Flightguy123 Posted December 27, 2011 Report Share Posted December 27, 2011 Hey guys, Not sure if you are experiencing this but AAvirtual.net has been hacked twice this week. They are able to get in to user accounts, they only get in to exec staff accounts and go directly to the admin panel. They know exactly where to go because of the track on the website. They have deleted at least a hundred of our pilots and continually do so. I really am asking if anybody here is doing this to kindly stop or if anyone knows how to stop this please do help. 173.245.52.14 is the IP for the access to the sites pages, its from Vietnam so its obvious that its from a proxy. Regards, Ada Quote Link to comment Share on other sites More sharing options...
Strider Posted December 27, 2011 Report Share Posted December 27, 2011 Ban that IP, it will stop them from gaining access to your site. Quote Link to comment Share on other sites More sharing options...
Administrators Nabeel Posted December 27, 2011 Administrators Report Share Posted December 27, 2011 Change all of your passwords, including hosting account and email. Passwords in phpvms are hashed so they wouldn't be discovered in that way Quote Link to comment Share on other sites More sharing options...
Flightguy123 Posted December 27, 2011 Author Report Share Posted December 27, 2011 Alrighty, all the passwords have been changed, on the admin logs on the database however it shows that one of the pilots did it, however his on leave for the holidays, last week the same thing happened where another person was said to have been deleting stuff on the site . Any idea how this happens? Quote Link to comment Share on other sites More sharing options...
Zeusking19 Posted January 5, 2012 Report Share Posted January 5, 2012 You said the pilot involved was on leave. It seems fishy that he said that so he could do it without you knowing. But you know better to check the logs. BTW, delete his pilot profile. Quote Link to comment Share on other sites More sharing options...
TAV1702 Posted January 8, 2012 Report Share Posted January 8, 2012 If you are using FSFK, be very careful. Smart users can get your database name and password. Not sure if this is relevant in your situation or not. Just tossing it out there. And for the record, that is not a phpVMS issue. It is any site that uses FSFK in general. Quote Link to comment Share on other sites More sharing options...
Administrators Nabeel Posted January 10, 2012 Administrators Report Share Posted January 10, 2012 If you are using FSFK, be very careful. Smart users can get your database name and password. Not sure if this is relevant in your situation or not. Just tossing it out there. And for the record, that is not a phpVMS issue. It is any site that uses FSFK in general. That's why I put in my instructions to make a new user just for FSFK. It's not smart how that was done Quote Link to comment Share on other sites More sharing options...
Sava Posted January 10, 2012 Report Share Posted January 10, 2012 Where are those instructions? Quote Link to comment Share on other sites More sharing options...
freshJet Posted January 10, 2012 Report Share Posted January 10, 2012 I don't allow the use of FSFK... Quote Link to comment Share on other sites More sharing options...
tutmeister Posted January 11, 2012 Report Share Posted January 11, 2012 Is there anything we can do to strengthen our site against FSFK? I use it personally, but I don't allow FTP access with the upload of the route map, etc, as I saw that as a security threat form the get-go. Is there something else I am missing that is a threat? Quote Link to comment Share on other sites More sharing options...
twelka3 Posted January 11, 2012 Report Share Posted January 11, 2012 I had this same IP get into Frontiers Admin panel. Would delete pilots and our routes. It also tried into my American but failed. The only way to stop it was to ban the IP Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.