Welcome, Guest: Join Nairaland / LOGIN! / Trending / Recent / New
Stats: 2,743,045 members, 6,507,217 topics. Date: Saturday, 25 September 2021 at 05:12 PM

Albato's Posts

Nairaland Forum / Albato's Profile / Albato's Posts

(1) (2) (3) (4) (5) (6) (of 6 pages)

Programming / Re: Programming Really Is For The Young by Albato(m): 6:37pm On Sep 22, 2010
Young people do well in programming because they have all the time in the world. Less responsibilities. Older people who started early have all the experience. They do very well too.
Webmasters / Re: Please Do A Blog For Me! by Albato(m): 6:22pm On Sep 22, 2010
That website is made with Wordpress. Its probably the best blogging software out there. To do something like that, first you need to register and get a hosted account.

When you have done that, come back to this thread then you can be helped. I know there are lots of good guys here willing to help.
Webmasters / Re: I Dont Know What To Blog On Pls Help Me Some One by Albato(m): 7:36am On Sep 11, 2010
Write about a topic you know very well. A guide could be:

what are your hobbies?
what music/ movies do you like. Who are your favourite artistes?
what of the political climate in your country
what was on tv last night? what tv shows did you like?
what tech skills do you have?
what about your town, city, country. Let people know about them using photos, articles etc
what about your career. Is there anything people can learn from you?
what food do you like?

mind you that blogging requires a massive commitment of time and intellect. Are you willing to put up with that? Blogging is also not a get rich quick proffession. All the best smiley
Business / Re: Have You Made Any Real Money With Adsense? by Albato(m): 3:13pm On Sep 03, 2010
Making money from adsense is a pretty hard stuff. You need to build up massive traffic first - which is no simple feat. In traffic lies all the problem.
I found affiliate links are a much better investment (personally). Depending on what you promote obviously. A single link can keep returning for days (as long as the cookie remains alive though).
Webmasters / Re: Who Can Teach Methe A-z Of Word Press Blogging. by Albato(m): 2:51pm On Sep 03, 2010
First off, do you have the following:

1. A hosting account with Wordpress ready for installation (or installed already)
2. Enough time on yr hands

Once you have these ready. I'll be willing to take you along.
Culture / Is This True? Do They Use Hyenas For Debt Collection In Nigeria? by Albato(m): 7:33pm On Jul 16, 2010
I just saw a picture of people parading hyenas about on the internet. Is it true debt collection agencies use this to get back money from debtors in Nigeria? Seriously, my friend here who got the pictures sent to him says its true. Its really a big joke here now. Someone clarify this please.
Programming / Re: What Dose It Takes For One To Be A Good Programmer? by Albato(m): 11:56am On Jul 16, 2010
- bucket loads of patience.
- being able to sit in one spot for hours
- an eye for details
- a love for the abstract
- indifference to filth (can you go unshaven for days?)
Computers / Re: How Can I Do This? by Albato(m): 1:47pm On Jul 06, 2010
Take the advice and limit yor browsing to the house. Any method you wish to adopt will amount to bypassing security settings otherwise known as hacking. Its criminal to misuse computer resources or try to obtain access without permission or via illicit methods.

If you insist, talk to your admin to upgrade your account.
Sports / Re: Nigeria Will Not Reverse Team Ban: by Albato(m): 9:59am On Jul 03, 2010
I dont entirely agree with the ban. We can overhaul or re-ignite our soccer spirit in other ways. However FIFA should shoo off and deal with the more pressing problem of installing a goal line technology. Ask an England fan if am right.
Webmasters / Re: I Need Review Of My Aggregator Website - Dzigger.com by Albato(m): 12:02pm On Jul 01, 2010
Nicely done. Fast as well. Why did you pick the digg shovel logo? wink
Not a probelm though. I was impressed with the classified section too.
Webmasters / Re: Picture Of My Hacked Site And How I Resolved The Problem by Albato(m): 9:40am On Jul 01, 2010
Actually this post would have looked less contrived if the poster had used a screen capture which shows the browser rather than any old picture which could have been gotten from anywhere.
You would not have made this pathetic insinuation if you first read through the posts from the begining. Nairaland on their own decided this post needed to be on the front page - hence the large number of hits. I cant apologise for that. Again, read through my postings and see if they sound genuinely distressed or not.

Did you try to access the site on the day I posted the first message? Were you even here then? The site was there for the world to see. It remained defaced for at least 2 days while I battled to bring things back to normal. Long enough to proof I did not jut lift the picture from anywhere. Search for DZ Z3R0 on the internet to see if he actually exist.

(people like bad news. So the site gets a massive 3000 extra hits in a couple of days without a penny spent on advertisement )
You cant blame me for this. I will not apologise either. NL decided my post was good enough to grace the home page. Moreover, this conversation has been quite enlightening as there are a lot of useful tips in it.

Enough said. Thanks to everyone who made a meaningful contribution to this conversation. That kept me going and offered a challenge to restore what was spoilt. Most of all thanks to NL for offering us this beautiful platform for interaction.
Sports / Re: Pele Vs Maradona: Who Is Better? by Albato(m): 11:26am On Jun 29, 2010
2 different great players from 2 different footballing eras. Masters in their own rights. Hard to compare. I was not old enough to know Pele but Maradonna I do know.

