So my power went out last night, and disabled my wireless security(****** linksys router). I think that opened up a door to my server(not sure), and I got hacked. The dude erased my entire external HD, and left me with nothing but a folder called hi. Luckily I had a good portion of the drive backed up, and all of my web dev stuff backed up.... still some people are such dbags! wtf!

I'm new here, but I'm looking on reading up on some security things, and just wanted to say wazzzup.

If the router is switched off and on again it will (should) retain the previous settings, including security.

I'm sure this is saved to some kind of eprom, and doesn't depend on an internal battery. If all you needed to do to disable security on routers was power-cycle them, then every network in the world is at risk!

Backups rule. You might want to post in the security forum to see if you can figure out how they got in.

Backups rule. You might want to post in the security forum to see if you can figure out how they got in.

Good call.

As for the power cycle thing, I have a really really old router, and after googling, have seen this problem happen to others.

Not sure, but yea, it just doesn't make sense because the router info SHOULD'NT EVER get wiped with a power cycle. Maybe kill the router, but not flash it.

The dude erased my entire external HD, and left me with nothing but a folder called hi.

If it was only a normal format you can still recover ALL your data.

Wow, that sucks. He's a complete loser! Got nothing better to do that get in to your system. But how did he know that your security was down? Could it be a neighbor? I would check that stuff first.

I really dunno what exactly happened, but I'm pretty sure they used a simple command such as, "rm -r" because I was able to recover 100% the data with some software.

I however am in the process of transferring the files, formatting, and reinstalling, but this time with some security in my mindset.

Thanks for the concern fellas. So lame.

How did he even get into your server just because your wifi was open? You should do layered security with these things. For instance, ssh is whitelisted to my desktop and laptops only for my server, I have separate 30 character passwords with symbols for my disk encryption and user and superuser and sql, etc. plus I have SSID set to not broadcast- you need to manually type in the SSID and wifi password. Also you might consider an uninterruptable PSU for the server and router, and make sure your wireless encryption is set to WPA2.
What server OS are you running? I could give you some of my tips for security. You should also see if you can acquire his IP address from logs once you have your data recovered. Then just post it on 4chan and wait ;).

I really dunno what exactly happened, but I'm pretty sure they used a simple command such as, "rm -r" because I was able to recover 100% the data with some software.


Just a quick question... What software did you use to recover your deleted data?
Some time ago I was trying to do this, but I didn't manage to find a program
that let me do this... Which did you use?

Just a quick question... What software did you use to recover your deleted data?
Some time ago I was trying to do this, but I didn't manage to find a program
that let me do this... Which did you use?


x2

Which software?