1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

AAHHHH!!!! Hacked by Brandon??!

Discussion in 'Training & Development' started by Jellyman_4eva, Apr 22, 2006.

  1. Jellyman_4eva

    Jellyman_4eva Byte Poster

    213
    4
    34
    Hey,

    This is going to sound odd, but what is going on..

    www.certforums.com and www.certforums.co.uk currently direct to a hacked by Brandon site?!!

    Huh??!
     
    Certifications: MCDST, MCITP-EDST/EDA/EA/SA/ MCSA 2K3/2K8, MCSE+M 2K3/2K8, ISA/TMG, VCP3/4, CCNA, Exchange, SQL, Citrix, A+, N+, L+, Sec+, Ser+, JNCIA-SSL, JNCIS-SSL
    WIP: Lots
  2. tripwire45
    Honorary Member

    tripwire45 Zettabyte Poster

    13,493
    179
    287
    Gav knows about it and I can only assume he's working with Si and the webhost to fix the problem. Hang tight.
     
    Certifications: A+ and Network+
  3. The_Geek

    The_Geek Megabyte Poster

    772
    13
    64
    I took the liberty of using dnsstuff.com:


    Properties from the image:
    http://www.eglenceparki.net/dost/brandonn.jpg

    The Data in OnlineNIC's WHOIS database is provided by OnlineNIC
    for information purposes, and to assist persons in obtaining
    information about or related to a domain name registration record.
    OnlineNIC does not guarantee its accuracy. By starting a WHOIS
    query, you agree that you will use this Data only for lawful
    purposes and that, under no circumstances will you use this Data
    to:
    (1)allow, enable, or otherwise support the transmission of mass
    unsolicited,commercial advertising or solicitations via e-mail(spam).
    (2)enable high volume,automated, electronic processes that apply
    to OnlineNIC Inc.(or its systems).

    OnlineNIC reserves the right to modify these terms at any time.
    By starting this query, you agree to abide by this policy.


    Registrant:
    ozgur kuru ozgurkuru@gmail.com +90.3123588706
    maaroni.net
    kaya sok
    ankara,ankara,TURKEY 06310


    Domain Name:eglenceparki.net
    Record last updated at 2005-08-05 07:32:51
    Record created on 2005/8/5
    Record expired on 2006/8/5


    Domain servers in listed order:
    ns1.maaroni.net ns2.maaroni.net

    Administrator:
    kaya sok
    ankara
    ankara,
    TURKEY
    06310

    name: ( ozgur kuru )
    mail: ( ozgurkuru@gmail.com ) +90.3123588706
    maaroni.net
    Technical Contactor:
    kaya sok
    ankara
    ankara,
    TURKEY
    06310

    name: ( ozgur kuru )
    mail: ( ozgurkuru@gmail.com ) +90.3123588706
    maaroni.net
    Billing Contactor:
    kaya sok
    ankara
    ankara,
    TURKEY
    06310

    name: ( ozgur kuru )
    mail: ( ozgurkuru@gmail.com ) +90.3123588706
    maaroni.net

    Registration Service Provider:
    name: RemoteMach Internet Solutions
    tel: +9.02124257543
    fax: +9.02124257543
    web:http://www.remotemach.com
     
    Certifications: CompTIA and Micro$oft
    WIP: PDI+
  4. Jellyman_4eva

    Jellyman_4eva Byte Poster

    213
    4
    34
    This is probably going to sound really silly.... but are our details safe?!

    I am guessing this is simply some kind of web server name based attack rather than an actual we have entered your server attack?
     
    Certifications: MCDST, MCITP-EDST/EDA/EA/SA/ MCSA 2K3/2K8, MCSE+M 2K3/2K8, ISA/TMG, VCP3/4, CCNA, Exchange, SQL, Citrix, A+, N+, L+, Sec+, Ser+, JNCIA-SSL, JNCIS-SSL
    WIP: Lots
  5. jackd

    jackd Megabyte Poster

    555
    7
    64
    Hey just managed to visit . DAMMM WHAT AM I GOING TO DO FOR TIME
     
  6. simongrahamuk
    Honorary Member

    simongrahamuk Hmmmmmmm?

    6,199
    125
    199
    Until we find out the extent of the attack we simply don't know. As for what type of attack it was well, it abviously hasn't gone too deep into the site as we're still here!

    If you Google "hacked by Brandon" you will notice that he has done this sort of thing before, and that he bascially defaces the Home Page.

    Just hang in there guy's. It will get sorted as soon as possible. 8)
     
  7. d-Faktor
    Honorary Member

    d-Faktor R.I.P - gone but never forgotten.

    810
    0
    39
  8. noelg24

    noelg24 Terabyte Poster

    3,334
    26
    139
    I was shocked when I saw this!! I thought what has happened? I actually thought my machine had been hacked so I tried other websites and they were fine!! Whoever this Brandon is needs some serious a$$ whooping!!! who's with me?

    EDIT: Erm why is this in the training and development forum? :rolleyes:
     
    Certifications: A+
    WIP: my life
  9. JonnyMX

    JonnyMX Petabyte Poster

    5,239
    211
    236
    What a complete tosser!
     
    Certifications: MCT, MCTS, i-Net+, CIW CI, Prince2, MSP, MCSD
  10. simongrahamuk
    Honorary Member

    simongrahamuk Hmmmmmmm?

    6,199
    125
    199
    So we all learn that it is bad when we get hacked! :biggrin
     
  11. noelg24

    noelg24 Terabyte Poster

    3,334
    26
    139
    hehe nice one Si...didnt think of it like that :biggrin
     
    Certifications: A+
    WIP: my life
  12. Luddym

    Luddym Megabyte Poster

    797
    19
    74
    This Brandon dude needs a serious kick in the nuts!
     
    Certifications: VCP,A+, N+, MCSA, MCSE
    WIP: Christmas Drunkard
  13. zimbo
    Honorary Member

    zimbo Petabyte Poster

    5,215
    98
    181
    the site was down for 10 hours or so and we all lost it... what would we do without this place.. :(
     
    Certifications: B.Sc, MCDST & MCSA
    WIP: M.Sc - Computer Forensics
  14. Phoenix
    Honorary Member

    Phoenix 53656e696f7220 4d6f64

    5,726
    175
    221
    looks like a DNS poison attack at first glance based on the whois details i took last night
    nothing too complicated about that, not a true hack so to speak of, no access of our sysytems was garnered, its just a form of denial of service by pointing the names at a different IP

    could be wrong, havnt had a change to sit down with the guys and have a chat about it, and i didnt have that much oppertunity to look into it before it was sorted :)
    thats my initial hunch though
     
    Certifications: MCSE, MCITP, VCP
    WIP: > 0
  15. twizzle

    twizzle Gigabyte Poster

    1,838
    33
    104
    OK so the site wasnt "Hacked" in any real sense from the looks of it, just a redirection via IP. But what do you do when this sort of thing happens? Who do you report it to? would any action be taken against the hacker? or would you retailate back (like im sure some on here are capable of) and give the guy a taste of his own medicene?
     
    Certifications: Comptia A+, N+, MS 70-271, 70-272
    WIP: Being a BILB,

Share This Page

Loading...