[thelist] how did they hack my guestbook and who can I report them too.

Darrell King darrell at webctr.com
Thu Apr 19 06:05:14 CDT 2001


Is the guestbook on your site, or is it remotely hosted?

If on your site, you will need to add security-related code
yourself.  If remotely hosted, contact the owning company and ask
them to add some code preventing JavaScript and meta tags from
being included with the submissions.

My son is into IRC programming, and this has the same feel to
it...someone young and brazen, and too clever for his own
good...:).  You can report the incident to itchat.tv, of course,
and tell them that the news is being spread to thousands of
people.  You can also report the incident to abuse at hotmail.com.
Although not SPAM, if many reports come in they may just close him
down.  Probably not, but who knows...?

The best chance you have at any kind of satisfaction is to get
your security beefed up, though.  You could burn a lot of energy
searching the Web for this person, never finding him, and not even
noticing the thousands of others doing the same type of thing.
Or, you could crusade for tighter security, which at least closes
this option to these people, possibly for many other victims as
well if the guestbook is centrally hosted...:)

D


----- Original Message -----
From: "Lisa Frost" <lisa at koolfish.com>


I have a free dreambook guestbook on a personal site.

Some lovely person added a message which then refreshed the page
and
redirected my guestbook to www.irchat.tv

When I looked at the page source they had written this:

<tr>
 <td width=30% align=left>E-mail address:</td>
 <td><a href="mailto:Buddd at hotmail.com">Buddd at hotmail.com</a></td>
</tr>

<tr>
 <td colspan=2>Comments: <meta http-equiv="refresh" content="1;
URL=http://www.irchat.tv"></td>
</tr>

I was able to remove it by removing the entry but even that was a
pain as
when you went to dreambooks manage account, the delete entry page
would also
refresh after just 1 second. I had to be very quick with the mouse
on the
delete button!

To sign the guest book you just fill in a form so how did they
embed the
refresh in the comments without it being seen on the screen.

More importantly is there any chance I can track the culprit down
and I also
want to report irchat.tv.

I am not sure if this is OT or not so here is a tip:
<tip "type=DW4">
In layout view you can not click a table cell and drag it to a new
position
with your cursor. To move the cell click on the border and use the
arrow
keys. Holding shift whilst pressing the arrow keys will move it 5
pixels at
a time.
</tip>

Thank you

Lisa.







More information about the thelist mailing list