Ugh Oooooo. its down. was workin until 10:38am EST and now it wont work as of 10:40. Im pissed, I have to PM people LOL. People are waiting for parts, and I cant PM them AHHHHHHHHH.

They aren’t recreating the wheel. I wonder if it is getting an overhaul.

someone might of hacked it again :roll:

I’m thinking they did hack it. Again.

You can ping the site, and I was able to traceroute it all the way to the main server and it even goes down to fuelempire, here’s my traceroute.

Microsoft Windows XP [Version 5.1.2600] (C) Copyright 1985-2001 Microsoft Corp.

11 55 ms 55 ms 55 ms []
12 63 ms 63 ms 63 ms []
13 63 ms 63 ms 63 ms []

14 84 ms 84 ms 84 ms []
15 70 ms 71 ms 70 ms [216.200.
16 71 ms 71 ms 70 ms []
17 69 ms 69 ms 69 ms []
18 72 ms 69 ms 69 ms []

Trace complete.

Something is fucked up. Because their server is not down.

Ugh, can u figure out the IP address of the person that did the “hacking”? If so, I have a lil some some I wanna do to their site/computer…

My dad has agreed to get their username and password if they have a site so I can “mess” with it LOL.

No, thats information he will have for his domain. Most domain users have a cpanel that has all of your information that contains the list of ip addresses of who touched what, what kind of things they accessed, ftp logs, info like that. If I were his domain provider and he requested it i could, but he’s definitely not hosted with us, har! So the answer is no, thats his problem not mine.

That traceroute just shows you the last few hops and that it goes to his server and that his server responds, so if he says “oh our server was down” then no… it wasn’t. It has to be something else going on, which is too bad, there are a LOT of people that visit that site, including me :frowning:

lol i thought i was banned last night because he locked a thread and then i pm’d xeno because i was pissed, but apparently that isn’t the case.

The server isn’t down, per say.

Last week we had a defacement attack. A PHP injection exploit on the Joomla (mambo) software we used to run the TeamZX2 content site. It hit quite a few of our sites’ index pages. We thought we cleared it all off, but what we didn’t realize is that it went deeper than a simple defacement.

The intruders’ injected PHP script (Running at webserver permissions) overwrote some of our system binaries so it could hide certain folders from being displayed.

We got a call from EV1 networks yesterday concerning spam that our server was reportedly sending. Turns out they had triggered a sleeping binary file to send out quite a few spam messages. They were also trying to brute force other servers on our network.

As a result, we had to shut down our sites and email to stop it from sending the spam and the port scan/brute force attacks. Images still serve, all our content is in tact.

Unfortunately we no longer trust our server, so we’re reformatting it and rebuilding it. We’ve also decided to ban 3rd party software, aside from the forum software we run on teamzx2 (until we can replace it with a custom one). We’ll also only be running a small handful of sites, all FuelEmpire related. No more personal hosting on the server… not even my personal website.

So yeah… sit tight and hopefully we’ll be back up and running tonight.

Hey thats cool, someone who is honest about technical difficulties, I gotta respect you for that xENo, even if you locked my thread :wink:

Thats cool you are working quick on getting that back up, can’t wait to update you on my emo apple! Just kidding. Well that sucks on what happened, I remember when the forum got hit not too long ago :frowning: I was hoping it was all over but hopefully you guys will have it all fixed once and for all.

Good luck with it xENo, no worries man, it’ll be up when you get it up I suppose. I know that fixing that crap can be a timely process. No fun. Glad to hear that everything is in tact though :slight_smile: That is GOOD news!

Even better news is that we know the IP address, physical location, screennames, and online hangout spot of the intruders.

I think after this is all said and done, I’ll post it publically on the teamzx2 site.

Ohhhhhhh now THAT will be fun :slight_smile:

Exactly what I wanted… Oooo yea, the posibilities.

That sucks dude, recently I got rid of joomla here. I started to lose my faith in the product. I used it for an application at work but no problems yet. Hopefully there won’t be any but its all getting changed soon. If you need any help with anything let me know. Also I started work on a CMS system that is the shizzle :wink: I hope to deploy it here soon! RSS for profiles baby :wink: Anywho thanks for the update xeno :wink: By the way your fuel empire thing is pretty slick.

keep up the good work xeno !!!

i hope someone finds and takes care of the bastard who did this.

i thought shut down, i really felt bad, but this is great news



My life is so empty without TeamZx2…

:twisted: I need Crack!!! :shock: :x Withdrawl is setting in... :x

Xeno, you figure out when it’ll be back up?

If you know who hacked you, are you going to post his address so we can send him mail bombs filled with anthrax. Or, We could just go over there and beat the crap out of the person…

You know how amazing that would be to have a row of zx2s rolling down the road, w/ the systems turnt way up, in a low gear w/ the exhaust roaring, and then crusin up to the house, all pullin into their driveway/yard. Get out, and just sitting there on our hoods till the person comes out… LOL I know if I was that guy, Id prolly piss myself and fall to my knees begging HAHAHA :twisted: :twisted: :twisted:

:twisted: :twisted: :twisted:

Actually, he’s in brazil…

We’ve actually been going back and forth with our ISP. We’re moving our business to a new ISP, so it may be a day or two more before the sites are back up.

Its all gravy. 8)

yea ive been kinda bored in class because i cant get on it… i just thought it was our firewall

Your firewall would be blocking a specific port number in that case, if that were the case and they blocked port 80, you wouldn’t be able to get on the internet at all. If they were using a proxy, you’d be getting a message saying it wasn’t “allowed” at your school. So no. :lol: