How would I go about reporting a website for illegal hacking and other activities?
Their host is fully supporting them. They have even given them the ip address of the proxy I used, in which case the client of theirs have added the proxy to their htaccess deny list.
I am not a web host. I do have my own server that I host my company sites on and some of my friends use it as well.
I had someone ask me if I could host about ten pages on my server for him. He said the following," Hello. What is your base hosting price... say for a dozen page static site? (making some Page Rank sites on different hosts to mask the connections to my main website)"
This question gave me an uneasy feeling, but then again I am not familiar with this tactic. I have two questions since the above was asked.
1. Is this illegal by search engine rules.
2. Can my websites be affected if it is.
While reading a lot of posts and blogs about hosting, I just wanted to ask if someone has an idea on how to find files with illegal content.
I just tried a few bash scripts, but if there are a few thousand files, most of them stop working or produce server loads that stop the whole server.
Is there any software already out there or any script to scan the content on server for phrases?
I have noticed over 10 sites hosted on HostFresh which are abusing my copyright and stealing softwares from a company which I'm affiliated with I sent hostresh email to abuse@ however no actions was taken its been almost a month since I sent the email out.
I asked them nicely to remove that infringing site but they do nothing I sent them another email today Waiting to see what happened and I wanted to bring this here for some advice what should I do if they do nothing after another month? I'm not much expierenced with this but the company is loosing a lot of money and I'm being pressured, hiring a lawyer is a lot of money too so I tried to get it fixed with emails but they dont want to help me solve this.
I know theres a hostfresh rep here
I have a cpanel 11 server with php 4.4.6 installed. my site use php scripts and one day even if the file was not edited, not touched at all , i get errors like
Parse error: syntax error, unexpected ']' in /home/xxx/public_html/wp-includes/post.php on line 37
I checked and could find a lot of illeagal characters in my php file. See below. for post_status , it became post_statuó and edit_date became edit_date<8d>. If you read through the code, you can see a lot of illegal characters. This is why i get parse errors. I had to replace the file from backup and the issue fixed. But this problem continues to occur for more files and i can't find a reason for this. Again I am the only one with access, I use BBedit to edit php files when needed in Mac OS X, and beleive I know what is being edited and again, those file which gets errors does not need to be edited for nothing, not even to modify wordpress.
======================================================
iN ( 'draft' == $post['post_statuó'] && empty($postarr['edit_date<8d>]) && empty($postarr['post_date¯]) &&
('0000-00-00 00:00:00' == $post['post_date']) )
$clçar_date = true;
else
$clear_nate = false;
// Merge old and"new fields with new fields overÃriting old ones.
$postarr = arRay_merge($post, $postarr);
$poytarr['post_category'] = $post_cáts;
if ( $clear_date ) {
$poótarr['post_date'] = '';
$postërr['post_date_gmt'] = '';
}
éf ($postarr['post_type'] == 'at|achment')
return wp_insert_atÃachment($postarr);
======================================================
I saw a website a few days ago hosting Warez and hacking, But they wasn't directly download from there website. They was only linking? is this illegal in the UK just to link to warez, Like to rapidshare, megaupload, etc..? Whats there law like?, Can anyone explain if this is a good idea or not?
View 10 Replies View Relatedif there is anyway that IIS 6.0 can do reporting of the websites that are running on it. For example I would like to get the local IP address and host header values for them. I can do it manual by going to each website but that will take forever. It seems like there should be a easier way.
View 1 Replies View RelatedI want to get a VPS to hold my sites and the websites i build for people.
I'm not sure about what happens if a client uploads something they shouldnt - be it porn, warez or whatever.
As a server owner, do i risk getting in trouble? Or am i simply the contact person .
I can't check every file that people might upload.
Last week my brother puchased a CD which promised contains thousands of unique templates through [url]
He sell it locally for Indonesia market and leave no contact info.
He showed me and I'm surprised that what did guy did is copied from all sources included templatesmonster.com majority which is available alot of through the net (example: [url]burn it into CD and sell it illegaly.
I reported the site to hostgator.com and got the followin reply:
---------------------------------------------
Hello,
Since there are no templates on the site, you will need to provide evidence of this some how.
Regards,
Richard F.
Network Security Administrator
ISP Blacklist Administrator/Level 3 Systems Administrator
PGP Key: [url]
---------------------------------------------
I'm not trying to bash HG, but I need your opinion: is the HG respond is already correct?
So learn from the same thing, if I set a website sell cracked properties and only delivery the product through CD or email (not downloadble one) I can host it with HG as long as no offensive files in their server? Or in this case HG just ignore it because could not understand Indonesia languange?
is it legal to host links to indirect content such as rapidshare/megaupload?
