now and then), I can afford to signup with another host. I've had some recommendations, I'll have a bit of a look around tonight.
[url]https://bkhome.org/news/[/url]
- prehistoric
- Posts: 1744
- Joined: Tue 23 Oct 2007, 17:34
who is safe?
While Barry's experience with Servage furnishes grounds for dismissing these attacks as the result of sheer incompetence there is evidence of similar attacks against a harder target. http://www.theregister.co.uk/2008/03/13 ... _infected/
To quote an understatement of the late mathematician, Paul Erdos, "This is not a trivial problem."
prehistoric
To quote an understatement of the late mathematician, Paul Erdos, "This is not a trivial problem."
prehistoric
Small Claims Courts cost peanuts and in the unlikely event you lose, there are no costs against you. If you have sworn (notorised) statements from experts in support, the 'little man' invariably wins on 'balance of probability'. Winning is not so much a warm feeling for the individual but helps those that come after and helps to close down the business of bad companies by the adverse publicity. In the UK, you can file online - it's easy. I have been successful against such diverse companies as Ebuyer, Indesit and Parcel Force. In the latter case, it got as far as the bailiffs arriving to remove the CEO's computer - I let him off for a cash alternative. These bullying traders need to be taught a lesson - it's the only way their behaviour can be moderated. These days, when buying goods and asked if I would like an extended warranty (for a vast extra premium). I always decline and tell the salesman "No thank you, I always sue if there's a problem" and insist on him giving me the address of the registered office, to make sure the message gets home.
Bad News!
I wasn't going to post on this forum any longer because of the lack of securties set by the admin but With fireswalls up!
Here is the log I just got from firestarter when I went to Barry's blog
Time: Mar 16 22:54:49 Source: 77-232-84-168.static.servage.net Destination: mke-216-54-***.***.******.com In IF: ppp0 Out IF: Port: 2600 Length: 44 ToS: 0x00 Protocol: TCP Service: Zebrasrv
Bye! and clearing system again!!!!!
I wasn't going to post on this forum any longer because of the lack of securties set by the admin but With fireswalls up!
Here is the log I just got from firestarter when I went to Barry's blog
Time: Mar 16 22:54:49 Source: 77-232-84-168.static.servage.net Destination: mke-216-54-***.***.******.com In IF: ppp0 Out IF: Port: 2600 Length: 44 ToS: 0x00 Protocol: TCP Service: Zebrasrv
Bye! and clearing system again!!!!!
Just came across this:
Maybe Puppy isn't the only one being messed with?Posted by: vec7 on 03/10/2008 09:18 PM
Friends, this is the beginning of the new VectorLinux website. This site will be under construction for awhile to rebuild our content. We are pretty much starting from scratch since our database was severely compromised by a hacking group a few days ago. So bear with us content will be added on an ongoing basis.
cheers,
Vec
- BarryK
- Puppy Master
- Posts: 9392
- Joined: Mon 09 May 2005, 09:23
- Location: Perth, Western Australia
- Contact:
I've been looking at this site:
http://www.webhostingjury.com/
It is customer reviews of web hosts.
I am of course looking at where to move puppylinux.com. One thing, they must accept PayPal, which rules out Netfirms. The reason for PayPal is that it gives you more control, and they can't do an automatic renew. I was with Netfirms and they required that I telephone them in the US to cancel the account -- not at all satisfactory.
Hostgator looks interesting:
http://www.hostgator.com/
...they include SSH, I missed that with Servage.
Godaddy was recommended to me by one person, but the customer reviews are awful.
So, what do you reckon, does Hostgator look good? I want this for my own sites. I have puppylinux.com, goosee.com, plus a couple other small private domains.
For puppylinux.org and some other Puppy domains, there is a separate effort going on to find a better home than Servage.
I think having two separate homes is a good thing. Of course this forum is hosted at yet another place ( -- does John mind if the host is known?)
We need to avoid "all the eggs in one basket".
http://www.webhostingjury.com/
It is customer reviews of web hosts.
I am of course looking at where to move puppylinux.com. One thing, they must accept PayPal, which rules out Netfirms. The reason for PayPal is that it gives you more control, and they can't do an automatic renew. I was with Netfirms and they required that I telephone them in the US to cancel the account -- not at all satisfactory.
Hostgator looks interesting:
http://www.hostgator.com/
...they include SSH, I missed that with Servage.
Godaddy was recommended to me by one person, but the customer reviews are awful.
So, what do you reckon, does Hostgator look good? I want this for my own sites. I have puppylinux.com, goosee.com, plus a couple other small private domains.
For puppylinux.org and some other Puppy domains, there is a separate effort going on to find a better home than Servage.
I think having two separate homes is a good thing. Of course this forum is hosted at yet another place ( -- does John mind if the host is known?)
We need to avoid "all the eggs in one basket".
[url]https://bkhome.org/news/[/url]
Hi Barry,
I looked at http://drupal.org/.
There is lots of recommended hosts on the forum there.
May be of use to you.
I didn't need any phone calls about PayPal here....but I'm on .ca not Netfirms.com...maybe a difference..dunno.
Best,
Eric
I looked at http://drupal.org/.
There is lots of recommended hosts on the forum there.
May be of use to you.
I didn't need any phone calls about PayPal here....but I'm on .ca not Netfirms.com...maybe a difference..dunno.
Best,
Eric
[color=darkred][i]Be not afraid to grow slowly, only be afraid of standing still.[/i]
Chinese Proverb[/color]
Chinese Proverb[/color]
- prehistoric
- Posts: 1744
- Joined: Tue 23 Oct 2007, 17:34
puppylinux.org
Don't assume puppylinux.org is safe. See this thread. http://www.murga-linux.com/puppy/viewtopic.php?t=27374
Yes, oblivious, you could say others are being messed with, hardly a secret. Here's a report on media reaction to one current wave of attacks. Danchev on PR storm
Even if exploits do not apply to us, a redirect through a search engine can bring others to an infected page. Puppy's page rank makes it a reasonable target for rank manipulation on search engines.
Yes, oblivious, you could say others are being messed with, hardly a secret. Here's a report on media reaction to one current wave of attacks. Danchev on PR storm
Even if exploits do not apply to us, a redirect through a search engine can bring others to an infected page. Puppy's page rank makes it a reasonable target for rank manipulation on search engines.