Goonstation Forums
To the GoonHub.com administrator: Your server is hacked - Printable Version

+- Goonstation Forums (https://forum.ss13.co)
+-- Forum: Discussion (https://forum.ss13.co/forumdisplay.php?fid=6)
+--- Forum: General Discussion (https://forum.ss13.co/forumdisplay.php?fid=7)
+--- Thread: To the GoonHub.com administrator: Your server is hacked (/showthread.php?tid=11460)

Pages: 1 2 3


To the GoonHub.com administrator: Your server is hacked - unnamed - 01-22-2019

Whoever runs the goonhub.com website: Your server (IP address 198.27.70.16) appears to be hacked and is used to submit spam to other web forums. You can verify by putting the IP address into a search query at http://www.stopforumspam.com/search
Please clean up your server.


RE: To the GoonHub.com administrator: Your server is hacked - kyle2143 - 01-22-2019

I'd listen to him Wire. This sounds serious.


RE: To the GoonHub.com administrator: Your server is hacked - NateTheSquid - 01-22-2019

oh no we must trust the unnamed man who says goonhub.com is a forum

also why is this phrased like he's asking a neighbour to mow his lawn cause the neighbourhood looks bad


RE: To the GoonHub.com administrator: Your server is hacked - unnamed - 01-22-2019

Quote:the unnamed man who says goonhub.com is a forum
I am not, re-read my post. I am saying that spam is being delivered to my and other people's forums through the same physical server that runs the website goonhub.com. As there is no contact information available on goonhub.com, I chose this forum to reach out as it seemed like the most probable way of reaching the administrator of said website. I am merely trying to help. Trying to shoot the messenger is not going to help anyone, Nate. It just means that this host will continue to send spam messages to other forums and in return get a bad reputation on various anti-spam databases.

I am not asking you to mow my lawn. I am asking the administrator of goonhub.com to close security holes in their web server which cause spam to be posted to other web servers.


RE: To the GoonHub.com administrator: Your server is hacked - NateTheSquid - 01-22-2019

The phrase "other web forums" is indicative of goonhub.com being a forum itself. Otherwise you'd just say "web forums". Also a post like yours with no evidence and a shifty url is not going to be investigated by anyone with half a braincell

edit: alright well I googled the site, and it seemed legit so I checked it out, as far as I can tell there's been spam from that IP address, yes, but there's nothing on said site to suggest it's from goonhub

edit mk 2.0 electric boogaloo: well maybe this guy has a point that somethings up but still definitely could have had a better approach. time to dissapear from this thread


RE: To the GoonHub.com administrator: Your server is hacked - unnamed - 01-22-2019

Quote:The phrase "other web forums" is indicative of goonhub.com being a forum itself.
That's what you interpret into it. But hey, discrediting a hack report because English is not someone's first language and they wrote an ambiguous sentence is totally the correct way to proceed, right?
It doesn't seem to be up to you to investigate this incident, so maybe stay out of this thread and stop questioning me, please?

Anyway, StopForumSpam is quite a reputable source for anti-spam measures and certainly not "shifty". But if that's not proof enough, here is first-hand evidence of the spammer that tried to sign up on my forum, using the goonhub.com server as proxy:

[Image: zzpdbVU.png]

Edit: The "Hostname" field on that screenshot is the reverse DNS entry of that IP, just to make it absolutely clear.


RE: To the GoonHub.com administrator: Your server is hacked - Wisecrack34 - 01-22-2019

Oh no, this looks spooky


RE: To the GoonHub.com administrator: Your server is hacked - Vitatroll - 01-22-2019

Itis me. Iam the hackers. I didnot expect catching me!! No!

I hacked the IPs for provide food itis family. Donot report please!! Iam good persons and Iam arenot HIGHLY FUCKING ILLEGAL!!


RE: To the GoonHub.com administrator: Your server is hacked - Sov - 01-22-2019

Well there’s certainly no harm in wire verifying he is running the most up to date security patches and looking for suspicious activity

Exploits pop up all the time after all, and boxes do get compromised


RE: To the GoonHub.com administrator: Your server is hacked - unnamed - 01-22-2019

In the meantime a fourth report has been added to the StopForumSpam database for that server IP, so it is continued to be used to post spam. I suggest to run netstat (assuming it's a Unix-based server) to check if there are any suspicious ports open. It could be either that you are running an open proxy without knowing, or even worse, someone could have compromised the server and is running their own software on it. In that case the only sensible thing is to reinstall the complete server because you never know how deeply the attacker nested their stuff into the system.


RE: To the GoonHub.com administrator: Your server is hacked - Ines - 01-22-2019

The server administrator has been notified.


RE: To the GoonHub.com administrator: Your server is hacked - Wire - 01-22-2019

Hi I'm the server admin. Thank you for the report and apologies for some of the ruder users here. This looks concerning and I'm investigating the issue now. I should mention that we're currently in the process of migrating to another server, so even if I really suck at resolving this now, it will be fixed one way or another soon.


RE: To the GoonHub.com administrator: Your server is hacked - Wisecrack34 - 01-22-2019

Sweet, thank you Unknown man for your help big grin

(Someone give him a nice avatar as a gift of friending ships)


RE: To the GoonHub.com administrator: Your server is hacked - popecrunch - 01-22-2019

i made them an avatar for reporting an issue, thank you for loving pupkin


RE: To the GoonHub.com administrator: Your server is hacked - unnamed - 01-22-2019

Wire: Thank you for the reply and good luck with fixing the issue. If you have any interesting findings to report I'd love to hear about them (through PM if you prefer that way) as I'm quite wondering where the sudden increase in spam in the last few weeks is coming from.

And thank you for the avatar smile