[thelist] Website Hacked?

Todd Richards todd at promisingsites.com
Sat May 24 15:17:21 CDT 2008

Hi Everyone -

I farmed out an ASP site a few years ago while I was "learning".  Things
have worked out great, but a few nights ago I noticed a lot of "404 errors"
coming in from my custom 404 page.  It was from the same IP address and it
was trying to request a page that didn't exist, such as "site.com/h<script".
I assumed someone was trying to hack so I blocked the IP address in IIS.
However, today I noticed that they had been successful in dumping "<script>"
tags into the fields in my database.  

I'm a little raw at this, but what did the ex programmer not do correctly
that allowed this to happen?  Now I'm either looking at going back and
restoring the old database (which won't be a problem - it's not a mission
critical site), or going through and cleaning up the information.  The
problem is I'm not sure how many records for sure were tampered with.

I'd appreciate any feedback on what possibly happened, as well as what I
might look at to prevent it in the future.  Hand slapping is acceptable
(bowing head in shame).


More information about the thelist mailing list