WinCert downtime

[NIM]

Dear members and guest of WinCert.net,

in the last two days Wincert.net was offline due to a security breach on our hosting server. During that time our site was offline while our host was investigating this issue.

Unfortunately, we have a backup that is one week old, so all new member accounts and posts that were created during the past week are lost.

Hopefully, we'll get on track very quick and will forget this incident. I'm also inviting members which have lost their accounts to register again.

Please accept our sincere apologies for this server downtime.

If you experience any issues please let us know.

Kind regards,

WinCert.net Administration Team

[Scrat]

Security breach ! :1:

Site down ? I was thinking because the host was installing something !

[NIM]

LOOOL Scrat,

I like your images, even now when it's 1:00 am and I should work in the morning I'm still investigating around wincert..

No, actually it was deleted as a result of a successful hack of our host's WHMCS software. As they have seen from the logs your site was the only affected. A new administrator was created with the user 'WHMCS' and then WinCert.net was terminated from within whmcs from IP 78.129.128.154.

It looks like a vulnerability in whmcs script also in line with the recent 3.5.1 security issues of that software.

But I really don't understand why would anyone hack a friendly site like wincert? Or am I missing something?

[Guest ALtF4]

Scrat!

What's this?

you are unbelieveable :prop:

and ı still didnt udnerstand why sb try to do this

[MrNxDmX]

Me too. I just thank to god that N1K makes backups often. Thanks again buddy. We're again online.

[NIM]

Me too. I just thank to god that N1K makes backups often. Thanks again buddy. We're again online.

Well, I already started to make backups more often, now in daily manner Not an easy and quick task, about 500MB in zip file

[Bold_Fortune]

Wow. I'm sorry to hear that, N1K. I had something like that happen to me once, only it was an inside job.

Someone was once working on that type of thing for me. I didn't like what he did to it. He got pi$$ed and ripped my site apart.

He ripped out all the smilies, all the avatars, all the themes. He deleted many, many threads. He deleted my administrator account so I wouldn't be able to log into the controls of my own site.

It was such a mess. It took me weeks to straighten everything out. Imagine having to go through hundreds and hundreds of posts and deleting the remnants of smilies...you know the red x thing that shows up when the smilie that supports it is removed?

I had to delete many other threads, too, because the threads he deleted now made other threads not make any sense.

And all my posts, including my guide, now showed "Posted by Guest" instead of by Bold_Fortune.

What really hurt, though, he turned Sadie against me. He must have told her some real poo about me, because her and my relations have been strained ever since then.

But what hurt worse than that? Sadie never even asked me for my side of the story. She just took his word for it.

[docmike]

Thanks for all your work and keeping this site going!

Doc

[Guest Volgan]

what they need to do is do is weekly security updates like my hoster does, yea it every friday at midnight but atleast we won't get taken down by some rich white kiddie scripter who thinks he just gotten some reputation for doing that, hell i could do it myself in 15 minutes when it on a linux server with my own damn linux based pc, but the main point is that WC is back up and that is the gladly to see ya back up and running

[JurgenDoe]

We are back online Yeah :prop:

Great job Nick with the backups :icon_cool:

[bober]

is it possible the breach compromissed our emails?

[BUD]

Dear members and guest of WinCert.net,

in the last two days Wincert.net was offline due to a security breach on our hosting server. During that time our site was offline while our host was investigating this issue.

Unfortunately, we have a backup that is one week old, so all new member accounts and posts that were created during the past week are lost.

Hopefully, we'll get on track very quick and will forget this incident. I'm also inviting members which have lost their accounts to register again.

Please accept our sincere apologies for this server downtime.

If you experience any issues please let us know.

Kind regards,

WinCert.net Administration Team

Thank you for advising me that you are back and operating normally again.

Bud

[NIM]

is it possible the breach compromissed our emails?

I think not, as hacker breached the whmcs software which doesn't contain forum user information. I can't be 100% positive, but I would say no.

[Jonnyboy]

Glad you had the backups.

Glad your back online.

