Meta-Blog

SEARCH QandO

Email:
Jon Henke
Bruce "McQ" McQuain
Dale Franks
Bryan Pick
Billy Hollis
Lance Paddock
MichaelW

BLOGROLL QandO

 
 
Recent Posts
The Ayers Resurrection Tour
Special Friends Get Special Breaks
One Hour
The Hope and Change Express - stalled in the slow lane
Michael Steele New RNC Chairman
Things that make you go "hmmmm"...
Oh yeah, that "rule of law" thing ...
Putting Dollar Signs in Front Of The AGW Hoax
Moving toward a 60 vote majority?
Do As I Say ....
 
 
QandO Newsroom

Newsroom Home Page

US News

US National News
Politics
Business
Science
Technology
Health
Entertainment
Sports
Opinion/Editorial

International News

Top World New
Iraq News
Mideast Conflict

Blogging

Blogpulse Daily Highlights
Daypop Top 40 Links

Regional

Regional News

Publications

News Publications

 
Hacked
Posted by: McQ on Saturday, September 02, 2006

If you've gotten to this by other means than trying to load the front page of QandO, you know we've been hacked. It apparently happened about 4am.

I guess you've arrived when you're thought to be big enough or influential enough to be a subject to a denial of service attack, but you know what ... it's a true pain in the ass.

So bear with us, we're working on it.

UPDATE: Seems something happened to Site Meter as well (HT: Stephan Macklin). Checking SM on other sites, they too have recorded no traffic since around 4am.

UPDATE (Dale):
Yes, it looks like someone managed to break into the site via FTP—has someone been careless with their FTP user names and passwords?—and replaced the default page with a little message. All of the old ftp user names have been deleted, and replaced with completely new ones. Took about 2 minutes to fix.

Sorry the site was down for so long. I just hadn't looked at it since yesterday night.

McQ called early this morning, and left a voice mail, but I slept right through it.
 
TrackBacks
Return to Main Blog Page
 
 

Previous Comments to this Post 

Comments
Ah, bummer. Good luck with that.
 
Written By: Mithras
URL: http://mithrastheprophet.blogspot.com
Q and O had to be shut down in order to stop the war, apparently. No doubt this will bring Rumsfeld to his knees.
 
Written By: Aldo
URL: http://
In the realm of strange coincidence Site Meter stopped working at about 4 am. Everywhere. I checked on a number of blogs and no on seems to have recorded a visit since then - including this one.
 
Written By: Stephen Macklin
URL: nomayo.mu.nu
Huh!? So it wasn’t just our Site Meter.

Interesting.
 
Written By: McQ
URL: http://www.qando.net/blog
At least he stuck to small, easily-spelled words, unlike that idiot who went after NRO awhile back and completely botched up ’Palestine.’
 
Written By: Achillea
URL: http://
Achillea, yeah but then he blew "Turkish". How lame is that?
 
Written By: Pablo
URL: http://
I thought he wrote "turgid", so I immediately suspected Greenwald.
 
Written By: Aldo
URL: http://
I suspect some lefty is even now snickering over his hackery, no doubt smug enough to believe his "Turkish" cover is taken seriously.

But when the site is back up in a bit, and up tomorrow, and the day after that, he ought to face the facts. He’s nothing but a vandal, and an ineffective one at that. It this is what he gets a thrill out of, I wouldn’t want to be living his life.
 
Written By: Billy Hollis
URL: http://
Interesting that this happened shortly after Jon announced his affiliation with George Allen.
 
Written By: Charles Bird
URL: http://www.redstate.org
Note to Jon and McQ: If the site is ever hacked again, giving me a call as soon as you notice it, rather than 11 hours later, would be helpful.
You got a call a few hours after I noticed it and figured you might be up (not real big on calling someone at 5am their time for something not that serious), not 11 hours. And then all I got was voice mail.
 
Written By: McQ
URL: http://www.qando.net/blog
Aldo,

Heh! Good one.

Death to hackers.

Yours, TDP, ml, msl, & pfpp

 
Written By: Tom Perkins
URL: http://
If you do a google search for "hacked by Tugra", you’ll see he’s gotten a lot of sites. Mostly non-partisan stuff. I tend to doubt it was specifically targeted at us for political reasons, but I could easily be wrong. It might be that the "hacked by tugra" is simply a generic script employed by somebody with ill-intent.

