Did you get any name, IP address etc of this person ?
It will help people whom are hosts to block the person.
Today I would like to warn you about the user "cdos.eu.tv". He destroyed our web host. Let me leave it at that. He attacked almost every account on the server. The IC3 and I are tracking him. Currently, he is on a host called driphost.com. I emailed them all ready, as he already has his little hacking script online. He finds a host, hacks, then ditches. Be warned.
Well, with it being on what seems to be a free subdomain provider and a free inbox service, I will have to say the chances of it being real details are very low.
Would be wise to contact eu.tv though about it, they may be helpful.
The details held for that subdomain are. Real or fake, I do not know.
Rizal Fahmi (firstname.lastname@example.org)
23362 Aceh (Atjeh)
Sorry to hear about your host macaws .
And thanks a lot for caring to warn us all even in times of such a tragedy .
You have my condolences .
Take care bro .
And May Santa Get you a new server so you can start afresh...
$6 VPS and $100 Dedicated Servers!!<=
Now Good Quality comes easy on your pocket
how he hack the server?
did ur web hosting server provide ssh or he is doing it tru shell scripts?
I have 2 IPs. I believe they are both Indonesia.
Here they are:
He apparently uses fake details with some things.
He uses some sort of PHP script. The files that I can recall from it are:
And then there was some sort of config file. I was trying not to touch anything, because I didn't want to set it off.
oh, that means it is a shell script then.
anyway, as long as u secure ur PHP, he cannot do anything with it.
Our PHP installation IS secure. Which is why he worried us. Just, to all hosts.. be careful with this one.
i agree with Schmarvin,
if the PHP is well secured, there is no way a PHP shell script can execute any shell command at all.