Hi everybody, my admin panel is been hacked. My script tracks the IP of the user that is : 193.239.143.45. I have tried to track it and I got these info: p Address 193.239.143.45 is found in Ukraine Flag for Ukraine IP Address 193.239.143.45 resolved to Hostname x-city.com.ua Query took 0 ms Init time was 1 ms Guessed City: Khmelnitskiy Region: Khmel'nyts'ka Oblast' What it is the probability that is effectively the IP of who tries to cheat at my site? I have also an email address and I get others info: Resolving host name "gmail-smtp-in.l.google.com"... Connecting to host address "64.233.183.27"... Connected. S 220 mx.google.com ESMTP f4si6442130nfh.27 C HELO ipaddresslocation.org S 250 mx.google.com at your service C MAIL FROM: <info@ipaddresslocation.org> S 250 2.1.0 OK f4si6442130nfh.27 C RCPT TO: <shiqiang.xiang@gmail.com> S 250 2.1.5 OK f4si6442130nfh.27 C DATA S 354 Go ahead f4si6442130nfh.27 This host states that the address is valid. Disconnected. Can someone tell me more if you have had a bad experience like this?
I wouldn't bother trying to track down the perpetrator. The important question is how they did it. Even if you find this perpetrator, the same security problem would remain exploitable by anyone else. You need to find whatever it was that allowed them to get in, and fix it. What admin panel was it? Is there any way someone could have got your password (virus on your PC? Do you use wireless connection)? Did your password contain dictionary words? Would it have been easy to guess? The best passwords are long and consist entirely of random characters.
There isnt any point in tracking the hacker.. only thing possible is blocking the ip from accesing the server.. Try to find out how he got in and whether he left any files
Thanks for your replies. Stevewh, I'm running with a Mac, I haven't a virus and my password was strong. Megamania, I wrote to Gooogle about that email address. I'm working on the hosting to find the holes.
johntropea brothar , first check your hosting companie'z security holes. Update Kernel and Php Version. Check using functions expoits.Finished; you must check your scripts. maybe they can have accessable bugs so you can be hackable
Another thing is, maybe the intruder got access on your e-mail account, without you noticing it. Well, he can make your host send the password of your panel to your e-mail, and kaboom..
This could be due to an unsecure script from untrusted site which you might have installed in your site. This had happened to me once. I fought with my hosting guys and at the end it was the script which was from an untruted source and I had to apologize to them later for that.
yep, this is the reason. The problems was in the script also, this is the risk when you start with a cheap script. I learn the lesson. Thanks for your support anyway.