[ubuntu-uk] Website Hacked.....

Lucy lucybridges at gmail.com
Sat Jun 27 18:52:46 BST 2009


2009/6/27 James Milligan <lake54 at lake54.com>:
> On 27 Jun 2009, at 17:52, Matthew Daubney <matt at daubers.co.uk> wrote:
>
>> <snip>
>>> I just took a look and the sites still arent showing.
>>>
>>> John
>>>
>>
>> Hiya,
>>
>> A VPS is a Virtual Private Server. Essentially its a virtual machine
>> on
>> someone elses server. By the looks of it, yours is just a single
>> server
>> sharing some resources. Based on the fact that it doesn't appear to
>> have
>> a firewall installed, I'd immediatley be a bit suspicious. phpBB and
>> Wordpress can sometimes be broken into, but if you're on shared
>> storage,
>> then I'd ask if it was just your stuff that was taken down. I'm not
>> sure
>> how to look up the ip address to see what else was on there, but it
>> may
>> be that someone elses dodgy install of something gave access.
>>
>> There are a million and one things that could be the cause here, but
>> chances are, it wasn't something you can control.
>>
>> -Matt Daubney
>
> It's called reverse IP lookup - I'm not at home at the moment but will
> be in a few minutes, so if you haven't found a site via Google I'll
> post back.
>
> Sometimes quite interesting to find out the other websites lol

What I did:

$ ping furrycritters.co.uk

This revealed both the IP address and the reverse lookup, in this case
victorious.eukhost.com (213.175.194.16).

This was confirmed by doing:

$ dig -x 213.175.194.16

I also confirmed that it was running FTP, rather than SFTP by
telneting to port 21. Finally, going to the furrycritters.co.uk domain
in a web browser shows that hosting has been set up, but that no index
page has been uploaded. It also shows that the server is running
Apache and cPanel.

I don't know how to lookup what other domains are using that IP
address though. Anyone else?



More information about the ubuntu-uk mailing list