Facebook   Twitter    YouTube    RSS Feed    Android App    iPhone and iPad App     BlackBerry App    
Subscribe to Newsletter



Page 1 of 3 1 23 LastLast
Results 1 to 15 of 42

Thread: Mail & Guardian Online website offline after hacker attack

  1. #1

    Default Mail & Guardian Online website offline after hacker attack

    Mail & Guardian Online website offline after hacker attack

    The M&G Online website is now offline in the wake of an attack by Russian hackers

  2. #2

  3. #3

    Default

    I sympathize with the MG Online. Certainly not pleasant to face these attacks, and wastes so much time to fight it. Not much different from normal crime people face in South Africa

  4. #4

    Default

    I hope they die of vodka poisoning :P

  5. #5
    Senior Member
    Join Date
    Jun 2005
    Location
    Muizenberg, Cape Town
    Posts
    146

    Unhappy

    They gained *root* access? Ouch, that doesn't sound like a very secure setup.

  6. #6

    Default

    i noticed alot of people were trying to hack my server via ssh. almost three times a day, ip addresses of the attackers were from china and some east european countries. but i block ssh now and since then no troubles.
    If i was president thier shall be be free unlimited wifi for everyone

  7. #7

    Default

    Quote Originally Posted by superfly View Post
    They gained *root* access? Ouch, that doesn't sound like a very secure setup.
    There is always a way. People will always find an exploit etc. Sometimes it could take months.

  8. #8
    Senior Member
    Join Date
    Dec 2010
    Location
    The Internet
    Posts
    210

    Default

    I do not think mg.co.za was targeted by the hackers.

    MG is hosted in the US on UltraDNS.net.

    About 2 years ago UltraDNS became the target of a large number of Ddos attacks. Other services, such as Amazon.com and many more were brought down by the Ddos attacks on UltraDNS.

    I just think that MG was in their way and the hackers chose their IP and attacked the server.

  9. #9
    SmoothOokerMaximus The_Librarian's Avatar
    Join Date
    Apr 2005
    Location
    Amon Sl
    Posts
    87,301
    Blog Entries
    19

    Default

    BlockSSHD

    to stop pesky SSH brute-force login attacks.
    Christ-mass is NOT for Christians. Jeremiah 10.
    Is the 10 Commandments for Christians?

    Saturday is the Seventh day, Sunday is the first day.

  10. #10

    Default

    Geez, only two good things about Russia, their Brides and Vodka.

  11. #11

    Default

    denyhosts is also an awesome app

    denyhosts.sourceforge.net/


    I noticed last week when I tried to access MG that I got java poping up trying to install something and then microsoft security essentials went crazy trying to to block it.
    You are an idiot, if you fail to hear the OBVIOUS difference between Third Eye Blind and Blessid Union of Souls you do not deserve to live.

  12. #12

    Default

    Quote Originally Posted by superfly View Post
    They gained *root* access? Ouch, that doesn't sound like a very secure setup.
    Netcraft's "what's that site running" shows that until a few days ago they were running a version of Apache that was 2 and a half years old, which implies that they probably don't keep their systems up to date in general, which implies that their IT sucks. Even Microsoft can keep their website up, and Microsoft are not known for having top-notch security. Guys like Google, News24 etc. can keep their sites up.

    The fact is ALL websites are continually under attack from hackers. All of them, all the time. Most attacks are automated. If your IT sucks, you will suffer.

    Unfortunately it's very hard finding good IT people, especially in South Africa, the quality of the graduates from our universities is *****ing terrible, and the small number of smart folks that manage to come out with skills in spite of how bad the system is, leave for greener pastures overseas.

    I don't sympathize with their IT. I do sympathize with Mail and Guardian in that they probably have a hard time finding good IT people, and end up having to rely on morons, 'cos that's the best that's out there.

  13. #13
    Grandmaster
    Join Date
    Sep 2007
    Location
    Durban and all.
    Posts
    2,073

    Default

    Could have seen this coming! The other day when they had that hack whereby they distributed that spyware (cant remember the details, but was in a M&G article, lol), I fingerprinted their web server and it was running php 5.2.6'ish ... a 2-year old version, I think... Chances are the apache it was running on was just as old. Apache/PHP old versions aren't known for being super secure. The only surprise here is that it wasn't hacked earlier!

  14. #14

    Default

    Quote Originally Posted by tortured View Post
    There is always a way. People will always find an exploit etc. Sometimes it could take months.
    Technically yes; in practice, no, there isn't really "always a way"; if there was, all major websites would be frequently down from attacks.

    99% of hacking uses known exploits, which can be prevented relatively "trivially" by any admin with half a brain by simply keeping all systems up to date, and following bulletins of the latest exploits.

    90% of hacking is automated. All sites are continually under attack. If your software is up to date, and you don't have any other obvious stupid holes, you can sleep easy at night, it won't take "months", it will take "indefinitely", because an automated hack targeting a patched exploit can go on for years with no problem - it's not a matter of time, it's a matter of "either you're vulnerable or you're not", i.e. "either the attempt will succeed the very first time, or it will never succeed" (the only type of target hacking attempt that might really go on "months" would be things like brute-force password checks, which can also be easily circumvented by even a half-competent IT admin: Use strong passwords ALWAYS, and turn off password login on services like SSH). It is naive IT admins who see these attempts in their logs and go "oh n0e5 we're under attack!" ... um, nope, it's just some automated script looking for known exploits that you should've patched.

    0.1% of hackers actually try find new exploits, and it's rare to see these be used. Also, if you're worth your salt as an IT admin, newly published exploits won't cause major problems either, because you just keep on top of the patches and go on your way. If the site gets hacked, restore from backup, and continue on your way.

    The only hacking that is truly difficult to prevent is those that use unpublished new exploits. That is such a tiny minority, and the people doing that are usually farming their skills out to criminal enterprises. I doubt they care about Mail and Guardian specifically.
    Last edited by Tick; 26-01-2011 at 01:31 PM.

  15. #15
    Grandmaster
    Join Date
    Sep 2007
    Location
    Durban and all.
    Posts
    2,073

    Default

    Quote Originally Posted by Tick View Post
    I don't sympathize with their IT. I do sympathize with Mail and Guardian in that they probably have a hard time finding good IT people, and end up having to rely on morons, 'cos that's the best that's out there.
    If you can't find someone who can keep your systems patched, you really haven't tried looking hard enough. You don't need "good IT people" for that, you just need someone who's not functionally retarded and who doesn't try and eat the keyboard keys, thinking they're sweeties.

Page 1 of 3 1 23 LastLast

Tags for this Thread

Bookmarks

Bookmarks

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •