Tigersoap said:
Ah sorry to hear that.
I suppose it was easy to fix the problem ?
Yes, it was only a defacement. So basically I removed the bogus index.* and default.* files that were placed on the webserver.
John Chang said:
Wow. Usually hackers like that don't bother unless they're being paid by someone or if it's a highly visible site or you piss them off. But pissing them off is hard to do, if you don't move in their circles.
I really don't know what the reason is. I've only had this particular domain name for a short while and just recently moved to a new server since the old one was flaky and the ISP had no idea how to fix it.
After looking into it some more it does seem to be a sport for some hackers to deface websites.
This following link lists the work of the (supposed) hacker who did this:
http://www.zone-h.org/component/option,com_attacks/Itemid,43/filter,1/filter_defacer,Ejder/page,1
What http server were you running? Apache? IIS? If you were running Microsoft, you were being naughty.
I was being very naughty (W2003/IIS).
This is what my ISP had to say:
my ISP said:
These kinds of attacks are usually preplanned and come under the disguise of 'Turkish Hacker'
(such and such) however that part is hardly ever true. After examining log files (since we've
had two similar incidents in the past) we can determine the exact identity of the party
involved. Twice in the past it has been our competitors attempting to stain our brand name,
which they will obviously not succeed at with such childish scripted attacks. In this case
since the pattern is the same as last time we're assuming it's the same case however we will
检查后100%确定我们的日志文件。