[meteorite-list] December Meteorite-Times and Important Webmaster FYI

From: Paul Harris <paul_at_meteoritecentral.com>
Date: Mon, 10 Dec 2007 19:49:42 -0800
Message-ID: <475E08D6.9000504_at_meteorite.com>

Dear List,

My first email from this morning has not come through most likely
because I used the word (h)acker in the subject line so it's held up
until Art manually approves. Please disregard the second post when it
does arrive or Art please delete. Thank you, Paul


Dear List,

The December Meteorite-Times is up now and is a little short this month
as so many people have way too much to do in December.
We put up the list of previous articles for Bob, Tom and Ruben so you
can review their past articles this month.

We are looking for people to be the Meteorite Person of the Month and
everyone is welcome. All that is required is a love of meteorites.

http://www.meteorite-times.com/

Sorry for the delay in posting Meteorite-Times but one of our sites got
hacked and I needed to take care of things. If your site has php
scripts on it please check your daily visitor patterns. If you see a
dramatic increase (We went from 1000 normal daily visits to 3000 visits
overnight) in visits please check your logs for people trying to access
webpages that you do NOT have on your site. If you see this then check
all directories for htaccess and php files that do not belong. Also
check your permissions for improper write and execute values. If have
the dramatic increase in visitors and don't know about htaccess php and
permissions please check with your host.

Best I can figure so far... It works like this. Links having your
website address but non existent webpages are posted all around the
internet. When a person clicks on the link they go to your site but
their browser doesn't find the webpage it's looking for and then the
hackers htaccess file works with the php script to redirect the browser
somewhere else where the page then tries to download a trojan virus onto
the person's computer. The hacker doesn't tamper with any of your files
or webpages so you have no clue. Luckily I check my reports and logs on
a daily basis.

If you want more information please contact me privately so we don't
clutter the list. If there is enough interest I will post a single
email about it. I'm late and won't be able to reply to anyone until
tomorrow.

I would definitely like to hear from all list members who have website
security expertise to share notes.

Thank you,

Paul
Received on Mon 10 Dec 2007 10:49:42 PM PST