I logged into my local webserver admin panel & found that I had, yet again, been hacked. It looks like the damage was very minimal & I’m back to 100% (as far as I can tell), but this hack came from Turkey again.
For those of you that remember my previous experience with crackers you’ll remember those came from Turkey. I thought I had blacklisted Turkey via iptables using the 85.96.0.0/12 subnet. This recent attack came from 85.98.46.46. I’ve added 85.98.0.0/12 to my firewall.. any other tips on subnets originating from that country?
I’ve decided that two things need to happen.
1) VHCS needs to release a security patch. It’s been months with this hole sitting wide open. I feel like I’m running windows here!
2) I’m going to stop doing anything but personal site hosting & manually do everything by hand. A little more work but more secure.
I’d appreciate any more tips on locking out Turkey via firewall.
UPDATE: I came across http://blacklist.linuxadmin.org after I originally posted this. There is a simple generator there that’ll block a long list of countries by port. Could be a very helpful tool!
Can’t you just limit access to the web interface via Apache or something? I’ve never used the product before, but it sounds like the type of thing that only a few people would need to get at.
After googling about for a bit, sounds like the project is nice, but suffers from a bad track record. Good luck with that.
If I were you, I would be looking at another solution besides VHCS. With their track record, and you grief, I would totally be ditching the product and complaining heavily to the devs that wrote it.
The javascript is harmless. It draws a red cross intersecting at the mouse point. There is an embedded mp3 with the mime type of “audio/x-xs-wma”. This could launch windows media player. I have looked at the MP3 and it doesn’t look like it has been fuzzed. I think someone just wanted to scare you.
oh yeah one last thing the javascript messes with the right click. probably trying to stop people from easily viewing the source. Like it is hard to click on the menu. Then again I have never claimed script kiddies are smart.