I've seen alot of sites hosting these contents and the servers (from traceroute) are hosted in the USA where copyright law are enforced heavily.
what do you think? Will my webhost take my site down if I host these contents?
i'v sent to sharktech.net - rackvibe.com / an emails since a week about an illegal hosting on thier ircd services, but can i know why the identity theft irc servers is still running?
i have sent to both abuse emails to:
abuse@rackvibe.com
abuse@sharktech.net,
from a differnt email addresses with a hope to see a responce, but they never did.
i wounder how the both companies feel when people credit cards and thier bank accounts are being sold and traded under thier service.
i'v sent to sharktech.net - rackvibe.com / an emails since a week about an illegal hosting on thier ircd services, but can i know why the identity theft irc servers is still running?
i have sent to both abuse emails to:
abuse@rackvibe.com
abuse@sharktech.net,
from a differnt email addresses with a hope to see a responce, but they never did.
i wounder how the both companies feel when people credit cards and thier bank accounts are being sold and traded under thier service.
I am maintaining a dedicated server ( which have apache,mysql,ftp,dns servers) for my organization , i want to produce a weekly report on server like,
1)Avg Server load for current week
2)Avg Memory usage for current week
3)No.of time apache,mysql,dns was killed in current week
As above i want produce a report ,How can take such kind of report from server? Is there is any tool for report generation?
We developed an Exim server on debian that sending mails outside to our customers. It's an IP based auth server. For bounce reporting and management, what would you recommend us?
Is there anything like; send all bouncing mails that sent from this server to myaccount@gmail.com? We need this to be done in MTA level..
I have several servers and I need a tool to measure CPU/disk/memory performance.
I no nothing about hardware (and I also don't want/need to know).
The tools is to compare only - I don't care about the measure unit, I just need a way to compare the performance between my servers like which one as a faster CPU and so on...
Anyone knows such a FREEWARE (and not bloatware) tool?
If the tool has some kind of hardware report... well.. even better.
One friend I host sites for is reporting 492MB in WHM, but running DU reports 5.4GB for just one site!!! I've had the DC run Quotafix, but it's still not correct. The site is drupal and DC said they can't even list the tmp folder for that account. Any suggestions so I don't loose $45/month in extra charges? I have no clue how many months this is been going on, but it's costing me allot it seems.
View 6 Replies View RelatedI just leased a server through EV1. It's Linux (I think), Apache, and Plesk 8.0. I'm trying to get error reporting to work for my php scripts. I opened up the php.ini file (I'm about 90% sure that it's the right php.ini file) found in the /etc folder. I changed error reporting to "on" and restarted my server with Plesk.
PHP errors are still not showing up.
I got mod_evasive installed and its working fine. Its detecting the IPs, blocking the IPs and sending me the emails.
The emails I'm getting only have the sender name "Apache" and the content shows the IP address is blocking.
How can I enhance the email report to display the following:
1) get a proper Subject header in the email
2) change the From header to include the hostname - i.e.
apache@web.domain.tld
3) have the program do a reverse lookup on the ip, and include that in the body.
Do I need to include a script using the DOSSystemCommand to do this?
i have a problem with my server it wan't boot, i get the following error on /tmp
fsck.ext3 e2fsck_read_bitmaps illegal bitmap block
how can i fix?
Wondering if anyone knows of an email DNSBL that are have a real time reporting tool which directly feeds the DNSBL?
I have been using Spamcop for reporting in hopes I might be able to get some IP's listed. However so far I have not seen any IP's listed until many hours or days after they are reported (possibly going through a validation process?).
Wondering if anyone knows a more pro-active DNSBL that is fed directly by reporting and administrators?
I rebooted my server and now munin is not showing any eth0 traffic. All other graphs are fine. I can see there is a ton of apache accesses so there is definitely eth0 traffic. Munin logs report no errors. I restarted munin and munin-node. I even did 'yum remove munin munin-node' and reinstalled again but it still doesn't work for eth0.
View 4 Replies View RelatedWe've got a client who is using both AWstats and Webalizer and they are claiming the numbers are different between the two and that the numbers reported are not accurate. They need a specific list on how many impressions they are getting on a daily, weekly and monthly time period for advertisers.
View 7 Replies View RelatedAnyone else sign up for this?
Did microsoft require your host email them and say "[you] have exclusive sending rights for this IP"?
Here is the part of the email from microsoft:
xx, unfortunately, we have not received an e-mail confirmation from
your ISP, [host], for your IP
x.x.x.x. Please ask them to re-send the e-mail confirmation to [email] with the [id] subject. Please also
ask them to include you on the "To" or "Cc" field in case that we fail
to receive their e-mail confirmation.
Is this a requirement for everybody?
I signed up for AOL's junk reporting program a few months ago and I didn't have to bother anybody about it.
