PUPPYLINUXSTUFF/MEOWNPLANET.NET..

News, happenings
Message
Author
User avatar
russoodle
Posts: 707
Joined: Fri 12 Sep 2008, 17:36
Location: Down-Under in South Oz

PUPPYLINUXSTUFF/MEOWNPLANET.NET..

#1 Post by russoodle »

Hi guys,

It's with the ultimate degree of frustration and anger that i'm obliged to advise that my VPS has been seriously hacked. Maddening thing is that i don't use php, perl or other scripts on the site, just simple css and html, yet some lowlife has nevertheless managed to exploit it somehow :twisted: :evil: :twisted:

I don't know what damage might've been sustained, or how long it will take to restore things to normal, but i do know that my host is currently investigating....as soon as i have any (hopefully!) positive news, i'll update this post.

My sincere apologies to all puppians whose files reside in this area of the kennels, and to all users and supporters of my site.. :cry:

EDIT: users' pawswords will have to be changed, so i'll take care of that and update those concerned....thanks for your patience and support..

************************

UPDATE: For those who didn't see this announcement or aren't aware, i'm not closing my site or anything, the issue is that the site was hacked and my hosts have closed it until all hackers files have been cleaned out. I'm delighted to hear that there's no damage to any of our Puppy files, the hackers have just tried to use my server to install phishing malware and other rip-off tactics :twisted:

Couldn't have happened at a worse time, as i have a terminally-ill sister and was just going away to spend a few days with her when all this started! She's still visiting but i'm back home now, so it's easier to keep a paw on the pulse of what's going on..

I've been informed that it shouldn't be long before the host is satisfied that things are clean and secure, so fingers crossed for more news soon...

************************

ANOTHER EDIT:
So much for timely action on the part of my host, who is no longer my host, as i can't tolerate their heel-dragging and woeful lack of communication any longer! My domain will shortly be transferred to another host but the site will be rebuilt from scratch, so this will take a little time...it's tiresome but i don't want to risk any potentially suspect files causing any further grief and inconvenience to users or myself....however...I'll be keeping as much of the internal directory structure intact as possible, because to change that would break a lot of links and create even more headaches for some users.

For those who've had enough of being stuffed around, i know Smokey01 and Caneri are willing to help out with server space for Puppy-related files - thanks, guys! - and to those who are still hanging in there, i'll get things online as quickly as i can..

~ ~ UPDATE Sat July 20 ~ ~

Things are looking up - pls see post on page 2 :D

~* FURTHER UPDATE Tues. July 12 *~

OK puppians...pupsters...some user accounts can once again be accessed and files downloaded! Internal directory structure is the same as before, to minimise broken links.

At this moment, accessible directories include:

01micko
10wt3ch
aarf
abushcrafter
alexandrion
argolance
battleshooter
catdude
choicepup
darkcity
DaveS
dejan
deltapup
Dingo
ETP
fatgamespup
gulk
hacao
happypuppy
Idolse
kitchenpup
LegacyOS
lupu500
mediapup
multiuser
newyearspup
NOP
producerpup
PSIP
Pupeez
PuppyFancy
puppyluvr
quirky-wary
RevPup
saturn-brainwave
Scim
sPup
starhawk
SucciLinux
swiatmar
Tipsy
vanchutr
zigbert


Been having a hell of a time re-uploading files....two blackouts
and many files in the uploading process lost! Not to mention woefully slow upload speeds (around 20kb/s!), so the remainder will take as long it takes, sorry.. :roll:

I'll add to the list above as the uploads complete..

Please just ignore the index page if you happen to go there - i haven't had the time to play with the cosmetics yet, too much on the plate with RL..

I am imposing a couple of conditions - please no uploading any php or javascript files - i know most of you don't but i have to put it out there, thanks.

@Starhawk and anyone else who had an account on my server: if you want to rejoin the troops, please let me know and i'll create a new account and pawsword for you.

Thanks again for the patience and support :D

Cheers,

russoodle

PS: If anything like this ever happens again, (and with the thieving/phishing/unethical lifestyle currently in vogue, it'd be naive to think it won't, despite security in place!), it'd really help if account-holders backed up their own directories locally, so restoration wouldn't be the time-consuming PITA for me that it currently is - easy too to keep file structures intact :wink:
Last edited by russoodle on Sat 10 Aug 2013, 11:45, edited 19 times in total.
[i][color=Green][size=92]The mud-elephant, wading thru the sea, leaves no tracks..[/size][/color][/i]

starhawk
Posts: 4906
Joined: Mon 22 Nov 2010, 06:04
Location: Everybody knows this is nowhere...

#2 Post by starhawk »

Sorry to hear of this. It's quite a shame that people have to mess things up for some sort of BS personal gain. Rodney King put it best, I think: "Why can't we all just get along?!"

