Plays Well With Others

Lesson Learned…

I received an interesting email last night. Earlier in the day, I was checking a few things out on some sites I have and noticed that some of the categories on one site had been changed—obviously not by me, since one of them read “Gay Porn”. Ugh. So, I knew I’d been compromised again.

I quickly fixed the categories and was working on figuring out where my security hole was, when I got an email:

If you check out your website, go check out your categories. I think it is funny really. Now if I really wanted to I could destroy all of your websites. Instead I just injected some humor. Now I didn’t delete anything I promise you that. Just tagged the site a bit, mean maybe but could have been a lot worse. So if you want to know how to fix the big security hole e-mail me back. But nice sites though.

Ugh. Okay, he liked my designs, so he didn’t destroy my sites. So I emailed him back to see if he’d actually help me find the security hole. Not much to lose, considering he’d already accessed my database and could basically delete the entire thing. He emailed me back within minutes and we met up on AIM.

Surprisingly, he was pretty nice about it and basically told me how he’d gotten to my database and also how to prevent anyone else from gaining access and also how he’d found out about the database in the first place. I also added a few other security precautions just to be on the safe side and hopefully will feel a little better about the situation.

I’m protected from the average hacker looking for some fun. However, if someone really wanted to they could probably take down the entire server. Afterall, if Microsoft can be affected, I certainly could be. Of course, taking my blog offline doesn’t make much of a statement, so why bother.

All I can really say is that for once, I’m happy to have chatted with the person that hacked into my database. And I learned a bit too.

What he said also makes a lot of sense, because the only thing that’s been consistently compromised on my server is my database. I just couldn’t figure out how people were getting in. I thought I’d closed up all the ports and everything, but it turned out to be something really obvious. Ugh. Lesson learned.

Tags: , ,

3 Responses to 'Lesson Learned…'

  1. personal avatar
    Katie | 08 December 2005

    Weird. Well, at least you got one of the decent guys who seems to just be doing it for fun and will actually help you out… and not some punk asshole kid who takes your entire site down for kicks.

  2. personal avatar
    Greg | 08 December 2005

    Yeah, been there too. I’ve got backups so I’m usually back up running within hours, but it’s just a pain in the butt. So yeah, in a way I lucked out.

  3. personal avatar
    Katie | 09 December 2005

    Maybe he can tell you how to fix your comment notification. UGH.

3gp videos