Some rotten toads hacked the IGA website.
Why do people have to do that. I have had to spend 3 hours now getting it cleaned and reinstalled etc before it can be unsuspended.
RAGE


PS: Anyone know where to find the A-Team?

3 hours? You don't have backups? If you back up regularly, it should take you a very short time to reload everything. Just sayin'...

_________________
My blog about Macs and more: Kirkville

Kick a man while he's down, why don't you?!

Kicking a man when he is up is rather difficult; the best time is when he down. Backup early, backup often. Any computer professional should know that.

Best wishes.

_________________
No aji, keshi, kifu or kikashi has been harmed in the compiling of this post.
http://www.gogod.co.uk

I'm surprised you didn't tell him this wouldn't have happened if he'd been using a Mac.

Nothing to do with Macs. I manage a bunch of web sites and forums (all on hosted Linux servers). I have daily backups of the SQL databases, and regular backups of all files. If something like this happens, just delete everything and reload the backups.

Of course, you need to find how the hackers got in, which is a more serious problem. If you're using a CMS, you look for vulnerabilities; if not, there's a problem with your host.

_________________
My blog about Macs and more: Kirkville

AGA is looking for a new webmaster, maybe they can help you find one too... ^_^

_________________
Decisions are made by those who show up.
and possibly those willing to attend secret meetings in ancient basements

And the three hours thing might mean with backups. KGS does a nightly backup to my server at home, but I have several gigabytes of database and a few hundred GB of game records. Plus there's a lot of configuration involved. If I had to start from a freshly formatted disk with just the OS (which is always best after being hacked), it would probably take me a solid day of hard work to get things working, then another day or two to get all the games put back.

Are the game records not stored in a database? I ask purely from curiosity

_________________
1k KGS

3 hours is roughly the entire timeframe for the trouble.
Discovering the website has some problem, figuring out what on earth is going on, finding out how to actually get some support from your hosting company, working out what to do (because it is not my job), doing it..

No, they are not. Multi-kbyte blocks of data can go into a database as BLOBs or TEXTs, but usually a plain file system is more efficient (especially if the files are rewritten frequently, as is the case for in-play KGS game records). After all, a file system *IS* a database, in that it maps file names to streams of data, and it does that extremely efficiently.

In addition to the runtime efficiency issues, having them as separate files makes it a lot easier to work with the backups; backing up 40 million smallish files, only a few thousand of which change or get added every day, is pretty easy. Backing up a 350GB database is a lot more effort.

hey there Mr.WMS

could you put up a torrent of the KGS database

it might be fun to look at.

"It might be fun?" 350 GB to download just because "it might be fun"? Geez...

_________________
My blog about Macs and more: Kirkville

How is it easy to hack a web site? Do you have a firewall?

I'm not a expert but do your web site use other than 8080 port? Close any other unused ports.

One of the most common types of attack is exploiting a known whole in standard web-applications like CMS, forums,...

_________________
Sanity is for the weak.

Welcome to the future.

Out of curiosity, who would hack IGA website?

A hacked website can be used to, for instance, host your own content - you could hide an entire new website in the original url somewhere. You could put links and advertisements to your other sites in. You could also, potentially, gain access to information about the site's users - email addresses (valuable for spam), and passwords. And you can do this automatically, for some vulnerabilities.

So the answer is, anyone who wants to do these things.

Plenty of websites are hacked to serve ads and malware. Check your spam - most of the links to viagra sites are legit sites with extra pages added on their servers. But those hacks are not visible.

_________________
My blog about Macs and more: Kirkville

The only problem is private games. I would have to filter them out. Not super hard, but something I just have never gotten around to. Once I did that, a torrent for each month would be a fine idea.