[support] Very Strange Security Breach
prothero
prothero at geol.ucsb.edu
Fri Dec 17 07:00:22 UTC 2010
I had a similar hack happen. I had about 7 comments on a blog, in
Russian, from an anonymous user. I have permission set so only
registered users can make comments. Hmmm... I deleted them, but wonder
what I should do to stop this in the future. I did set capcha so that
comments require it. Drupal 6.19.
Regards,
Bill
William A. Prothero
http://earthednet.org/
On Dec 16, 2010, at 9:32 PM, Shai Gluskin wrote:
> Hi gang,
>
> The author and URL of an anonymous comment was changed about three
> months after the comment was originally posted. The change happened
> last week. The new name was in Chinese and the URL is to a Chinese
> web site. The content of the comment was not changed.
>
> I've never had anything like that happen before. After I discovered
> this I changed user/1 pw (that is the only account on the site with
> admin privileges).
>
> There is no other evidence of other damage at the site that I found
> in the wake of this discovery.
>
> (Site was using 6.19 at the time of the breach).
>
> I'm stumped. Ideas anyone?
>
> Shai
> --
> [ Drupal support list | http://lists.drupal.org/ ]
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.drupal.org/pipermail/support/attachments/20101216/285e6074/attachment.html
More information about the support
mailing list