Site got hacked what next?

[axxo]

Hi
about a hour before my site got hacked by VIP_FBI_F@HOTMAIL.COM and left an index.html with this message
*img247.imageshack.us/img247/3294/hacksv6.th.jpg
Imd after i logged on to the server found .htaccess and config.php of forum to have 777 permissions set..changed that to 655 removed the html that he inserted and restored original index file.

Now i just want to know what are the measures that i further need to check before it get hacked again..bcoz he may come again..am not sure..
heres what the details i collected on him..
*img329.imageshack.us/img329/1688/temprm0.jpg

guyz am really afraid of him..
site owners help me..am a rookie to this kinda problem .thx

 

[NucleusKore]

Only your webhost can do something about him. Contact them immediately. Even my site was brought down by some group claiming to be CARP. This was before the Iraq war, although I did not have any pro or anti war stuff on my site

 

[axxo]

OMG this guy is not new..he has been doing this for ages..
look at the list hacked only on 10-3-2008
Greetings ..

..​

In the series to penetrate the West and putting the sites ..Been trampling on the following sites:

www.lindstravel.com​

*shbabrawch.com/​

*ecomsteer.com/​

*dzulcarnine.net/​

*dmusicdesigner.com/​

*dfilminst.com/​

*cumpunet.net/​

*coolmusic.in/​

*clikzone.com/​

*citibizz.com/​

*4nix.net/​

..​

Holding forums and the next ..

vip_fbi_f@hotmail.com​

Source : Link

Be warned therez a big crew running behind this


Idiots...getting bad impression for Islam & Allah..

 

[max_demon]

script kiddies

 

[axxo]

too bad...what kind of script it is? how vulnerable the site need to be to run that script?

 

[raf]

i think he most dangerous hacker because i have seen a lot of web site he hacked it

and his team called JPI TeaM

he is arabic

 

[tech24]

well its not compulsory that if one is defacing sites then he can be an awesome hacker... this is such an activity which is telecasted by skiddies... its not a big matter to exploit a vulnerability... its a matter of skill on how u r exploiting that vulnerability... well if your site got hacked then u can contact to ur ISP as peoples said above else you can go with IPS protections... IPS pplz are damn good about protecting 0days and other type of attacks like memory corruption, memory management security optimization, phishing attacks, buffer overflow attacks etc etc... well i dont want to analyse abt these stuffs here ... better you can discuss or google abt more in any security forum..... they can give u more references on it... and if u need any help on security topic and exploitation issues then feel free to pm me or post ur replies here...

thanks.

 

[victor_rambo]

ok, I know this issue is old, but wud Axxo explain a bit in more detail and cud he plz post the link to this site?

 

[axxo]

it was a mistake that i made @ that time. I left out the phpbb forum's config.php file attribute with 777 and .htaccess file to allow all. I remodded the files and permission setting now to 655, correct me if am still wrong. Link to the site pmed

 

[victor_rambo]

Well, forum softwares can take care of the file permissions after installing them. If phpBB does not, then this is probably one of the reason it 'earns' a bad reputation for its security. phpBB is most vulnerable among other popular forum softwares.

 

[max_demon]

^^Even IPB has bad security

 

[victor_rambo]

^^Even IPB has bad security

Hmmmm...didn't know this. Actually I never considered IPB for any of my purposes. The only paid forum software I ever considered is vB.

 

[Sukhdeep Singh]

Well, forum softwares can take care of the file permissions after installing them. If phpBB does not, then this is probably one of the reason it 'earns' a bad reputation for its security. phpBB is most vulnerable among other popular forum softwares.

Agree

^^Even IPB has bad security

Dont agree