I have personally helped three different stations that the php pages are getting hacked there is a huge security flaw found which allows people to setup fishing on your site emailing banks for personal info and so much more
I have has all three attempt to contact Spacial but it is always read the forums....... it is not a forum issue it is a SECURITY FLAW in the php scripts; this does not seem to be important at this point. I understand people are responsible for their own site, but seeing the pages are packaged with SAMB they appear as though they are production quality scripts which are not true. I do know that the html files are safe at this point. It is sad to me knowing that 3 stations I personally know have shut down and sold their stuff because their websites we hacked through the php files that are delivered when purchasing SAMB. I Love SAMB it is a great product but something needs to be done more that Chris telling people to read the forums As the answer is not there. Just my two cents << END RANT >> Bill Curd Hope Radio Online www.hoperadio.us 270-589-1737 http://players.hoperadio.us -----Original Message----- From: [email protected] [mailto:[email protected]] On Behalf Of Bill Sent: Monday, July 28, 2008 8:08 PM To: 'Antifmradio'; [email protected] Subject: RE: [General-discussion] Sam PHP: Hacked for the 5thtimethismonth!!!!! Also... WHERE is this server... is it outside a DMZ... is it behind a firewall, behind a router? I've run php for 4 years. Nothing. MY sql/sam server is behind a firewall/router and the ip address is forwarded by the port calling to the correct server. Bill www.thexlive.com Where Music Lives... -----Original Message----- From: [email protected] [mailto:[email protected]] On Behalf Of Antifmradio Sent: Monday, July 28, 2008 7:58 PM To: [email protected] Subject: Re: [General-discussion] Sam PHP: Hacked for the 5thtimethismonth!!!!! Delroy Is it your SITE getting hacked or just the SAM pages? If just SAM pages.... what is the result of the hack... like what keeps happening? ----- Original Message ----- From: "Tony Partigianoni" <[email protected]> To: <[email protected]>; <[email protected]> Sent: Monday, July 28, 2008 5:23 PM Subject: Re: [General-discussion] Sam PHP: Hacked for the 5th timethismonth!!!!! > Delroy, > > If you are using the DEFAULT ports, change them and you'll be less > vulnerable. > > i.e. MySQL 3306 could be changed to 3309 or Broadcast port 8000 change to > 8101 > > If you're not behind a router, get a router and open up the new ports for > the broadcast computer. > > Don't leave any node OUTSIDE the DMZ. > > Cheers, > Tony > > ----- Original Message ----- > From: "En Sound Entertainment." <[email protected]> > To: "Spacial Audio" <[email protected]> > Sent: Monday, July 28, 2008 8:31 AM > Subject: [General-discussion] Sam PHP: Hacked for the 5th time > thismonth!!!!! > > >>I must admit that this SAM PHP thing is getting waaay too ridiculous as I >>have been hacked 5 times in this month alone, and can't seem to get any >>real help from those over at Spacial Audio. I submitted a ticket and was >>directed to the forum where I have to go through a truck load of posts to >>try and find the solutions to my problem, and still come up empty-handed >>and my site is hacked and is now locked by 1and1.com. >> >> When will this end? I know I am not the only one who has this problem. >> come on Spacial Audio; fix your issues before dumping them on us, >> remember that we paid for this software. I cannot afford your paid >> support not in this bad economy and I am not great at php at all, so does >> this mean I am screwed? I love your software and would recommend it, but >> lately I have been having second thoughts about that too!!!! >> >> >> >> Thank you, >> >> Delroy Souden >> En Sound Entertainment >> P.O. Box 32507 >> Newark, NJ 07102 >> Tel: 973-856-7115 >> www.ensound.org >> Email: [email protected] >> ________________________________________________________________________ ____________________________________ >> CONFIDENTIALITY NOTICE: This email, including any attachments, contains >> information from En Sound Entertainment, which may be confidential or >> privileged.If you have received this email in error, please notify the >> sender immediately by "reply to sender only" message and destroy all >> electronic and hard copies of the communication, including attachments. >> >> >> >> _______________________________________________ >> General-discussion mailing list >> [email protected] >> http://mailman.spacialaudio.com/mailman/listinfo/general-discussion >> >> TO unsubscribe to this list, simply send a blank email to >> [email protected] >> >> with the subject >> 'unsubscribe' >> > > > _______________________________________________ > General-discussion mailing list > [email protected] > http://mailman.spacialaudio.com/mailman/listinfo/general-discussion > > TO unsubscribe to this list, simply send a blank email to > [email protected] > > with the subject 'unsubscribe' _______________________________________________ General-discussion mailing list [email protected] http://mailman.spacialaudio.com/mailman/listinfo/general-discussion TO unsubscribe to this list, simply send a blank email to [email protected] with the subject 'unsubscribe' No virus found in this incoming message. Checked by AVG. Version: 8.0.136 / Virus Database: 270.5.6/1578 - Release Date: 7/28/2008 5:13 PM _______________________________________________ General-discussion mailing list [email protected] http://mailman.spacialaudio.com/mailman/listinfo/general-discussion TO unsubscribe to this list, simply send a blank email to [email protected] with the subject 'unsubscribe'
