site  contact  subhomenews

puppylinux.org hacked into

November 09, 2009 — BarryK
For your information. I don't know if it can compromise your own system by visiting it, best to stay away.

I have received a few emails about it, but note that I don't have anything to do with maintaining puppylinux.org.

There's a forum thread discussing this:

http://murga-linux.com/puppy/viewtopic.php?t=48695

Comments

Looking for New DNS


New DNSs
Username: BarryK
"Raffy, Ok, done. I sent you a pm also. To everyone, give it 12 hours or so, to ripple through the Internet, and puppylinux.org should be right again. But, I don't know what Raffy's plans are regarding uploading stuff to the new site. Apparently one of the PHP scripts has a security flaw, so that would need to be fixed so that it doesn't happen again.

Factors
Username: Raffy
"Site is up again, Barry, thanks. With Drupal already retired, there will be less scripts so it should be easier to spot problems. There was also a coincidence: Hostgator announced a reboot of the site (a kernel update) in the evening of Nov 4 (morning of Nov 5 in Perth/Manila). Soon after, index.php became inaccessible and the problem progressed to an uncontrolled security situation. Wikka wiki is taking time to be restored because of its large database.

Site hacked again!
Username: 8-bit
"As of the time of posting this message, puppylinux.org has bee hacked again. It is showing a full page of under age girls in various states of undress. If this cannot be fixed, I think the site should be locked or blanked till it is. There are legal implications to look at here.

Hostgator access
Username: BarryK
"Raffy, You can still access the old Puppy site at hostgator, if the account is still active. Hostgator provides an alternative URL. There are two ways. My hostgator account has a fixed IP address. There is also a URL using hostgator.com that will point at the puppylinux.org site. So it is possible to clean it out then reupload then view the result. Recommendation: wipe everything, then change the password again.

omnis.com
Username: BarryK
"Hey, here's another host that uses load-balanced servers, very cheap: http://www.omnis.com/ ...I don't have any personal experience of their hosting service, this is just posted in case it is of interest to anyone.


Tags: puppy