Comments on: (Final Update) The hackers strike again but MindaNews online again http://istambay.wordpress.com/2007/07/21/the-hacking-is-there-again/ Walter I. Balane's Notes on Life and Living in Mindanao Thu, 28 Aug 2008 19:45:24 +0000 http://wordpress.org/?v=MU hourly 1 By: Eko http://istambay.wordpress.com/2007/07/21/the-hacking-is-there-again/#comment-32765 Eko Thu, 22 May 2008 13:59:41 +0000 http://istambay.wordpress.com/2007/07/21/the-hacking-is-there-again/#comment-32765 Spyd3r - no way it was the plugins. And RFI hacking is already outdated. Spyd3r - no way it was the plugins. And RFI hacking is already outdated.

]]> By: SpYd3R http://istambay.wordpress.com/2007/07/21/the-hacking-is-there-again/#comment-30547 SpYd3R Wed, 19 Dec 2007 06:38:09 +0000 http://istambay.wordpress.com/2007/07/21/the-hacking-is-there-again/#comment-30547 I believe it was the plugins that causes the site to be hacked I would suggest to double check the compatibility issues and to see whether the plugins installed on joomla powered site is updated and bugs are already fix before applying it to your site. Have you heard about RFI hacking tricks? (Remote File Inclusion) hacking method???? Well, you should know about it guys... rampant nowadays. I believe it was the plugins that causes the site to be hacked I would suggest to double check the compatibility issues and to see whether the plugins installed on joomla powered site is updated and bugs are already fix before applying it to your site. Have you heard about RFI hacking tricks? (Remote File Inclusion) hacking method???? Well, you should know about it guys… rampant nowadays.

]]> By: drw http://istambay.wordpress.com/2007/07/21/the-hacking-is-there-again/#comment-18106 drw Mon, 23 Jul 2007 08:02:57 +0000 http://istambay.wordpress.com/2007/07/21/the-hacking-is-there-again/#comment-18106 hackers can gain access through site by using joomla plugins installed in your site. so just be sure that you uninstall plugins that are unsecure or update those plugins you have if you can find any exploit in it. and ftp are somewhat dangerous so make your ftp access more secure. like blocking access to ftp after how many times of incorrect password entered, then return access after how many minutes or an hour. hackers can gain access through site by using joomla plugins installed in your site. so just be sure that you uninstall plugins that are unsecure or update those plugins you have if you can find any exploit in it. and ftp are somewhat dangerous so make your ftp access more secure. like blocking access to ftp after how many times of incorrect password entered, then return access after how many minutes or an hour.

]]> By: tolitz http://istambay.wordpress.com/2007/07/21/the-hacking-is-there-again/#comment-18003 tolitz Sun, 22 Jul 2007 08:48:35 +0000 http://istambay.wordpress.com/2007/07/21/the-hacking-is-there-again/#comment-18003 thx for the info bro... thx for the info bro…

]]> By: mindanaw http://istambay.wordpress.com/2007/07/21/the-hacking-is-there-again/#comment-17955 mindanaw Sun, 22 Jul 2007 00:39:05 +0000 http://istambay.wordpress.com/2007/07/21/the-hacking-is-there-again/#comment-17955 Thanks Jun, I'll forward this comment from yours. You could surmise from my post I don't really know the technical side of the hack, hehe. But yes I heard one of our KL-based consultants on Joomla telling us about that. Big tango! Thanks Jun,
I’ll forward this comment from yours. You could surmise from my post I don’t really know the technical side of the hack, hehe. But yes I heard one of our KL-based consultants on Joomla telling us about that.
Big tango!

]]> By: Jun Macarambon http://istambay.wordpress.com/2007/07/21/the-hacking-is-there-again/#comment-17952 Jun Macarambon Sun, 22 Jul 2007 00:13:18 +0000 http://istambay.wordpress.com/2007/07/21/the-hacking-is-there-again/#comment-17952 its not a target nor specific hack on mindanews. its more of a random hack. this kind of hackers scan the internet looking for specific vulnerable of joomla. from what i see... mindanews.com joomla file -> configuration.php was carelessly has a 777 file permission nor in laymans term... configuration.php writeable even by the public. joomla current version 1.0.12 is stable and this hack was due to carelessly setting configuration.php writable. i believe the database is intack. nangyari sa akin din to....when im so lazy after configuring joomla powered sites i forgot a 777 permision mode of configuration.php to change it to 644 mode. just restore the old configuration.php ... hope you still remember the db name, db user, db password ... this is the fast fix. its not a target nor specific hack on mindanews. its more of a random hack. this kind of hackers scan the internet looking for specific vulnerable of joomla. from what i see… mindanews.com joomla file -> configuration.php was carelessly has a 777 file permission nor in laymans term… configuration.php writeable even by the public. joomla current version 1.0.12 is stable and this hack was due to carelessly setting configuration.php writable. i believe the database is intack.

nangyari sa akin din to….when im so lazy after configuring joomla powered sites i forgot a 777 permision mode of configuration.php to change it to 644 mode.

just restore the old configuration.php … hope you still remember the db name, db user, db password … this is the fast fix.

]]>