Hi Ana, >We are now thinking to change from Joomla to static HTML sites >or PHP but a lot of the dynamic content should be gone. Sad >dilemma! We try to protect the password of the "super >administrator" using a random tool who change the password >every day, to difficult to the hackers to go in.
On the furtherfield blog (http://blog.furtherfield.org), Aileen Derieg is the super admin. Ruth & I set it up ourselves originally then because we already too much to do everything just got out of hand. Aileen volunteered her time to help us out with the blog and is monitoring it constantly, she has been an extremely valuable individual who knows the deeper side of drupal. In fact, Ruth visited her earlier this month in Linz, to take personal lessons to learn more about Drupal and its deeper tech, for another project that furtherfield are involved with soon with another group called Street Training (http://www.peckhamspace.com/project/street-training) this is not the blg by the way, it is not public yet. Without the brillaint passion and skills from people like Aileen, Neil Jenkins and many others furtherfield would be an even more shakey ship than it already is. The list goes on... It's funny, I love HTML - sometimes I wish for the days when one can just upload a simple page of HTML. But because we are now all socially networked, the threat of others (hackers, spammers) taking advantage of possible flaws and weaknesses in the systems are much higher. We also change passwords but no matter how safe we think a system is sooner or later some bugger comes along and proves that you were deluded, to think such a thing. The most important thing really is to have back ups, copy of the whole server so everything can be put back up again. Even this takes time. marc > Wonderful post, Marc, worth to be blogged out in different platforms!! :) We are now thinking to change from Joomla to static HTML sites or PHP but a lot of the dynamic content should be gone. Sad dilemma! We try to protect the password of the "super administrator" using a random tool who change the password every day, to difficult to the hackers to go in. > I love hacking as concept but I hate people hacking in our activists sites, they should aim to Pentagon, KGB, Wall Street, CIA and Mossad, and leave us activists people alone :) > Ana > > On Thu, Aug 14, 2008 at 6:45 PM, marc garrett <[EMAIL PROTECTED]> wrote: > > Hi Ana, > > Over a period over 12 years now, we have had so many different problems. > One of the main issues in regard to server vulnerability for us, has > usually been whether things have been done when certain individuals said > that they had done them. At the time, you think everything was all dealt > with, and then it takes an emergency such as a diskdrive dying on the > server or a hack to see how things really are. > > One of the problems we have had, is to do with the fact that we so many > different things on one server. Some of the projects (artware) > themselves can cause problems, leaving the server open to hacks. > > LIke you mentioned, blogs can be pretty awful. This is more problematic > due to spam. We sometimes get spambots hammering the blogs with relays > of rubbish. weighing down the server till it crashes. This can sometimes > happen with Netbehaviour as well. FIlling up mailboxes... > > The other thing, is that we have other people on the server, who have > their own projects - they can sometimes leave telnet open, and a hacker > finds their way in this way. > > This time - they managed to hack themselves an admin password onto the > furtherfield cms and actually change the content itself. The funny thing > is - I could see them doing it as I looked at the interface, before my > very eyes today. So, it was caught immediately. It could of been much worse. > > One of the main problems for us is that, we are a victim of our own > success. We've got an awful lot of people using all the different types > of platforms, connected to furtherfield, such as furthernoise, > vs-studios, ff-blog & netbehaviour, this increases the amount of things > that could go wrong. Furthernoise & Furtherfield are hand coded, made to > spec PHP CMS, then you've got the blogs which are mainly drupal, then > you've got vs-studio which is a hybrid adhoc of flash, html & perl > scripting etc, as well as other stuff all on one server. > > One of the solutions, which we will be dealing with in the future will > be