[thelist] Website Hacked?

Julian Rickards julian.rickards at gmail.com
Sat May 24 15:43:25 CDT 2008


I work for the government of Ontario (Canada) and our website (
http://www.mndm.gov.on.ca) was hacked this week via a SQL injection attack.
I see that it is now online but it happens to many of us.

Jules

2008/5/24 Todd Richards <todd at promisingsites.com>:

> Hi Everyone -
>
> I farmed out an ASP site a few years ago while I was "learning".  Things
> have worked out great, but a few nights ago I noticed a lot of "404 errors"
> coming in from my custom 404 page.  It was from the same IP address and it
> was trying to request a page that didn't exist, such as "site.com/h
> <script".
> I assumed someone was trying to hack so I blocked the IP address in IIS.
> However, today I noticed that they had been successful in dumping
> "<script>"
> tags into the fields in my database.
>
> I'm a little raw at this, but what did the ex programmer not do correctly
> that allowed this to happen?  Now I'm either looking at going back and
> restoring the old database (which won't be a problem - it's not a mission
> critical site), or going through and cleaning up the information.  The
> problem is I'm not sure how many records for sure were tampered with.
>
> I'd appreciate any feedback on what possibly happened, as well as what I
> might look at to prevent it in the future.  Hand slapping is acceptable
> (bowing head in shame).
>
> Todd
>
>
> --
>
> * * Please support the community that supports you.  * *
> http://evolt.org/help_support_evolt/
>
> For unsubscribe and other options, including the Tip Harvester
> and archives of thelist go to: http://lists.evolt.org
> Workers of the Web, evolt !
>



-- 
Blog: http://pen-and-ink.ca
E-mail: julian dot rickards at gmail dot com



More information about the thelist mailing list