User avatar
russoodle
Posts: 707
Joined: Fri 12 Sep 2008, 17:36
Location: Down-Under in South Oz

#3 Post by russoodle »

starhawk wrote:Sorry to hear of this. It's quite a shame that people have to mess things up for some sort of BS personal gain. Rodney King put it best, I think: "Why can't we all just get along?!"
Thank you, starhawk....yes, i think we should have open season on these lowlife bottom-feeders (if caught, of course) :twisted: :twisted:
[i][color=Green][size=92]The mud-elephant, wading thru the sea, leaves no tracks..[/size][/color][/i]

User avatar
01micko
Posts: 8741
Joined: Sat 11 Oct 2008, 13:39
Location: qld
Contact:

#4 Post by 01micko »

Man that sucks!

I was just talking security with a forum member and told of all the rotten traffic trying to crack my firewall. You should see my router logs... mostly Russian and Chinese IP addresses.

It's a jungle out there!
Puppy Linux Blog - contact me for access

gcmartin

#5 Post by gcmartin »

Some of this looks like redirects or bounces thru those countries, too.

User avatar
zigbert
Posts: 6621
Joined: Wed 29 Mar 2006, 18:13
Location: Valåmoen, Norway
Contact:

Re: DOWNTIME - PUPPYLINUXSTUFF/MEOWNPLANET.NET..

#6 Post by zigbert »

russoodle wrote:thanks for your patience and support..
I am patience and I am the one who should be thankful


Sigmund

User avatar
Argolance
Posts: 3767
Joined: Sun 06 Jan 2008, 22:57
Location: PORT-BRILLET (Mayenne - France)
Contact:

#7 Post by Argolance »

Hello,
I am patience and I am the one who should be thankful
... Quite the same! :wink:

Cordialement!

kfgz
Posts: 2
Joined: Tue 19 Jun 2012, 21:04

#8 Post by kfgz »

Hi,

I can host pburn on my server absolutely free. Zigbert, if you are interested please send me pburn-4.0.0.pet via email - kfgz@interia.pl

Caneri
Posts: 1513
Joined: Tue 04 Sep 2007, 13:23
Location: Canada

#9 Post by Caneri »

Russoodle,

You will be welcome to use my space if you need it...and save money as well.

I can take many of your, or should I say, the users (devs) files if they are intact and not contaminated....the ftp account holders will need to confirm this...aka re-upload from clean sources.

Your thoughts Suzz?

Ericz
[color=darkred][i]Be not afraid to grow slowly, only be afraid of standing still.[/i]
Chinese Proverb[/color]

User avatar
ally
Posts: 1957
Joined: Sat 19 May 2012, 19:29
Location: lincoln, uk
Contact:

#10 Post by ally »

I was planning on uploading devs to the puppy channel on archive.org when I'd finished with the puppies

If interested I will set up some guest accounts so files can be uploaded

pm me.....

:)

Caneri
Posts: 1513
Joined: Tue 04 Sep 2007, 13:23
Location: Canada

#11 Post by Caneri »

Hooray!! for ally Suzz,

There are many solutions to the dilemma. If you can use the vps and "re-direct" in htaccess, this can handle moving url addresses to a new server so it's not all bad...takes time

pita....be well suzz
[color=darkred][i]Be not afraid to grow slowly, only be afraid of standing still.[/i]
Chinese Proverb[/color]

User avatar
russoodle
Posts: 707
Joined: Fri 12 Sep 2008, 17:36
Location: Down-Under in South Oz

#12 Post by russoodle »

01micko wrote:Man that sucks!
....snip
It's a jungle out there!
You're not kidding! Bunch of b****y bogans..
zigbert wrote:
russoodle wrote:thanks for your patience and support..
I am patience and I am the one who should be thankful
Sigmund
.....
Argolance wrote:Hello,
I am patience and I am the one who should be thankful
... Quite the same! :wink:

Cordialement!
Makes me even happier to host for guys like you - thanks so much!! :D
Caneri wrote:Russoodle,

You will be welcome to use my space if you need it...and save money as well.

I can take many of your, or should I say, the users (devs) files if they are intact and not contaminated....the ftp account holders will need to confirm this...aka re-upload from clean sources.

Your thoughts Suzz?

Ericz
Ah, Ericz....thanks Canuck, you're a gem! Unfortunately, i can't access anything on the server yet, not until they've rid it of all the nasties that have been installed.

As mentioned above, it looks as if no users' files have been contaminated, which is a huge relief, but will leave it to the remaining account holders to confirm... a few devs have already made other arrangements for their hosting, which saddens me, but who can blame them? I'll just have to re-evaluate the situation when i can access the server and decide what to do - i hate to see users unable to upload/download and be so inconvenienced, it's infuriating..
....Suzz
ally wrote: I was planning on uploading devs to the puppy channel on archive.org when I'd finished with the puppies

If interested I will set up some guest accounts so files can be uploaded
Thanks ally, i see you've been doing a whale of a job for the Puppy community - we're lucky to have members like you!

russoodle
[i][color=Green][size=92]The mud-elephant, wading thru the sea, leaves no tracks..[/size][/color][/i]

nooby
Posts: 10369
Joined: Sun 29 Jun 2008, 19:05
Location: SwedenEurope

#13 Post by nooby »

01micko wrote:Man that sucks!

