Thread: Hacked
View Single Post
  #1   Spotlight this post!  
Unread 23-10-2007, 23:42
whytheheckme's Avatar
whytheheckme whytheheckme is offline
Registered User
AKA: Jacob Komar
no team
  
Join Date: Feb 2006
Rookie Year: 2005
Location: Providence, RI
Posts: 1,320
whytheheckme has a reputation beyond reputewhytheheckme has a reputation beyond reputewhytheheckme has a reputation beyond reputewhytheheckme has a reputation beyond reputewhytheheckme has a reputation beyond reputewhytheheckme has a reputation beyond reputewhytheheckme has a reputation beyond reputewhytheheckme has a reputation beyond reputewhytheheckme has a reputation beyond reputewhytheheckme has a reputation beyond reputewhytheheckme has a reputation beyond repute
Send a message via ICQ to whytheheckme Send a message via AIM to whytheheckme Send a message via MSN to whytheheckme Send a message via Yahoo to whytheheckme
Re: Hacked
Are youtalking about punahourobotics.org (69.89.25.188)?

I see that you are using bluehost as your web hosting company. They kindly kept your personal info safe from the WHOIS database, but unfortunatley left a slew of information about themselves instead of paying to have it show up as anonymous.

It looks like they have ports 23 and 53 buttoned up well, which is good for you.

Ports 80 and 21 are open, which are expected (perhaps you can request secure FTP instead?). I also see 110 open, which is pop3 (do you have an email server?)

I also ran a custom scan on 3389, which is closed (another big relief).

You really need to talk to bluehost and find out exactly how the intruder got in (which port, service, and hacking method.) You are running off a server called box188 on their system. Ask them to send you a report on all secure traffic on this box.

If the problem persists, change hosting companies. There is obviously a problem with the security of their hosting.

Jacob