Wednesday, November 02, 2005

We were hacked

I know that security is important.
I know that you need to keep your software up to date.
I know that low traffic is no guarantee of safety, when google can point people at vulnerable versions of a system.

But in my defence, we hadn't much traffic or many users. Hardly any, in fact. We're busy. It didn't seem a priority. And there would have been a fair bit of customisation to redo. (On the other other hand, those are terrible excuses, and an upgrade would also have stopped most of the Russian pill spammers).

Anyway, a young turk who claimed to be "hacking for Allah" (kind of like vandalism for God, I suppose) forced our hand. So now everything is being restored from backups and upgraded. And hopefully the spammers will be gone as well.


Anonymous said...

Hacking is one of those things that you don't think will ever happen to you, right? Hope you got it all cleared up.

Paul said...

Thanks! We got it all sorted out - the backups worked, and now we're up to date and much less insecure (you can never be totally secure, I guess).

The logs give us a good indication of where the guy was coming from, but I think it's just some kid with a hacking recipie, who hangs out on a Turkish hacking web forum.