HAXORED!!!

When I went to www.sahoops.net, I noticed that big ugly skull thing. I wonder why he hasn't hacked the boards as well. Anyhow, just a heads up in case some people haven't noticed it yet.<br>
<br>
-Steve <p></p><i></i>

Thanks steve - Drew has redirected everything to the board for now. <p></p><i></i>

What's the news? <p></p><i></i>

We are still working on getting everything back up - drew has been really busy...... <p></p><i></i>

Any insight into how the Web server was h4x0r3rd? Do you have logs? It could be valuable for future countermeasures. <p></p><i></i>

You would have to ask Drew. I'm not sure he even knows. Maybe you could help us in these matters...... <p></p><i></i>

First thing I would do is look at the Web server logs for any clues to what was going on prior to discovery of the Web site hack. I would look for suspicious port probes, GET requests which try to access the Web server's local filesystem. I would check to see if any unnecessary and vulnerable scripts are accessible through the Web server. I would check known Web server vulnerabilities to see if it had been sufficiently patched, whether the server was Apache, IIS, or whatever. I would browse through BugTraq and NTBugTraq mailing lists to look for similar activity noticed/discussed by subscribers. I would look up identifiers for the cr4x0r to see how many other Web servers they vandalized and how they did it. A lot of times, they like to brag about it amongst their evil peers. I would check with the Web server ISP to see if they have any info from their router logs. I hope some of these suggestions help! <p></p><i></i>