to make al the systems drupal - those which are not actual artware > projects that is... > > The main issue is working with people though. Communication and follow > through are the main key issues for us. This is because Ruth, myself & > Neil used to everything ourselves, but because times have changed with > other projects needing attention, and there are others out there who are > more highly skilled than we are now, plus we cannot do everything - > other factors come into play... > > The other problem is managing this chaotic, networked community of beasts! > > I can't complain - I love the communities that I am part of and would > not be involved in anything else:-) > > marc > > > i Marc and Ruth. Our green site Ekopolitan, www.ekopolitan.com is hacked > a few times every week, they find loopholes in our system and hijack our > databases and our registers. My friend Mats think it's a try to use our > site to store pictures and send them in massive mail attacks. Our site > is made in Joomla and it seems Joomla is very vulnerable to hackers. We > turned off our blog system and our comments and it went down. Do you > think the hackers who attack Furtherfield use the same method and sneak > in the site through the blogs and the comments? > Ana > > On Thu, Aug 14, 2008 at 5:42 PM, marc garrett > <[EMAIL PROTECTED]> wrote: > > Hi Renee, > > Thanks for the support, > > As many know, we have been hacked a few times already. This > (thankfully), is not as bad as the others - we have isolated the > problems. There are other complications (as usual) but we are gradually > dealing with them as well. The site is stable, but data will not be 100% > restored until tomorrow... > > wishing you well. > > marc > > > > Hey Marc, Ruth and other furtherfielders, > > > > Hang in there and much strength getting things up and rolling again. > > > > Renee > > On 14 Aug 2008, at 14:29, Ruth Catlow wrote: > > > >> hi Netbehaviourists, > >> > >> Furtherfield is currently under attack. > >> > >> Searches point us to this URL > >> http://www.3asfh.net/vb/showthread.php?p=607361 > >> > >> Can anyone give us enough of a translation to understand more about > >> what's behind this? > >> > >> cheers > >> Ruth > >> > >> <FF_hacked2.jpg>_______________________________________________ > >> NetBehaviour mailing list > >> NetBehaviour@netbehaviour.org <mailto:NetBehaviour@netbehaviour.org> > >> http://www.netbehaviour.org/mailman/listinfo/netbehaviour > > > > http://www.fudgethefacts.com/ > > http://www.geuzen.org/ > > > > > ------------------------------------------------------------------------ > > > > _______________________________________________ > > NetBehaviour mailing list > > NetBehaviour@netbehaviour.org > > http://www.netbehaviour.org/mailman/listinfo/netbehaviour > > _______________________________________________ > NetBehaviour mailing list > NetBehaviour@netbehaviour.org > http://www.netbehaviour.org/mailman/listinfo/netbehaviour > > > > > -- > http://www.ekopolitan.com Grön sajt/Green > > http://caravia.stumbleupon.com > http://www.crusading.se > Gondolgatan 2 l tr > 12832 Skarpnäck > Sweden > tel +468-943288 > mobil 4670-3213370 > > > "When once you have tasted flight, you will forever walk the earth with > your eyes turned skyward, for there you have been and there you will > always long to return. > -- Leonardo da Vinci > > > > _______________________________________________ > NetBehaviour mailing list > NetBehaviour@netbehaviour.org > http://www.netbehaviour.org/mailman/listinfo/netbehaviour > _______________________________________________ > NetBehaviour mailing list > NetBehaviour@netbehaviour.org > http://www.netbehaviour.org/mailman/listinfo/netbehaviour > > > > > -- > http://www.ekopolitan.com Grön sajt/Green > > http://caravia.stumbleupon.com > http://www.crusading.se > Gondolgatan 2 l tr > 12832 Skarpnäck > Sweden > tel +468-943288 > mobil 4670-3213370 > > > "When once you have tasted flight, you will forever walk the earth with your eyes turned skyward, for there you have been and there you will always long to return. > -- Leonardo da Vinci > > > _______________________________________________ > NetBehaviour mailing list > NetBehaviour@netbehaviour.org > http://www.netbehaviour.org/mailman/listinfo/netbehaviour _______________________________________________ NetBehaviour mailing list NetBehaviour@netbehaviour.org http://www.netbehaviour.org/mailman/listinfo/netbehaviour
