Big Time Hackers [Q and A] - XOOPS Web Application System

XOOPS

Forum

Forum Index General Forums Community Support Modules Support Themes Support Development International Support Module Hack Reviews Theme Designer Talk

1

Big Time Hackers

2005/10/9 14:16
Tabasco
Quite a regular
Posts: 203
Since: 2003/12/26

Is anybody here familiar with the g00ns? They are big time hackers. They are normally hacking game sites. Here's a list of sites they have taken down:

http://www.zone-h.org/en/defacements/filter/filter_defacer=g00ns/

We are a member of a group called Respected Admins, a site they (the g00ns) recently hacked, and they are threatening to take our site down now. Here's a email we received from them:

please note that J_Dizzle from http://www.g00ns.net has come to own you all. I chose not to delete content for this defacement, and rather just send a message. Respected Admins is directly responsible for this attack, and Red Hour will be my next target if Respected Admins refuse to step down from their pride horse and admit defeat.

Please take your anger out on our forums at http://www.g00ns-forum.net and our TeamSpeak server too!

A member of Respected Admins is a police officer, and reported the hacking of the Respected Admins site to the FBI.

Are there any additional programs I should add to our XOOPS site running 2.0.13.1 to prevent hacking?

Red Hour Gaming

2

Re: Big Time Hackers

2005/10/9 14:25
erzon
Quite a regular
Posts: 211
Since: 2005/1/1 3

suggest that you should update all patch for your xoops

3

Re: Big Time Hackers

2005/10/9 15:21
m0nty
XOOPS is my life!
Posts: 3337
Since: 2003/10/24

bit hard unless you know how they are defeating the security.

protector module will help!! you should be able to find it using search.

failing that, it maybe worth doing as they said in the email and going to their forum, but don't get angry.. literally ask them how they compromised your site!! they aint gonna tell you nothin if you go in guns blazing.

a lot of these crackers will eventually tell you how they are breaking in.. of course some won't..

4

Re: Big Time Hackers

2005/10/9 18:09
erzon
Quite a regular
Posts: 211
Since: 2005/1/1 3

but monty do you think they can really hack the xoops?

5

Re: Big Time Hackers

2005/10/9 18:27
linuxdude
Just popping in
Posts: 3
Since: 2005/10/8

One simple thing could be to use a .htaccess file to block ip-adresses from accessing your Xoops.

I have good experiences with that, when i blocked out the whole ip-series for Brasil and Uruguy (lots of script-kidds there !)

Ciao !

6

Re: Big Time Hackers

2005/10/9 18:27
Herko
XOOPS is my life!
Posts: 4238
Since: 2002/2/4 1

It is possible they find and use a security hole in XOOPS, but XOOPS is one of the most secure systems out there. The hackers will try to hack into the server tho, and not through XOOPS. Once they gained server access, they can do a lot more damage then just adding a few pages to your XOOPS site...

My suggestion: change all account passwords, review all accounts and statuses, close everything you don't use. It's harsh, but under threat you need to take desperate measures.

Herko

7

Re: Big Time Hackers

2005/10/9 19:13
pegasus00321
Quite a regular
Posts: 339
Since: 2005/4/29

Nothing is completely secure, not even XOOPS. Buts its pretty close. It would be great to have a security professional look at 2.2.x before it is released.

But also, just remember that its not always XOOPS itself thats exploited, you have modules installed. I'm sure theres a exploit here and there in CBB, Newbb, or other modules.

Pegasus00321

I would appricate it if you click this link
TuFat.com PHP Scripts and etc

8

Re: Big Time Hackers

2005/10/9 19:29
Tabasco
Quite a regular
Posts: 203
Since: 2003/12/26

I've shut off new user registration. One of the g00ns tried to register at my site.

I have very little exposed to non registered users

I let my web host know about the threat, and they are monitoring it closely and did an offsite backup also.

I have a current backup of the domain and the MySQL

I think I am about as secure as I can be.

Red Hour Gaming

9

Re: Big Time Hackers

2005/10/9 19:38
linuxdude
Just popping in
Posts: 3
Since: 2005/10/8

Here is what i would do:

1. remove all un-needed modules. Specially all modules that have possibility to add some content (like: fileupload modules, gallery etc)

2. Walk throuh your files+folders and do a proper chmod

3. Read all you logfiles (httpd, xoops) frequently

4. Search for Any exploit´s on your os/software/modules/system/etc and be a step before any intruders

5. Password checks (remove accounts with short passwords)

6. If you host the system: check your firewall rules/logs

7. If you host the system: Add a security module to apache - here is a nice one: http://www.modsecurity.org/

8. Add .htaccess files to prevent access to special folders.

9. If you host the system: Block IP-adresses in youre firewall

10. If you host the system: Remove un-needed services and only accept http-trafic to the system.

11. setup a honey-trap and collect evidence/logs

And remember....they will read this to...

10

Re: Big Time Hackers

2005/10/12 18:59
Tabasco
Quite a regular
Posts: 203
Since: 2003/12/26

Some good news. The g00ns webpage and teamspeak was closed

Some bad news. They are still active. They just took another site down:

http://www.zone-h.org/en/defacements/filter/filter_defacer=g00ns/

One thing I seemed to notice, is that they seem to target phpBB the most, but maybe it's because nuke is so popular with gaming clans. A lot had been runnng phpBB ver 2.0.11. The latest version of phpBB is 2.0.17

Our Police contact at Respected Admins was in contact again today with the FBI about them.

Tabby

Red Hour Gaming

Login

Username

Password

Remember me

Register now! | Lost Password?

Search

Advanced Search

Recent Posts

XOOPS MyMenus 1.54.0 Beta 10

11/18 11:08 Mamba
Re: XOOPS MyMenus 1.54.0 Beta 7

11/18 11:06 Mamba
Re: XOOPS MyMenus 1.54.0 Beta 7

11/16 12:32 liomj
Re: XOOPS MyMenus 1.54.0 Beta 7

11/15 18:06 Mamba
Re: XOOPS MyMenus 1.54.0 Beta 7

11/15 5:33 liomj
Re: XOOPS MyMenus 1.54.0 Beta 7

11/15 5:29 liomj
Re: XOOPS MyMenus 1.54.0 Beta 7

11/15 4:39 Mamba
Re: XOOPS MyMenus 1.54.0 Beta 7

11/15 3:50 liomj
Re: XOOPS MyMenus 1.54.0 Beta 7

11/15 3:31 Mamba
Re: XOOPS MyMenus 1.54.0 Beta 7

11/15 1:48 Mamba

Who's Online

282 user(s) are online (191 user(s) are browsing Support Forums)

Members: 0

Guests: 282

Donat-O-Meter

Stats
Goal:	$100.00
Due Date:	Nov 30
Gross Amount:	$0.00
Net Balance:	$0.00
Left to go:	$100.00

Latest GitHub Commits

{{ record.sha.slice(0, 7) }} - {{ record.commit.message | truncate }}

{{ record.commit.author.name }} {{ record.commit.author.date | formatDate }}