tag:blogger.com,1999:blog-13756280.post6086824999916164092..comments2024-02-08T03:44:23.780-08:00Comments on Jeremiah Grossman: How to tell when you are SE0wN3d?Jeremiah Grossmanhttp://www.blogger.com/profile/05017778127841311186noreply@blogger.comBlogger5125tag:blogger.com,1999:blog-13756280.post-38419412816612542552007-11-29T14:37:00.000-08:002007-11-29T14:37:00.000-08:00Actually, this happened to a site that I maintaine...Actually, this happened to a site that I maintained - the previous vendor had implemented a weak password on a FTP user, and the web host's FTP servers were brute-forced.<BR/><BR/>I'm not sure how long it went on for, but the only way I found out about it was a helpful tip from the previous vendor. They had web sites hosted by the same hosting service, and stumbled upon it before we did.<BR/><BR/>After that experience, I make a habit to view the source code of the live site at least once and a while. It's the only way I can think of to keep tabs on things... for now.Windigohttps://www.blogger.com/profile/00927310158905777014noreply@blogger.comtag:blogger.com,1999:blog-13756280.post-21617204705811300682007-11-29T09:50:00.000-08:002007-11-29T09:50:00.000-08:00LOL. Ok, that has got to be the funniest comment I...LOL. Ok, that has got to be the funniest comment I think I've ever gotten here. Im just wondering if you have the list is proper order. :)Jeremiah Grossmanhttps://www.blogger.com/profile/05017778127841311186noreply@blogger.comtag:blogger.com,1999:blog-13756280.post-28258774912030607622007-11-29T09:10:00.000-08:002007-11-29T09:10:00.000-08:00Jeremiah, I would never hack your site for several...Jeremiah, I would never hack your site for several reasons. <BR/>1. It would break my ISC2 Ethics Code <BR/>2. You would get me back and you are better at this than me. :)<BR/>3. As Bill Pennington told me "He's 6'3" and knows Brazilian Jujitsu." :)Andy, ITGuyhttps://www.blogger.com/profile/09237512546845510001noreply@blogger.comtag:blogger.com,1999:blog-13756280.post-30488912603605080472007-11-28T20:10:00.000-08:002007-11-28T20:10:00.000-08:00There's definitely a lot of older wordpress instal...There's definitely a lot of older wordpress installs that have been hacked by blackhat seos in that way for ranking purposes.Anonymousnoreply@blogger.comtag:blogger.com,1999:blog-13756280.post-31974875836893183862007-11-28T14:10:00.000-08:002007-11-28T14:10:00.000-08:00Links with "buy you-know-what" wouldn't go past my...Links with "buy you-know-what" wouldn't go past my anti-spam filter which simply checks all fields in all POST requests made to my application, except few specific whitelisted ones (previews, log-in).<BR/><BR/>Also for all output I use templating engine that HTML-escapes all variables by default (PHPTAL), so if any rogue link sneaked past anti-spam and user-crap-filtering functions, it would likely got escaped and became visible and harmless.<BR/><BR/>But if these failed, it would be really difficult to find it. It wouldn't show in *mine* referrer logs.<BR/>I think I'd have to spider my website and check all links :(Anonymousnoreply@blogger.com