Russell's Cyber Journal » hack

Attack on #Mastermind

Russell — Thu, 14 Dec 2006 11:55:00 +0000

In the five years history of DALnet #Mastermind, we’ve experienced countless flooding, IRCop threatening on multiple occasions, DoS attacks on our users, and so on. But something happened today that I never expected.

The “hacker” gained access to one of our SOp’s NickServ password, and committed a mischievous act that proved his immense patience and hatred towards me. The scoundrel deleted all the 40 AOps one by one, and then added them back on the AKick list. He didn’t forget to add *!*@* on AKick as well. This was followed by a obvious mass kick.

I know who’s behind this, and this is a warning for him: this abuse won’t be tolerated. We will strike back at any cost sooner or later. Playing with fire is hazardous.

MAC Address Spoofing

Russell — Sun, 15 Oct 2006 09:02:55 +0000

Just in case if you need to change the MAC address of your NIC to trick your ISP:

ifconfig eth0 down hw ether 12:34:56:78:90:AB
ifconfig eth0 up

Replace 12:34:56:78:90:AB with a “valid” MAC address.

Remote Include Vulnerability in Mambo

Russell — Thu, 13 Jul 2006 13:38:56 +0000

If you are Mambo user and using Galleria, SimpleBoard, or ExtCalender components, then be careful. A Remote Include Vulnerability has been discovered, and a lot of Mambo run sites using one of these components are being hacked and defaced. To save yourself from this epidemic, check for this line on top of all the PHP files on your component directories:

defined( ‘_VALID_MOS’ ) or die( ‘Direct Access to this location is not allowed.’ )

If it’s not there on every pages, then add it on the top. If available, it’s always the best option to update your modules and components to the latest stable version.

Remeberber: if apache.org or whitehouse.gov can get hacked, so can be yours. Be careful. Very careful. There’s nothing called security in this crazy world.