Was hacked today. It was a good lesson.
In a way it was an ideal time to get hacked. Someone must have been running a sniffer on my forum and got my Admin account.
They stripped polls, and generally acted like a gremlin.
Deleted all but 1 photo gallery before I noticed this and changed the password.
Long story short- no serious damage was done.
I learned: never login with cookies.
change passwords often
Check who is in my admin group
The password is not a 'guessable' password, so it was some sort of 'sniffer'.
There is a system in place now that uses IP verification [no- not this one
] + proper password (not likely to get now) in order to login.
If they do not have the proper IP and/or password they will be redirected to wherever I chose after their IP is logged and e-mailed to me.
I would love to find the most fucked up broswer pop-up, circle jerk domain possible to send these SOB's to.
Or- perhaps create a page that delivers a payload of worms, viruses, scumware, you name it.
What is the worst (best) I can send them? Any fun ideas?
