My own website has recently taking a beasting from some low life, he has hacked my php message board which is similar to this one. As soon as i put it live this looser with no life somehow edits/renames files and kills the forum. I caught his ip which is as follows

the forum http://www.maxedmotors.co.uk/forums which is now dead again as somehow he has access too do this even after numerous passwords changes etc..

The ip is 62.252.192.8 which i traced back to :

Hop (ms) (ms) (ms) IP Address Host name
1 0 0 0 66.98.244.1 gphou-66-98-244-1.ev1.net
2 0 0 0 66.98.240.4 gphou-66-98-240-4.ev1.net
3 1 1 2 129.250.10.105 ge-0-1-0-50.r00.hstntx01.us.bb.verio.net
4 6 6 6 129.250.2.50 p16-0-1-3.r20.dllstx09.us.bb.verio.net
5 32 221 251 144.232.8.121 sl-st20-dal-14-2-1620xt1.sprintlink.net
6 32 156 132 144.232.9.137 sl-bb27-fw-5-0.sprintlink.net
7 30 30 30 144.232.11.34 sl-bb22-fw-12-0.sprintlink.net
8 30 31 30 144.232.18.121 sl-bb22-chi-11-0.sprintlink.net
9 30 30 30 144.232.26.98 sl-bb21-chi-14-0.sprintlink.net
10 51 51 51 144.232.9.148 sl-bb22-nyc-15-0.sprintlink.net
11 51 51 51 144.232.7.105 sl-bb20-nyc-14-0.sprintlink.net
12 108 109 108 144.232.9.162 sl-bb22-lon-12-0.sprintlink.net
13 115 115 115 213.206.128.61 sl-gw23-lon-14-0.sprintlink.net
14 120 120 120 213.206.159.38 sle-ntl-3-0.sprintlink.net
15 120 120 120 213.105.172.85 bre-bb-b-ae0-0.inet.ntl.com
16 122 122 122 213.105.172.233 win-bb-a-so-400-0.inet.ntl.com
17 128 128 182 62.253.185.137 man-bb-b-so-600-0.inet.ntl.com
18 128 128 129 213.105.174.21 mant-t2core-b-pos71.inet.ntl.com
19 128 128 128 62.252.192.8 manc-cache-5.server.ntli.net

any ideas or even to secure the forums so he can't carry on doing this

 

Use a different PC and change ALL your passwords to nice secure ones. He may have installed a key logger on your PC and is capturing your keystrokes.

Try changing the forum software you use to something else or make sure you've got the latest version of your current one.

Who owns the server that your site is running off ? You need to make sure it's suitably secure.

That IP address belongs to an NTL customer btw. You could try reporting it to their abuse team.

 

hope ya can get it sorted

 

hi cheers people i have tried changing ip's from work comp home comp and girlfreinds comp all with no joy i have reported it too NTL but fear they cannot/will not be able too do much realy.

company thats hosts it is called Page-zone which told me straight away that 2 files had been changed which wasn't me but thats all they could realy do

 

The people who host your site on their servers DO have the ability to block
specific/range off IP addresses if they can be arsed to do it.

Also, sharing someone elses server is not that secure IMO.

I too have had similar hacking "attempts" and am in the process of hosting my
own site on my own server. This means I will have total control on access rights.
(Plus a few other benefits )

It is not that expensive to set this up but does require a reasonable level of
network IT skills so it is not really a DIY type job for most.
Price depends on equipment quality and bandwidth.

 

cheers secs an idea there its just the line i suppose we have plenty of servers at work well up to the job but only run a 1 meg ADSL line with 256 upload speeds surely this wont be up to the job

what makes it worse is that its not a random hacking attack somone has quiote clearly pointed at us for a reason as a fellow site also went down in the same way. We have our suspicians of who it is but can't prove nowt