540air's moblog

by 540air

user profile | dashboard | imagewall

« older newer »

The Times Cities fit for cycling
Support moblog. Voice your opinion in the forum!!"

seaneeboy says:
"To Gloucester. I enclose a sponge. Love, Joe"


My status


MoblogUK on FlickR
href='http://www.werenotafraid.com' title='We're Not Afraid' >We

Follow me on Strava

Creative Commons Attribution License

Search this moblog


Recent visitors

Little gobsh*te

(viewed 1556 times)
Bookmark and Share
I really hope I never happen across the lovely little f*cktard who did this, I may not be able to refrain myself from doing something illegal.
23rd Jan 2008, 11:22   | tags:,,,

seaneeboy says:

Blimey! Cheeky little git.

23rd Jan 2008, 11:34

mat says:

meh. If he, like he claims, didn't wipe or copy your stuff, then I'd be happy enough. At least you know your webserver is insecure now, and finding that out without losing anything is basically good news.

23rd Jan 2008, 11:37

Alfie says:

What Mat said - in your face yeah, but certainly helpful.

23rd Jan 2008, 11:49

mat says:

grey hat, at least. most likely just some script kiddie who's hit a whole load of vulnerable sites in one go, using someone else's 'sploit.

23rd Jan 2008, 12:31

mat says:

a windows server?

well. that changes things.

Paul, suggest you find your IT guy, the one who thinks Microsoft can make a webserver secure enough to expose to the internet, and kick him or her in the Soft Parts, several times. After all, if you didn't lock your door, you wouldn't be surprised if you got burgled.

23rd Jan 2008, 12:40

540air says:

Cheers for all the info guys. I got straight on the phone to the company that host our site. They apologised profusely and said it would be taken care of immediately, which it now has been.

At the risk of sounding like a total div, how do I find out what server it's running on, and more importantly, is it just a question of saying to them "I don't want it on a windows server", or is there more to it than that?

23rd Jan 2008, 13:44

mat says:

Nope, that should do. Just asking for linux hosting, that should be all you need. You're not using ASP or .NET or anything like that, are you? Just static html?

One of the easiest ways to find out what server it's running is to hit a page that doesn't exist and look at the 404 error page. The default IIS (Microsoft web server) and Apache (most common linux web server) error pages are different.

Here's an IIS 404, and here's an apache one

Obviously, other webservers have other 404s, and it's not uncommon to have a styled 404 page, so it's not the most reliable method, but it is the easiest, when it works.

I won't get into OS/Server-detection using TCP stack fingerprints and NMAP stealth scanning. :)

23rd Jan 2008, 13:49

er, arse.

23rd Jan 2008, 13:50

540air says:

Thanks mat, I really appreciate the help :)

To the best of my knowledge it's just static html, but I'm going to give them a call now and try to get it sorted.

23rd Jan 2008, 14:11

that is quite funny. nice of him to let you know but I'm sure there are nicer ways of letting you know. maybe deserving of a swift backhand, but nothing more.

23rd Jan 2008, 18:04

540air says:

On the scroll down there was even a link to his blog, bless him. Still feel he deserves some kind of a slap, as it was one of my customers who pointed it out to me. But maybe if it helps secure the site better, he will somehow have done me a service I guess.

23rd Jan 2008, 21:43

Add a comment


(P) what's this?

Track updates to this post with rssthis rss feed