Ming the Mechanic:
Hacked

The NewsLog of Flemming Funch
 Hacked2005-02-09 09:00
37 comments
by Flemming Funch

Damn, my server was hacked. A vulnerability in the awstats log analysis program. Just announced last week, but not very widely, so I had no clue. Anyway, the result was that every file named index on the server got replaced with a graffiti page from some Brazilian hackers. Big pain. There are 7455 index pages on my server. Anyway, hole closed, and the most important ones restored. But if you have a website here, you better check it out.

And I can see in Google that lots of other sites suffered the same fate. This is what the page said:
SIMIENS CREW

Enquanto Houver Fome Guerra Morte Simiens Existirá!

irc.gigachat.net #simiens

Greetz: #un-root #commandt #h4ck3rsbr #asc #infektion and all friends!

Well, I'm not one of those, I can tell you that.


[< Back] [Ming the Mechanic]

Category:  

37 comments

9 Feb 2005 @ 09:18 by vibrani : Yep, pretty nasty stuff
I wondered if the site got a virus, too. It was freaky coming here and seeing that page instead of NCN. Glad you got it fixed and fast.  


9 Feb 2005 @ 09:57 by vaxen : Yeah,
Simiens Crew, a semi notorious band of Portugese (May be Brazil based) Hackers. The translation would go something like this:

"As long as there is Hunger, War, and Death, Simiens will exist!"

Guess they'll be around for a long time, eh?

However...

In the dreaded 'Pnoteftu' we find this:

"Telling the truth may not be advisable in situations where it would cause more harm than good. In an individual situation, this will always be a judgement call. Typically, this judgement call is based on true compassion (in Gotamo's sense), depending on the circumstances of the partner in the dialogue. 'True Compassion' (in Gotamo's sense) is a mental state rather than an physical emotion. In such a state an evaluation can take place whether a dialogue partner would suffer more by not knowing the painful truth than if the truth would not be announced at all."---M.S.

Personally I don't think Gotamo (Shakya Muni) had a lot of 'sense' left. Others may disagree, of course...

;)  



9 Feb 2005 @ 10:58 by vibrani : telling the truth
can be dangerous business; honest and thoughtful don't go hand in hand. If you admit you can play the accordian, no one will hire you for a rock 'n roll band....["Ishtar"]  


9 Feb 2005 @ 14:09 by jstarrs : Hell, I missed the fun...
...Simiens sounds like a monkey job to me.  


9 Feb 2005 @ 14:23 by martha : I slept throught it
just as well..................sorry ming, I can only imagine how frustrating this is.  


9 Feb 2005 @ 14:54 by ming : Files
The thing is that there's so many files and sites on the server that it is very difficult to get everything, and each fix has to be done manually. Many things are there for historical reasons, accummulated over 10 years, and I don't even know if the sites are really being used or not. Just like the list server has hundreds of mailing lists, and I'm not quite sure which lists are used and which are not.  


9 Feb 2005 @ 15:02 by jstarrs : Let me know if you need a hand, Ming.
;0)  


9 Feb 2005 @ 15:05 by martha : Manually
in this computer age! humph  


9 Feb 2005 @ 18:24 by vaxen : That...
is a really good reason to have a nice, fresh, backup. Ah well...I don't think we're talking 'real mischief,' here, like trojans and etceteras...lots of sites got the same little not and not just this site. I think if they were into real 'mischief' we wouldn't be here typing and you'd be down, some sites are, for quite awhile...

Seems some other sites don't believe in backups, or can't afford them, either. Trojan man to the rescue? I guess you missed my little notes here and there about back doors on your server, servers...that was awhile ago when shakti ma was still out and about...Mum's the word now. Seems nobody cares. ;)

But really, Simiens is just boasting... Kids will be kids. irc.gigachat.net Got irc? ;) Greetz in order?  



9 Feb 2005 @ 18:48 by ming : Automatic
Well, I wrote a little program now that identified all the defaced files and restored them if they were available. So, things are in relatively good shape.

As to backups, well, there's a daily job that is supposed to back up all web files and databases on the server, and copy them to another server. Supposed to. I hadn't noticed that it hadn't succeeded for the past month. Because, well, I no longer work for that company who's server I copied it to, so I couldn't go and check very easily. Anyway, I got another server now, so I'm going to start backing it up to that.

Vaxen, if you're aware of any security holes, please let me know. Yes, I know you've mentioned it once in while, but I need specifics.  



