[thelist] Web Site hacked

Simon MacDonald simonmacdonald at uk2.net
Sun Sep 28 09:00:35 CDT 2008 

Nan,

It was just the index files on each site - one on a cms and the rest either
html or php. And I've reloaded them all, and all seems to be working again

Christie said
>I don't think it's your web pages.  
>Looks like your database has been successfully SQL injected/XSS.  
>Since it affects South Yorkshire Food, I'm guessing it's an unsecured CMS
issue.

I thought the CMS (Joomla!) was secured - my ISP - UK2.net has been
remarkably quiet since I raised the issue with them this morning. I'm gonna
double check all the security.

Thanks to all for the advice.

Regards

Simon

-----Original Message-----
From: Nan Harbison [mailto:nan at nanharbison.com] 
Sent: 28 September 2008 13:32
To: simonmacdonald at uk2.net; thelist at lists.evolt.org
Subject: RE: [thelist] Web Site hacked wasiPhone (browser) detection

Simon,

So can you just re-upload all of your website files and overwrite what the
hackers have done? Or did they mess up something beyond that?

Just for future reference, this has not happened to me (yet, hopefully it
never happens)!!

Thanks
Nan

-----Original Message-----
From: thelist-bounces at lists.evolt.org
[mailto:thelist-bounces at lists.evolt.org] On Behalf Of Simon MacDonald
Sent: Sunday, September 28, 2008 8:14 AM
To: thelist at lists.evolt.org
Subject: Re: [thelist] Web Site hacked wasiPhone (browser) detection

I take it back, they have hacked the file system ...

Simon

-----Original Message-----
From: thelist-bounces at lists.evolt.org
[mailto:thelist-bounces at lists.evolt.org] On Behalf Of Simon MacDonald
Sent: 28 September 2008 12:33
To: thelist at lists.evolt.org
Subject: Re: [thelist] Web Site hacked wasiPhone (browser) detection


Hi Nan,

I've split this onto a new thread ..

Yeah, I've just discovered that too! Several of the domain names I host have
been hacked - I've raised a critical support ticket with my ISP - looks like
the dns may have been hacked -  I must confess I'm not strong on DNS so I'm
not sure how this is happening. The underlying file system is untouched. I'd
be interested to understand how this is done - anyone shed some light?

Cheers

Simon


Simon MacDonald
www.lemonslicedesign.com



-----Original Message-----
From: Nan Harbison [mailto:nan at nanharbison.com]
Sent: 28 September 2008 12:07
To: simonmacdonald at uk2.net
Subject: RE: [thelist] iPhone (browser) detection

Hey Simon,

I went to your website, lemonslicedesign.com, I often look at Evolter
websites, and I was redirected to a "Turkish Hackerz" website called
grayhatz, and most of the text was in a foreign alphabet. 

Thought you might like to know, I don't think it is your lemonslicedesign
site!

Excellent tip about the Adobe extension! 

Thanks.
Nan 

-----Original Message-----
From: thelist-bounces at lists.evolt.org
[mailto:thelist-bounces at lists.evolt.org] On Behalf Of Simon MacDonald
Sent: Sunday, September 28, 2008 5:52 AM
To: thelist at lists.evolt.org
Subject: Re: [thelist] iPhone (browser) detection

> Does that seem correct?  And so would it further be correct that the 
> primary reason to detect iPhone with a *SCRIPT* would be to send it to 
> a different *HTML* page (hooked up to its own stylesheet), while the 
> primary reason to detect with *CSS* would be to send the "regular HTML"
> page to a different *STYLESHEET*.


I agree with your reasoning. I would go down the CSS route using conditional
CSS.[1]

I'm about to try this myself but as I haven't got access to an IPhone I'm
going to have to use the Dreamweaver extension [2]


[1]
http://developer.apple.com/documentation/AppleApplications/Reference/SafariW
ebContent/OptimizingforSafarioniPhone/chapter_3_section_2.html#//apple_ref/d
oc/uid/TP40006517-SW2

[2]
http://www.adobe.com/cfusion/exchange/index.cfm?event=extensionDetail&extid=
1307518


cheers

Simon

Simon MacDonald
www.lemonslicedesign.com



-- 

* * Please support the community that supports you.  * *
http://evolt.org/help_support_evolt/

For unsubscribe and other options, including the Tip Harvester and archives
of thelist go to: http://lists.evolt.org Workers of the Web, evolt ! 

-- 

* * Please support the community that supports you.  * *
http://evolt.org/help_support_evolt/

For unsubscribe and other options, including the Tip Harvester and archives
of thelist go to: http://lists.evolt.org Workers of the Web, evolt ! 

-- 

* * Please support the community that supports you.  * *
http://evolt.org/help_support_evolt/

For unsubscribe and other options, including the Tip Harvester and archives
of thelist go to: http://lists.evolt.org Workers of the Web, evolt !

More information about the thelist mailing list