[vox-tech] my site was hacked

Jeff Newmiller jdnewmil at dcn.davis.ca.us
Mon Jan 25 19:32:47 PST 2010 

Not sure this is really a "technical" question... but I'll bite:

Hai Yi wrote:
> a couple days ago one of my friends got hacked into her photo website,
> ironically it turned out my business website was hacked too - I found
> out yesterday.
> 
> The website hasn't been restored yet, even I wrote an urgent email to
> the support of my ISP, lunarpages.com, no response after 24 hours
> except for an automatic email. This host used to be a good one,
> responding to the requests in time and to the point; however it's
> becoming a disappointment in recent years, I think it's time for me to
> move my business else where.
> 
> Anyway, I hope someone here can help me with a few questions: does the
> ISP bear responsibility for such a security breach?

Depends how access was gained.  Figuring that out can be difficult if
the intruder is competent, but the sysadmin is more likely to be able
to do this than you are, and they may not feel like sharing if it was
their fault.

> My site has yet to
> see much business flow, but suppose there is a successful site being
> hacked and the restoration is delayed, who is to blame for the loss?

Refer to the contract language for your use of their hosting services.
Keep in mind that if the security breach was through your password,
you are almost certainly responsible.  It is unlikely that the ISP
will accept responsibility for any financial loss, even if they admit
fault for the breach.

> My homepage is replaced by the hacker's page of some crap, is that the
> best he can do?

Insufficient data.

> what kind of attack it is?

Insufficient data.

> are they able to access my data?

Insufficient data, but most likely yes.

> I checked that my files are still there, but not sure if the
> hacker has made a copy.

I would assume so, unless you can confirm that a more limiting mode
of access than shell access was employed.

-- 
---------------------------------------------------------------------------
Jeff Newmiller                        The     .....       .....  Go Live...
DCN:<jdnewmil at dcn.davis.ca.us>        Basics: ##.#.       ##.#.  Live Go...
                                       Live:   OO#.. Dead: OO#..  Playing
Research Engineer (Solar/Batteries            O.O#.       #.O#.  with
/Software/Embedded Controllers)               .OO#.       .OO#.  rocks...1k
---------------------------------------------------------------------------

More information about the vox-tech mailing list