9 Feb 2005 @ 19:26 by Ge Zi @24.127.146.67 : alert network
Flemming,
do you know of some alert network for threats that are imminent of already rampant?
If not we should start one and have an RSS feed for it -
something like Linux-Web-Master Beware!
For wintel servers that feed would probably too busy, wouldn't it? ;-)  



9 Feb 2005 @ 19:30 by Ge Zi @24.127.146.67 : babba
Just a thought:
Brazilian hackers - who do we know in Brazil???
Who is in Brazil but is fleeing it right now - huh - HUH!
I remember when 'you know who' and I were room mates and he was doing his wild processing, the neighbor from downstairs was complaining he would be moving heavy machinery and we had lots of accidents out on the street.
Right - you-know-who - if you read this?  



9 Feb 2005 @ 19:35 by ming : CERT
{link:http://www.us-cert.gov|CERT} normally does a good job in announcing new vulnerabilities. I get them in e-mail. This one just didn't make the list. Anyway, it includes both windows and linux vulnerabilities.  


9 Feb 2005 @ 19:41 by vaxen : Heh, heh...
fleeing? Ah, that little purple notebook from hell? Carnival can be quite...well, sixteen dead in the first hour or so! You don't suppose...
Nah.

Nowadays, Flemming san, I am trying to keep my 'awakenings' to my GE alone. Fried eggs are best served cold.

http://www.innerworlds.50megs.com/  



10 Feb 2005 @ 19:50 by beto : A sense of shame
Only now I've seen your msg, dear Ming, and, as a Brazilian, I cannot avoid a sense of shame on such a manifestation of human stupidity. I feel sorry and wish I could do something on that matter. However, I believe that soon we'll see that the damage isn't so bad. I strongly have that faith, dear Ming!
Beto Hoisel  



10 Feb 2005 @ 21:29 by ming : Brazilians
Oh, it could have been any teenage kids anywhere. But in a certain way I think it is also something particularly empowering for kids from places where they might otherwise have few possibilities for excelling in life. Like, there's lots of Romanian hackers and scammers, for example.  


7 Aug 2006 @ 19:57 by jhonatan @200.131.68.7 : Simiens Crew
Simiens Crew = Hackers,the best hackers  


21 Apr 2016 @ 02:18 by Aileen @188.143.232.32 : lzzfUJRyOKptIc
Well macmiaada nuts, how about that.  


21 Apr 2016 @ 17:14 by Delphia @188.143.232.32 : yPdXouETIGc
I read your post and wieshd I was good enough to write it http://njlpyhvpb.com [url=http://okzkyvdby.com]okzkyvdby[/url] [link=http://voixrkszhwf.com]voixrkszhwf[/link]  


26 Apr 2016 @ 15:33 by Keshawn @188.143.232.32 : RYCYTaFsplgE
http://thechristychilton.com/ceap_car_insurance.html http://artofmaestro.com/car_insurance_with_no_amendment_fees.html http://debslocketdreams.com/nhs_car_insurance_discount.html http://templetonvigneault.com/check_the_car_insurance_valid.html http://posiesandpoms.com/cheap_multi_vehicle_insurance.html  


29 Apr 2016 @ 20:25 by Cayle @188.143.232.32 : fBGQRMIzXmTHmmwayoBQ
http://www.ionicbathfootdetox.com/ http://ionicbathfootdetox.com/knxxujbdwj.html http://www.bhmendedhearts.com/ http://www.sorethumbsblog.com/ http://www.blrimages.net/ http://bhmendedhearts.com/cabhwwl.html  


3 May 2016 @ 12:56 by Berlynn @188.143.232.32 : jovhbukCjl
especially http://carinsurancequotesbp.info pain canadian loss http://cheapcarinsuranceml.top company know add http://autoinsurancequotesdat.info been depending http://cheapautoinsurancekvo.top insuring teens  


22 May 2016 @ 03:42 by Essie @188.143.232.32 : WQsasOcwKhTnvt
outlines every http://bestinsurancespy.com/ websites online  


12 Sep 2016 @ 13:01 by Jonetta @188.143.232.32 : zRIumijNauPxm
http://baltazarwellness.com/can-u-insure-a-car-that-is-not-in-your-name.html  


21 Sep 2016 @ 17:11 by xender for pc @117.201.20.233 : xender
interesting

http://www.xenderforpcapp.com  



30 Sep 2016 @ 05:13 by Marilu @188.143.232.32 : AVGvCWYdcUryeYQCkr
http://ofiratia.com/insurance-value-for-car.html  


1 Oct 2016 @ 01:18 by Chassidy @188.143.232.32 : EBkGGEZfxBPbqHm
http://lastingmemoryphotos.com/who-regulates-insurance-companies-in-florida.html  


3 Oct 2016 @ 17:40 by Jorja @188.143.232.32 : TDbrZZbahG
http://reneandvictoria.com/hair-salon-liability-insurance.html  


7 Oct 2016 @ 08:54 by Davian @188.143.232.32 : rDUHuqRUdsko
http://sunusummer.com/free-quote-from.html  


7 Oct 2016 @ 21:44 by Steffie @188.143.232.32 : TiaNhqaZWFXwFaIjOwue
http://lindnerstudent.com/third-party-motor-vehicle-insurance-nsw.html  