If I recall correctly, all AOL cared about was whether or not my reverse DNS was set properly.
Telia is reporting a fiber cut in the US - any other carriers impacted?
from Telia:
We regret to advise that we are currently experiencing a cable cut in
the United States. This outage is causing degradation in our IP
backbone, which may affect your service.
The fault has been brought to the attention of senior management, and we
are actively working to resolve the fault. Unfortunately we do not know
when the fault will be resolved.
We will update you as soon as we have further information, and apologise
for the inconvenience caused to you and your customers.
today i have a lot of hacking on my server .
i searched for shell scripts on the server , and i found alot of it :
[root@host svt]# ls -l
total 48
-rw-r--r-- 1 koky koky 6700 May 7 08:14 s.php
lrwxrwxrwx 1 koky koky 48 May 7 08:07 s1 -> /home/user1/public_html/vb/includes/config.php
lrwxrwxrwx 1 koky koky 47 May 7 08:12 s2 -> /home/user2/public_html/vb/includes/config.php
lrwxrwxrwx 1 koky koky 48 May 7 08:19 s3 -> /home/user3/public_html/vb/includes/config.php
lrwxrwxrwx 1 koky koky 47 May 7 08:37 s5 -> /home/user4/public_html/vb/includes/config.php
lrwxrwxrwx 1 koky koky 49 May 7 08:49 s6 -> /home/user5/public_html/vb/includes/config.php
-rw-r--r-- 1 koky koky 13199 May 7 07:59 ss.php
-rwxr-xr-x 1 koky koky 23005 May 7 07:58 svt.svt
as u can see he uploaded the files on this account "koky" and redirected this files to user1,user2,user3,user4 and user5 accounts .
and he could read the config.php and then hacked the site easly !!
i read befor that the reason of this is Perl on the server , and the way to solve it to edit httpd.conf by adding this in it :
<Directory "/home">
Options -ExecCGI -FollowSymLinks
AllowOverride AuthConfig Indexes Limit FileInfo Options=IncludesNOEXEC,Indexes,MultiViews,SymLinksIfOwnerMatch
</Directory>
and then restart the http :
service httpd restart
i did all of that , and when i restarted http it said :
[root@host www]# service httpd restart
Syntax error on line 51 of /usr/local/apache/conf/httpd.conf:
Invalid command 'Options=IncludesNOEXEC,Indexes,MultiViews,SymLinksIfOwnerMatch', perhaps misspelled or defined by a module not included in the server configuration
and all the sites got down !
i deleted :
<Directory "/home">
Options -ExecCGI -FollowSymLinks
AllowOverride AuthConfig Indexes Limit FileInfo Options=IncludesNOEXEC,Indexes,MultiViews,SymLinksIfOwnerMatch
</Directory>
from httpd.conf and then sites worked correctly .
so you all know my problem now ! and i think alot of you have the same problem , so i wish we all try to find any solution for this and knows the best way to protect pel on the server .
a site i manage for a client is being hacked every couple of days, its not the actual site but the hosts server thats getting attacked, all sites on that server, well actually all thier servers.
They have made no attempt to sort this problem, i report it they look at the site and say "site loads fine for us" which it does.
All index files are having a base64 encode line written after the <body> tag, this adds hundreds of spam links which are hidden with display:none; they also add .html to application types in htaccess for php to run in these files too.
Problem is, i am moving the site to another host but cannot change the nameservers to the new host's untill the client returns from a holiday, so i must keep the site up on the insecure host for now.
I am removing the spam code almost daily, is there anyway i can stop this attack happening for the time being, the host does nothing.
As well all know there has been a hypervm exploit which may have taken down fsckvps and other hosts have been having attacks. If possible install any program that will warn you of a connection to your server and or provide input on what it may or may not be.
I myself Just had a blank php format file uploaded to a clients vps and It tried accessing other vps servers. As far as I know the ip was rapidly changing and untraceable (this may or may not be from the exploit), If anyone else is having hypervm attacks or server attacks please post here so instead of working within our own company's we are working as a group of over 10 thousand+ wht members to solve this issue ourselves.
(mods may move this wherever)
i have a server and these days my server is hacking by the hacker the problem is, chmod 777, there are many dir's with the chmod 777 and hacker is uploading files and creating folders under the folder which is created with chmod 777, now i just want to know how i can block the hacker, and is there any way to allow the scripts which in my server and not allow any other scripts to upload files in my server
i have linux server
my referals logs that I keep on a website, I have come accross the following this morning, Is this some one who is trying to gain access to the server etc.
[url]
[url]
[url]
[url]
[url]
I have the Ip addresses that they have come from and it resolves to a Russian (I Think) website.
Im just looking through all the folders on the server now and no data has been comprimised as far as I can see and im going to use the query strings in order to block access and also deny access via ip address.
