[thesite] recent evolt problems..

Daniel J. Cody djc at starkmedia.com
Thu Jun 21 00:47:01 CDT 2001


hey folks -

this is gonna be short and sweet..

around 6pm cst tonite the server that hosts the evolt mailing 
lists(lists.evolt.org), browsers/directory/admin/ and members.evolt.org 
went down. at first glance and without giving shit away, it looks like 
someone exploited a members.evolt.org account with a PHP script. for 
those that dont know, we host around 600 websites for evolt members and 
offer them PHP, cold fusion, cgi and a number of other resources to 
further their web development skills.. apparently someone somehow took 
advantage of that generosity and used a PHP script to wipe out everyone 
elses accounts.

this affects *all* members.evolt.org accounts, including 
lists,directory,admin, and browsers.evolt.org. untill i figure out how 
they got the script to wipe a couple hundred GB's of data, i've shut the 
web and db servers and all other non-essential services on that machine 
down.

www.evolt.org is fine and working however, as its on a seperate system.

the evolt mailing lists are now up and fine as well

when i'm done pouring over logfiles and figuring out just how it 
happened, data will be restored from a backup that was made on wednesday.
bearing my frustration here and trying not to sound like an asshole to 
everyone else, but i'm sure whoever it was that pulled this little stunt 
off is on one of our lists, which is why i'm sending this to everyone.

i'd just like to point out to this person that the log files you 'wiped 
out' just happened to also get spooled to a fucking printer. i've 
already got an ip and a more than helpful sys admin from your isp with 
radius logs in his hands.
on the phone.
right now.

apologies to everyone else for the downtime this evening, sorry it took 
so long(milaukee beervolt tonite), everything should be smurfy in the 
morning.

.djc.








More information about the thesite mailing list