9 Oct 2016 @ 06:10 by mobogenie pc @180.215.121.220 : gol
hi http://www.mobogenieforpcc.com
good http://www.snapchatforpcdownload.com
post http://www.ucbrowserforpcc.com
snapchat windows http://www.snapchatforpcdownload.com/2016/06/snapchat-pc-free-download-windows-xp788-110/
snapchat for linux http://www.snapchatforpcdownload.com/2016/06/snapchat-for-linux-free-download/
snapchatdownload http://www.snapchatforpcdownload.com/2016/06/snapchat-download/
snapchat app http://www.snapchatforpcdownload.com/2016/06/snapchat-app-free-download/
mac http://www.snapchatforpcdownload.com/2016/06/snapchat-for-mac-pc-free-download/
ios http://www.snapchatforpcdownload.com/2016/06/snapchat-app-for-ios-free-download/
android http://www.snapchatforpcdownload.com/2016/06/snapchat-for-android-free-download/
windows http://www.mobogenieforpcc.com/2016/06/mobogenie-for-pc-windows-xp788-110-html/
app http://www.mobogenieforpcc.com/2016/06/mobogenie-app-free-download/
ios http://www.mobogenieforpcc.com/2016/06/mobogenie-for-ios-free-download/
android http://www.mobogenieforpcc.com/2016/06/mobogenie-for-android-free-download/
windows http://www.ucbrowserforpcc.com/2016/06/uc-browser-for-pc-free-download-windows-xp-7-8-10/
ios http://www.ucbrowserforpcc.com/2016/06/uc-browser-for-ios-free-download/
mac http://www.ucbrowserforpcc.com/2016/06/uc-browser-for-mac-pc-free-download/
android phone http://www.ucbrowserforpcc.com/2015/12/uc-browser-apk-for-android-phone-free-download/
windows phone http://www.ucbrowserforpcc.com/2015/12/uc-browser-for-windows-phone-free-download/  



22 Oct 2016 @ 18:40 by Bones @188.143.232.32 : EDLjConukZiWa
http://bekommenkreditkarten.info/vorteile-nachteile-kreditkauf.html  


27 Oct 2016 @ 00:59 by Roberta @188.143.232.32 : NPlGGCIYrtcGQB
http://prestamosonline.pw/estado-cuenta-prestamo-casa-bancomer.html http://prestamosonline.pw/prestamos-online-con-asnef.html  


1 Nov 2016 @ 20:11 by trio4d @42.115.2.44 : agen togel
was very helpful and very useful
articles that you provide very helpful and nice to everyone thanks
promo
http://trio4d.com/promo-bagi-player-trio4d.html
daftar
http://trio4d.com/daftar-member.html
cara
http://trio4d.com/cara-bermain-togel.html
informasi
http://trio4d.com/informasi-pasaran.html
Buku mimpi
http://trio4d.com/buku-mimpi.html  



8 Nov 2016 @ 07:27 by Janaye @188.143.232.32 : ioCoRfSUJRnvMdnPrU
http://prestamospersonalesrapidos.top/ventajas-del-título-de-crédito-hipotecario-negociable.html  


10 Dec 2016 @ 11:07 by Kaycee @188.143.232.32 : NCldXMruxw
premium http://sarahjohnwedding.com/auto_insurance.html too student http://barnsleyandfamily.com/auto_insurance_quotes.html being new insurers http://carinsurancesto.pw/ gone regardless http://barnsleyandfamily.com/auto_insurance.html just qualify http://cheapestinsurance.pw trouble finding  


3 Jan 2017 @ 06:58 by Chuckles @188.143.232.32 : QiXJWLhUDjoxnMvt
http://www.katjakrizan.com/günstige-kfz-versicherung.html http://www.perezgraphics.com/kredit-günstig.html  


Your Name:
Your URL: (or email)
Subject:       
Comment:
For verification, please type the word you see on the left:


Other stories in
2012-05-03 00:04: An evolving path
2012-01-02 13:52: 2011 Accomplishments and 2012 Aims
2011-11-17 02:20: Your inner piece
2011-02-01 00:05: Slow Mo Flow
2011-01-22 18:40: Recognition
2010-08-23 00:36: Where's Ming?
2010-07-20 14:24: Getting other people to do stuff
2010-06-22 00:27: Inventory
2010-06-19 23:10: Conversations
2009-10-28 12:31: Then a miracle occurs



[< Back] [Ming the Mechanic] [PermaLink]? 


Link to this article as: http://ming.tv/flemming2.php/__show_article/_a000010-001468.htm
Main Page: ming.tv