We are back, but expect it to be up and down all day today as I fool around with things and move stuff to the new server…
Arg, I keep forgetting the whole time thing…
hahaha. lack of sleep mig?
problems at this end: (using firefox for mac)
Unable to upload picture in gallery
Blue look is not the same (missing stuff, I’ll send you a screenshot if you want)
It asked me to log in when I clicked on the preview button after a post. Couldn’t preview.
Yeah, I know, some stuff missing, restoring as I see it…
I’m going to upgrade the gallery soon. So it won’t work until then.
Do you know what happened to the server this time ? Hardware Fail?
This feels like after a major snowstorm when things slowly get back to normal except MiG is the only one shoveling and we’re watching.
Ok, trying to determine that.
My feeling is that one of the gallery installations on the servers was compromised. There’s been a few security update and patches I haven’t applied yet.
But the first site defaced was actually a blogger site, so it could have been that person giving their username/password out or something like that.
Anyway, no data loss, just your standard “tagging” defacement. So I took the opportunity to install the new server and upgrade the RAM, replace the hard drive, etc. This way I can be sure there’s no rootkit or anything like that installed, and we get a new server. I’ll copy over the hosted sites here one at a time, just to make sure everything works properly.
I won’t be hosting sites for people anymore, though.
Sorry i didn’t get my cup of coffee yet… What is a root kit exactly again ?
If a cracker can “get root” on a system, they will usually install a “root kit” – a program or set of programs that will allow them easy access in the future.
I’m not convinced they actually “got root” here, but just in case, it’s a totally new system.
Oh. Ok. : O ) No new Honey Pot’s : O )
Seems like the driveway is clean here. Everything looks the same.
I sure hope it wasnt my blog
Did you give anybody the username/password? Or install anything weird?
No one would want to mess with my boring blog. And no, I did not give anyone anything. I am still able to access my junk via Blogger and it is all in tact with nothing modified.
Plus I am not friends with anyone smart enough to maliciously attack a server
Good stuff, I’m pretty sure it was a gallery thing that did it…
PM me, and I’ll show you how to get your blog hosted.
Glad to see you back HTMF. MiG is it possible to use chroot when running MySQL? I know that chroot isn’t perfect (breaks applications) but it adds another level of security. I know when I had coppermine running on my webserver I disabled chroot as I wasn’t sure how to set it up to work correctly.
It’s actually just easier to keep up on patches
I patched the work systems right away, just never got around to all the sites I host here for free.
It didn’t actually take long to recover, the downtime was mainly due to taking so long to download a new OS, then install it on the new server.
But yeah, chroot is great, but there’s nothing on this server at all except web stuff, so if it’s compromised, no biggie, just erase it…