BAD bad news. We got hacked badly: guy got root. We reloaded OS, but out of 3 servers we run our UBB on, 1 is so dang old it can't have the latest plesk, for starters (7 only.) That's not my current issue.
My issue is that even after reloading the OS, I'm told there could have been - things - left behind (back doors, I am no server admin - far from it.)
I have heard there are services available to check servers thoroughly for anything that shouldn't be there. OBVIOUSLY before I update our UBB (which involves a move in hosting first, new servers, MONEY we don't now have but WILL within 2 months) I want what we have now as safe as possible: ergo a service that will 'clean' these servers. Red Hat, Plesk (2 of them: third has some other control panel.)
I -think- SQL injection was involved: we -think- a newer version of Ubb threads was exploited
www.aftertherose.com (we may have 6 for our main domain, but my server partner is a genius: you've many times awarded him for the tweaks he's made at
www.jokersupdates.com. He has 6 locked down like a bank vault: ergo that and some other ungodly server type crap I'll never understand leads him to think the exploit came from
www.aftertherose.com forums.)
Don't care where: want the dang critters cleaned.
I -know- you guys will do the upgrade (I warn you in advance it will be THE worst upgrade you've ever handled: anyone who likes a challenge, a REAL challenge, pm me with rates. 2 months we're ON.) Prior to that, if any of you know anything about security: I heard there's automated stuff that can be used to scan everything on all 3 servers and spot bad crap.
I've done some research: my guy ran some 'somethingtools' thing (sorry, sorry - it's over my head) but we need a much better solution before this - this - *(*^DKJG%^ gets my root again. Which he will do: you don't run a community the size of mine for 10 years and not have, uh, people who are unkindly towards you. 999 out of 1000 the threats are BS: this one wasn't: all he did was create 3 bogus domains (fhj4kl.com, 2 more) but he knew a) it would email me b) I'd freak and know I was owned.
He was right.
But one place he was wrong: might be server-stupid but I know where to find people who aren't!
And where better than the folks who created ubb in the first place? THAT is the domain he's after: the one with ubb 6. So if you have any idea about how to check the servers' safety now: how to clean it and maybe use some tripwire thing I ran across - keep in mind plesk 7 is as far as I can go on one of those servers.
Please lord let there be security specialists here: if not, will you kindly inform me of the best companies who provide such a service? For this I'll find the damn money if I have to hock my soul to the Devil (my luck he'd laugh in my face!)
jokerette gmail and thank you - thank you so much for any help whatsoever.
