[SGVLUG] sgvlug.org site hacked

Emerson, Tom (*IC) Tom.Emerson at wbconsultant.com
Tue Nov 10 16:40:45 PST 2009


Thanks for the heads up Rae - we've put back the original SGVLUG template (thanks Mike!) and marked it "unwritable" [perhaps how it was able to be changed in the first place...]

I agree with Dan that some sort of reload (or at least a review) is in order, but I also know that I don't have time to do it (and I'm guessing Mike's not thrilled with the prospect either...)

As for attachments, I think that the list manager strips them anyway, but I see your point: since both the list and the website are on the same physical hardware, both may be compromised (not sure if the "crack" was due to a known joomla exploit or a general linux/security exploit)

I'm also curious as to what raised our site high enough on their "radar" to warrant taking a pot-shot at us..

> -----Original Message-----
> From: Rae Yip [mailto:rae.yip at gmail.com]
> Sent: Tuesday, November 10, 2009 3:28 PM
> To: SGVLUG Discussion List.; mathew_2000 at yahoo.com; Emerson, Tom (*IC)
> Subject: sgvlug.org site hacked
>
>
> Hey folks,
>
> Don't know if this email will even make it through, but it
> looks like the SGVLUG website has been hacked. Be wary of any
> attachments you get from this mailing list, and take special
> care when visiting the site.
>
> Looks like we may need to have a presentation on Linux
> security again...
>
> -Rae.
>


More information about the SGVLUG mailing list