Jun 07, 2007 22:45
OK so I discover dreamhost (my web host) was hacked 22 hrs ago.
They say they have informed all affected customers, and I have yet to receive an email from them.
Checking timestamps and last logins on my site nothing has been compromised but either way this is not a good thing.
Leave a comment
Comments 2
I'd not be a happy bunny if my dreamhost site was modified or deleted.
Reply
Note: I think the status page has died due to anxious customers.
Apparently the hackers stole usernames and passwords and have used the data to place spam/ads/redirects into various web sites.
You can check if you have been hacked buy:
- Login via ssh (do not use telnet!)
- Execute one or more of the following commands:
- 'last [username]'
^^ shows you last login times - check for when you know you didn't
- ls -a -c -lt -h -R > /yoursite.com/dirlist.txt
Check the dirlist.txt file it creates for files recently modified.
- find ~/mydomain.com/ -mtime -3-
&& Finds all files modified in the last 3 days - you might want to extend this period a bit. (does almost the same as the 'ls' command above)
Reply
Leave a comment