[galileo]

Well, I already started to make backups more often, now in daily manner Not an easy and quick task, about 500MB in zip file

@N1K

...not that I am pushing a product but, try out "Drive Snapshot" (a drive/partition/volume imaging tool)...."very" small footprint and "very" fast and runs from within the OS (or from a boot disk)....uses VSS so "hot" images can executed. Images are mountable for individual file recovery or are restorable for complete drive/partition/volume recovery). Multiple GB imaging/backup in 5 - 20 minutes...we image our data drives - 4 drives @ 100 GB each in 18 minutes per drive (or volume if you prefer...).

website: http://www.drivesnapshot.de/en/index.htm

We typically install the OS twice on different partitions thus, we can perform system maintenence - including system volume restores - from within a Windows XP or 2K3 environment...thus, no "boot disk" required....

...just some thoughts to make life....well, faster....

galileo

Edited August 26, 2008 by galileo

[NIM]

Thx galileo, but our hosting server runs Linux OS

[NIM]

Well,

what can I say, our host got hacked again and I was forced to switch to another host as quickly as I could.

I am terribly sorry for this incident as we've again lost several newly registered members and posts, but that was a one day loss.

Someone definitely don't like us, or me, or our host or somebody else. He maybe don't like no one in the world, who knows

But, even though I hate that hacker, I have to say that he got some skillz :prop:

[LUZR4LIFE]

Well,

what can I say, our host got hacked again and I was forced to switch to another host as quickly as I could.

I am terribly sorry for this incident as we've again lost several newly registered members and posts, but that was a one day loss.

Someone definitely don't like us, or me, or our host or somebody else. He maybe don't like no one in the world, who knows

But, even though I hate that hacker, I have to say that he got some skillz :prop:

LOL, I'd have to say they have skills also

[Guest ALtF4]

I hope we'll solve this problem

but ı think we should learn what he wants from wincert ...

and NIK got some experience

we lost only 1 day...

ı think this is good news..

Edited August 28, 2008 by ALtF4

[NIM]

I hope we'll solve this problem

but ı think we should learn what he wants from wincert ...

and NIK got some experience

we lost only 1 day...

ı think this is good news..

Considering we're located on the new server now, how's the speed of the site? Is everything working as usual or are you experience slower browsing?

[Guest ALtF4]

It's fast for me

Edited August 28, 2008 by ALtF4

[Guest snakecracker]

fast for me

and the host got hacked again??

why would they do that??

and yer they have got some skill!!

i know abit bout hacking bout not alot..

they could be practicing..

or they don't like something on this website??

well no-one will know unless they know them..

good job N1K and the Administration Team for getting this website back up and running!!

i was going abit mad without it.. i get bored quick..

[NIM]

I'm glad to hear that new host is fast enough. I'm behind the proxy at work and it's slower than ever before..

[NIM]

And again, we were down, and again because we exceeded our daily limit of 20 GB. If we have a better day we pass 40GB, so another problem emerged.

I really don't know what to do or where to go, we're moving more often than some circus, but that's just because I'd like to find a better server for us.

I'm thinking about iweb's dedicated servers for 100$/month, but that's huge amount for a month

I'm afraid to go back to swiftnic where we didn't have bandwidth issues, but we had 1 host hack and one unknown downtime of whole Swiftnic site couple of days after the first hack (perhaps another hack?). The biggest problem of swiftnic is a lack of support, my tickets are still opened, and I didn't get much replies from them.

WinCert.net hosting history circus.

- I can't even remember the first hosting company, I only remember downtimes on their shared hosting server.

- MSFN Hosting - We were satisfied until our traffic jumped which increased the need for processor time, mostly because of large php requests. We crashed MSFN hosting server along with other 100 sites on it several times before we moved to another server.

- Cano2 Hosting - Same thing as it was on MSFN hosting server. Number of crashes: 2

- SwiftNic Hosting - Very satisfied at start, but then problems emerged when some fool decided to hack us. After that we had some unexplained downtime and therefore I had to move once again, mostly because of lack of support.

- JaguarPC - (current hosting) we were very satisfied at start, but now we have problems with our daily bandwidth limit which is not enough for us. Actually, maybe we have problems again with some schmuck that doesn't have any friends and has decided to disturb us in this way..

What's next, I don't know, I'd appreciate any help and advice I can get..

[Jonnyboy]

Depending on your needs theplanet.com has a special price for Celeron 2.0+ servers. It comes with 750 GB transfer per month.

Edited September 6, 2008 by Jonnyboy