Don't do that, or all the nut hangers are going to start making the same post.
What I still don't understand is why there would be java script code for eBay in our pages. We have never had anything to do with eBay, and the site's design code has been unchanged since it was implemented in 2005. How could it get there? Was it placed there during the hack as a means to further screw the site later on?
It was probably injected at the same time. The issue is that the site engine must be revised to check if it wasn't. Someone simply wanted to use Sega 16 resources and that phishing page is an example. They used a vulnerability somewhere in the forums or the page code in order to write those files and folders, including the javascript code. There might be several other files in there.
The best course of action is to restore everything on a private server, and then comb all the files and folders. Figure out which ones are from sega 16 and which ones are not, someone with expertise in unix would be useful.
I am sure all people can be sourced form the community, we all love the site and forums.
Last edited by Artemio; 22 May 2011 at 06:01 PM.
I don't think so. Not everything can be blamed on hackers. I might be wrong, and I apologize if that is the case, but that page was pretty much just an auction that staff saved from eBay and uploaded whole onto Sega-16. That was a bad decision made sometime in the past that has repercussions now.
Whoever hacked Sega-16 last time wrote a note saying, in effect, the site is full of holes; patch them up so I don't have to do this again. Whether that page was reported or not, the lesson to be learned here is that the site needs to be updated. If not, you will put it up on some other Web space and if another hijack takes place, you may find yourself out on the street with no access to your files and blacklisted as a risky site. It is simply irresponsible to ask anyone to host the site at this time. If that wasn't so, Sega-16 would still be "on the air" right now.
You have FTP access to your files, so you won't have to re-upload everything from your PC. If you find a designer, just give him an FTP account and let him work on everything there. No one needs to go in and write malicious code if the site is vulnerable to begin with. Check not only your database but also your content. Make sure there is no external script or even a hotlinked image that can be taken advantage of.
If you want to host something now, host only the forums and open them to the public, since that is patched and up to date. The site will have to wait until it is revised thoroughly.
You are asking a lot. Remember, TNL's server was put in the line of fire three times now in the span of a month, I had to pay handsomely to resolve the problem, and the antagonists are persistent.
My suggestion was to get a WordPress template going, make sure WordPress is kept up to date, and handle the main site that way. But even then . . . both WordPress and vBulletin need to update frequently because there are so many people trying to hack them. Who's to say that a vBulletin or WordPress exploit won't be found tomorrow and whoever it is that hates Sega-16 won't jump on it right away - before the developers even have a chance to roll out a fix?
Bookmarks