Maybe our logs would give us that answer, but I really don’t know.
 
Written By: Jon Henke
URL: http://QandO.net
I know you guys and I have locked horns a few times, but that’s okay I think we’re basically friends. So I have some free advice. And let me make a few things clear so I’m very understood:

1) I’m not criticizing you.

2) I really don’t care one way or the other about Allen or his campaign. He’s not my Senator and isn’t going to be.

3) This was PROBABLY related in some way to your connection to said campaign. BUT,

4) Although my rep in the blogosphere isn’t as a tech guy, I can tell you I’m a very techie guy and your site admin was right: this was a very minor bit of vandalism from someone who could, in fact, have done a huge amount of damage but didn’t. It is the rough equivalent of someone letting the air out of one of your car tires... as opposed to breaking all the car door windows and headlights, slashing the tires, scratching up the paint job, and peeing on the seats. (Which this guy could have done the rough equivalent of if he really got in with one of your FTP passwords.)

In short, it was a minor bit of harassment by a juvenile, and the bigger a deal you make out of it the worse you’ll look to anyone who really looks hard.

Be more careful with your logins and passwords, and chalk it up to the cheap dirty tricks that happen sometimes.
 
Written By: Dean Esmay
URL: http://www.deanesmay.com
I know you guys and I have locked horns a few times....
We have? I don’t recall it.
...I think we’re basically friends.
I should hope so! The fact that you only ’think’ this makes me wonder when we may have locked horns.
This was PROBABLY related in some way to your connection to said campaign.
For the record, I have NEVER said that it was. I stipulate that, not knowing anything about it, it’s possible. But I would tend to doubt it. And I certainly would not make that charge in any way, shape or form without substantial evidence to lead me in that direction. I don’t have any. From what I hear via another tech guy, it’s probably just a script kiddie.

As far as I’m concerned, it was a minor blip, and there’s no need to worry about it further.
 
Written By: Jon Henke
URL: http://QandO.net
Using FTP is pretty careless in itsself. Using any unencrypted transport protocol (FTP, telnet, http, SMTP) to login to any server isn’t really a good idea. Using something like rsync over ssh or scp is a much more secure way of transferring files to and from a server. Of course people need to be careful with their passwords, but by using secure protocols they don’t have to worry about them being sent as plain text across the internet capable of being sniffed by any computer they pass through.
 
Written By: John Harrold
URL: http://
In short, it was a minor bit of harassment by a juvenile, and the bigger a deal you make out of it the worse you’ll look to anyone who really looks hard.
Agreed. We had a hole, some sort of automated program found it and exploited it (as it apparently had done to many other totally unrelated sites). No more than that.

Life goes on and it boosted our Saturday numbers a bit. I’ll take the good with the bad and say Dale assures us it won’t happen again.

Good enough for me.

BTW, Dean ... glad to see I’m singin’ your song. ;) Been singing it for quite some time myself.

Thanks for the link.
I think we’re basically friends.
Oh, yeah.
 
Written By: McQ
URL: http://www.qando.net/blog
This message has appeared on several sites recently. Though the others I’ve seen apparently have nothing to do with politics, war, etc. Might just be some script kiddie who hits vulnerable sites placing the same juvenile message on each. Just so happens it relates here.
 
Written By: Mr. Hawaii
URL: http://
sorry admin :(
 
Written By: tugra
URL: http://www.ayyildiz.org

 
Add Your Comment
  NOTICE: While we don't wish to censor your thoughts, we do blacklist certain terms of profanity or obscenity. This is not to muzzle you, but to ensure that the blog remains work-safe for our readers. If you wish to use profanity, simply insert asterisks (*) where the vowels usually go. Your meaning will still be clear, but our readers will be able to view the blog without worrying that content monitoring will get them in trouble when reading it.
Comments for this entry are closed.
Name:
Email:
URL:
HTML Tools:
Bold Italic Blockquote Hyperlink
Comment:
   
 
Vicious Capitalism

Divider

Buy Dale's Book!
Slackernomics by Dale Franks

Divider

Divider