Visitors can check out the Forum FAQ by clicking this link. You have to register before you can post: click the REGISTER link above to proceed. To start viewing messages, select the forum that you want to visit from the selection below. View our Forum Privacy Policy.
Want to receive the latest contracting news and advice straight to your inbox? Sign up to the ContractorUK newsletter here. Every sign up will also be entered into a draw to WIN £100 Amazon vouchers!
You are not logged in or you do not have permission to access this page. This could be due to one of several reasons:
You are not logged in. If you are already registered, fill in the form below to log in, or follow the "Sign Up" link to register a new account.
You may not have sufficient privileges to access this page. Are you trying to edit someone else's post, access administrative features or some other privileged system?
If you are trying to post, the administrator may have disabled your account, or it may be awaiting activation.
None of this namby-pamby "And we all learned a lesson from that and we've tightened up procedures" bollocks, that's it, security are on the way to escort you from the building.
Exactly. Personally I would like to see different categories of membership. There are a few here who would pay ALOT more to be platinum members - without them realising that the rest of us are not impressed and merely see them as kn0bs.
Yes, I am a pillock and should not be in charge of a smart phone, let alone a server if the truth be known.
As I said before, the banner ad system got hacked due to the provider (OpenX) getting hacked. This initial hack created a new user account on the system and the hacker logged in to the account via the control panel and added the JavaScript code to the database for each banner entry in a field that can be used to append or prepend the code to the banners.
So cleaned this out, removed the new admin account and changed the password on the main account.
They must have left some sort of backdoor on the file system though as the JavaScript calls were re-inserted into the database for each banner prepend field last Friday. I deleted them out again and saw that OpenX had an upgrade so ran through this as well. This was a complete change of all files on the file system bar the config file. The DB content was not touched though.
This morning I tracked the code down to append and prepend fields in the zone table - the zones are the blocks which you serve ads in. I have checked backups over the last week and these were added to the DB at the same time as the banner ones (Friday) but I missed these when I cleaned the others out and patched the software - these don't appear to have become activate until yesterday for some reason or other.
So with these cleaned out as well I really do hope this is the last of it. If not just raise another forum thread, or if you are feeling really generous send me a PM so I get to see it a bit quicker. I have added a couple of other checks - the prepend and append fields from the banner and zone tables to be emailed to me 4 times a day just in case there is still a route into the server and will also basic auth the admin area later so even if new admin accounts can be injected or passwords revealed somehow they shouldn't be able to get past that to do any damage.
You're fired!
None of this namby-pamby "And we all learned a lesson from that and we've tightened up procedures" bollocks, that's it, security are on the way to escort you from the building.
Yes, I am a pillock and should not be in charge of a smart phone, let alone a server if the truth be known.
As I said before, the banner ad system got hacked due to the provider (OpenX) getting hacked. This initial hack created a new user account on the system and the hacker logged in to the account via the control panel and added the JavaScript code to the database for each banner entry in a field that can be used to append or prepend the code to the banners.
So cleaned this out, removed the new admin account and changed the password on the main account.
They must have left some sort of backdoor on the file system though as the JavaScript calls were re-inserted into the database for each banner prepend field last Friday. I deleted them out again and saw that OpenX had an upgrade so ran through this as well. This was a complete change of all files on the file system bar the config file. The DB content was not touched though.
This morning I tracked the code down to append and prepend fields in the zone table - the zones are the blocks which you serve ads in. I have checked backups over the last week and these were added to the DB at the same time as the banner ones (Friday) but I missed these when I cleaned the others out and patched the software - these don't appear to have become activate until yesterday for some reason or other.
So with these cleaned out as well I really do hope this is the last of it. If not just raise another forum thread, or if you are feeling really generous send me a PM so I get to see it a bit quicker. I have added a couple of other checks - the prepend and append fields from the banner and zone tables to be emailed to me 4 times a day just in case there is still a route into the server and will also basic auth the admin area later so even if new admin accounts can be injected or passwords revealed somehow they shouldn't be able to get past that to do any damage.
Leave a comment: