Don't forget backups! Just incase they do hack your site. Also I seem to remember someone mentioning that that something should be removed or changed within the mainfile but don't remember what that was.

I would also check your host and perhap mention to them that you might be targeted and have them advise you.

don (el paso)

Quote:

Yup, main domain and mySQL is backed up daily. Our host is aware of the threat, and are taking it quite seriously becuase they host a lot of gaming groups which is what the g00ns are targeting.

I installed the protector module, that had me change things in the mainfile, plus I have very little open to unregistered users.

I think I am about as secure as I can be.

I wonder if there is a script, module that could be ported to Xoops, or a group that exist to could check site security. This would be in addition to Joe's module. Anyway a good security check list might be coming out of this.

don (el paso)

hackers? lmmfao "Big Time Lamers"

These idiots (g00ns) just hacked an XOOPS site today. Here's a quote from their website:

As many of you already know, the CWar site was defaced yesterday by someone claiming they were from the goons.net group of idiot hackers who don't like online gamers. They have a beef with the RA group, and are taking it out on the member clans.

Cwar apologizes for any trouble the site defacing or the rude emails have caused our community. We are exploring other software possiblities, as open source packages will always have easy exploits. Thanks for your understanding.

http://www.combinedwarfare.com/modules/news/

Well they just hit are web page at http://www.renegadesclan.com the same thing! the so called goons.net they even give you a Teamspeak ip so you can go on there and vent your frustrations at them. well when you go on .theres a bunch of those little pukes in there! Well we didnt say anything just went in for a look. Wouldn`t want to give them the satisfaction of letting them now what they did got to us! i was just woundering if they have an actual web site.And if theres ways of keeping them out?

Here you go:

http://www.g00ns.net

Registrant:
g00ns
Jon Felosi
168 Village Center
Harlan, KY 40831
US
+1.2027425989
z3r0_89@tmail.com

Administrative Contact:
g00ns
Jon Felosi
168 Village Center
Harlan, KY 40831
US
+1.2027425989
z3r0_89@tmail.com

Technical Contact:
g00ns
Jon Felosi
168 Village Center
Harlan, KY 40831
US
+1.2027425989
z3r0_89@tmail.com

Billing Contact
g00ns
Jon Felosi
168 Village Center
Harlan, KY 40831
US
+1.2027425989
z3r0_89@tmail.com

Registrar..: gkg.net (http://register.gkg.net/)
Domain Name: G00NS.NET
Created on..............: 04-OCT-2005
Expires on..............: 04-OCT-2007
Record last updated on..: 27-JAN-2006
Status..................: ACTIVE

Domain servers in listed order:

NS1.ALLIANCEDNS.COM
NS2.ALLIANCEDNS.COM

The previous information has been obtained either directly from the registrant or a registrar of the domain name other than Network Solutions. Network Solutions, therefore, does not guarantee its accuracy or completeness.

Show underlying registry data for this record



Current Registrar: GKG.NET, INC.
IP Address: 208.53.179.7 (ARIN & RIPE IP search)
IP Location: US(UNITED STATES)-TENNESSEE-MEMPHIS
Lock Status: REGISTRAR-LOCK
DMOZ no listings
Y! Directory: see listings
Web Site Title: g00ns.net - Ruining You Online Experience!
Meta Description: g00ns.net - Ruining Your Online Experience!
Meta Keywords: g00ns, g00n, crack, hack, hacking, cracking, exploit, sploit, goons, goon, teamspeak, security, porn, shopping, source code, linux, unix, coding, z3r0, nex, spic
Data as of: 14-Jun-2005

Just to tell ya, g00ns operates by making there hacks. There most likely isn't a leak in your software, but they'll make a leak. Lets just say that g00ns.net has there ways of hacking and persuading. I can get you onto a DNB (Do Not Bother) list if you buy a teamspeak server from my friend. If your interested contact me by e-mail. support@mooseweb.net

Apparently the "g00ns" have too much time on their hands. Just make yourself a good security policy and backup procedure and stick to it - and log everything. Maybe they'll get in, maybe they won't, but i guarantee one thing: they'll *%$*! off the wrong admin and end up in trouble. No good can come of going around and messing with peoples sites. Oh, and don't acknowledge them too much, that's what they live for. In my experience, they'll try a bunch of windows root kits on your Linux server, puff out their chests and scream "n00b!" for awhile then give up and find an unpatched Windows box somewhere.

Yeah these G00n guys just hacked our website http://www.westside-gamers.com and they left a nice picture of a black guy hanging from a tree.... This is ludacris what's wrong with these kids.