I was just talking security with a forum member and told of all the rotten traffic trying to crack my firewall. You should see my router logs... mostly Russian and Chinese IP addresses.

It's a jungle out there!
Oops good that you tell us. How do I check up these router logs then?

Russ so sad such happens. Thanks providing that service
and hopefully the tech guys find out how to clean it up.
I use Google Search on Puppy Forum
not an ideal solution though

jamesbond
Posts: 3433
Joined: Mon 26 Feb 2007, 05:02
Location: The Blue Marble

#14 Post by jamesbond »

Sorry to hear this Russ.

Hopefully it will get sorted soon. People like you and smokey01 are providing value service to many people, and it is only obvious how important it is after the blackout happens :(

cheers!
Fatdog64 forum links: [url=http://murga-linux.com/puppy/viewtopic.php?t=117546]Latest version[/url] | [url=https://cutt.ly/ke8sn5H]Contributed packages[/url] | [url=https://cutt.ly/se8scrb]ISO builder[/url]

User avatar
russoodle
Posts: 707
Joined: Fri 12 Sep 2008, 17:36
Location: Down-Under in South Oz

#15 Post by russoodle »

Thank you for your kind thoughts, nooby....i'd hoped to be back online before now but it seems they're still working on cleaning things up.. :(

@jamesbond.. thanks James....it's such a pain and rather like being caught with one's pants down :shock:

Talking to Smokey01 on psip last night and he said something about an attempted DDoS on his server....seems like this sort of garbage is becoming endemic these days and i remember that poor Eric put up with a lot of this sort of crap, too. When - and why - did people's brains become so negative geared, i wonder..? :evil: :twisted:
[i][color=Green][size=92]The mud-elephant, wading thru the sea, leaves no tracks..[/size][/color][/i]

Caneri
Posts: 1513
Joined: Tue 04 Sep 2007, 13:23
Location: Canada

#16 Post by Caneri »

Hi russoodle,

After all this time it's best to let your vps die...rebuild if you want, but I would let it die and let the ftp users find new space "aka" rebuild a server from new files.

All those files are now suspect and not to be trusted as far as I'm concerned.

All my best Suzz,

Ericz
[color=darkred][i]Be not afraid to grow slowly, only be afraid of standing still.[/i]
Chinese Proverb[/color]

Caneri
Posts: 1513
Joined: Tue 04 Sep 2007, 13:23
Location: Canada

#17 Post by Caneri »

To Add,
Russodle,

It's amazing how fast ftp users will find new servers to upload to...I would take a break and save some money. Rest and move on Suzzz

I will take some of your users if they can handle my restrictions.
[color=darkred][i]Be not afraid to grow slowly, only be afraid of standing still.[/i]
Chinese Proverb[/color]

User avatar
russoodle
Posts: 707
Joined: Fri 12 Sep 2008, 17:36
Location: Down-Under in South Oz

Future of PuppyLinuxStuff..

#18 Post by russoodle »

Hey Ericz,

Yes, although the files are supposed to be ok, i guess they are suspect, so they'll have to go...i have a fair bit of stuff backed up locally, so not everything will be lost.

I've sacked my host for their heel-dragging handling of this crapola but i won't save any money because i'm transferring shortly to a new host (VPS) :roll: Yeah, i can't help myself.... have to rebuild the site from scratch and will also try to have a better-organised setup this time, although being well-organised is not something i'm usually accused of!

Thanks for your offer to host some of the users from my server - i guess it's up to them to decide what they want to do, but i imagine most of them will be tired of waiting around..

Cheers matey..
Suzzz
[i][color=Green][size=92]The mud-elephant, wading thru the sea, leaves no tracks..[/size][/color][/i]

penguinpowerppp
Posts: 5
Joined: Sat 14 Apr 2012, 23:49

#19 Post by penguinpowerppp »

If not already done, only allow FTP write access over SSH. Gftp handles it fine and plain old ftp can be hacked by any script kiddy.

User avatar
Dingo
Posts: 1437
Joined: Tue 11 Dec 2007, 17:48
Location: somewhere at the end of rainbow...
Contact:

Re: Future of PuppyLinuxStuff..

#20 Post by Dingo »

russoodle wrote:Hey Ericz,
Yes, although the files are supposed to be ok, i guess they are suspect,
a dumb question:

if you change the md5sum of files by adding nothing but else than a simple space at bottom of files like this:

Code: Select all

for f in *.pet; do echo " " >>$f; done
can be this enough or not to avoid the need of deletion? It is possible I don't read carefully
replace .co.cc with .info to get access to stuff I posted in forum
dropbox 2GB free
OpenOffice for Puppy Linux

Post Reply