Even though I was a kid then, how can I forget that fateful night in 1994 when he and Batistuta quashed our dreams of World Cup Glory. If I ever cried for a game of soccer, it was that night.

His mesmerising runs and dribble are out of this world. Zig-zagging his way through the English defence, only a TV camera could capture his ball control when we all thought God himself "handled" the ball that beat the goal keeper. Thus the legend of the "hand of God" was born that day.

Controvertial and stubborn. A maniacal stare into the camera gave away his drug dependence. Even then he was still the greatest.

After battling his demons, he now represents his country as the national team manager. People doubted his abilities but the evidence is emerging. There is something about him that brings the best out of Messi, Mascherano, Tevez and co.
Computers / Re: I Need A Free Dating Site by Albato(m): 10:25am On Jun 29, 2010
search hotscripts on google. They got loads of free already made scripts to launch a site.
Webmasters / Re: Picture Of My Hacked Site And How I Resolved The Problem by Albato(m): 5:16pm On Jun 28, 2010
Dual Core:
I have a question. Can a cracker pose as a good guy and share his extensions and plugins (that are malicious) to the open CMS community?

Absolutely YES !!!

Conspiracy theorists claim the big software firms do that. Its claimed they have secret key combinations that allow them bypass any security built into their own software. Games developers commonly used this trick to install stealth programs, spyware etc. Beware of all those free games on the net. They do contain spyware.

I remember this secret game that used to be on the "About" page of microsoft office (word or excel). I've forgotten the key combination we used to bring it up but it was a game where you walked along a wall top using the arrow keys. I think it was called "hall of lost souls". Something like that. Did anyone see it?. I mean why does microsoft office have a hidden game on the "About" page? What other secret plugins are there? How would you have known a game was there?

Dual Core:
Is there anything like QA/QC on modules?
Of course there is quality assurance. Before a module is released finally, it has to go through alpha, beta etc testing. CMS like drupal clearly indicate what stage a module is at. Using an alpha or beta stage module is at your own risk.

Even approved modules do contain vulnerabilities. Once found, the maintainers create a "patch" to tackle it. Its your responsibility as a site owner to download and intall these "improved" security updates.

Built into most CMS too (including drupal) is a utility that highlights modules that currently have a newer version or security update. Its left for website owners to install them - if you like.

I thinks its only natural to change all passwords after a hacker attack. Again, disabling cookies is a well known security measure. Stealth programmes have been known to use cookies to devastating effect. I guess am a bit paranoid after what happened. Would you not be after loosing 6 sites in one weekend undecided
Webmasters / Re: Nigerian Web Hosts Vs Foreign Web Hosts by Albato(m): 1:27pm On Jun 28, 2010
I host with a foreign company - directly. Am not mentioning names but I had to leave one last yr because they overwrote my files. Even the current one is not free of issues. Because its foreign does not make it free of wahala.
Webmasters / Re: Picture Of My Hacked Site And How I Resolved The Problem by Albato(m): 1:06pm On Jun 28, 2010

1. Why would a determined hacker attack a Drupal 6 site and leave Wordpress sites alone considering that Wordpress scripts are notoriously more vulnerable to attack by spammers?.
An attack focused on a single CMS is very common. In this case, I was running a non secure version of drupal 6. Whatever scripts he must have run targeted just this CMS. No CMS is free of vulnerability as long as its open source. Again, contributed modules/plugins may be unsecure.


2. DoS attacks do not work this way at all. Your screenshot only reveals server info and well . . . nothing else.
This was not a Denial of Service (DOS) attack. He basically "defaced" the site. He replaced my website's executable files with his. I have been reading up on this form of attack. All finger's seem to point at the hosts themselves. A weak host security may have led to this fracas. I know Bluehost will never own up to it but I think I may not be the only one whose site was attacked.


3. If Bluehost cannot tell you for certain if he/she had "left a hidden script somewhere", there is something wrong with their service and I suggest you buy from a different hosting company.

I actually left another host for bluehost around one year ago when I lost my sites because a support staff overwrote them with an old backup. No host is safe from these hackers. Afterall Pentagon, Twitter have all be hacked before.

Bluehost have been ok but this issue opened my eyes to a lot. They claim they perfom a sys backup every now and then. When this backup was restored during this crises, it emmerged that nothing was stored for my websites. They now pointed me to some legal stuff about how customers had been told not to rely on these backups. "When wahala come, dem begin quote law". I have realised in a hard way that backing up is my resposibility. I have started saving for a robust external hard drive.

Another important safeguard is to change all passwords: ftp, cpanel, website etc. This should be done regularly. Especially after an attack. Sometimes hackers gains access to a server via your personal computer. Cookies on your PC have login records - including your ftp password. A smart hacker can access these from remote location, log in and wreck havoc.

Passwords are stored in cookies when you click the "remember me" check box common on login screens. A hacker could be waiting next time you want to click that "remember me" box smiley
Webmasters / Re: Picture Of My Hacked Site And How I Resolved The Problem by Albato(m): 10:03am On Jun 28, 2010

Did the hacker leave an email address? You might have to contact him if he did.

I have heard of some hackers defacing a site and then demanding a ransom in order to free the site. These ones leave a contact. Of course you cannot trace them easily. The obviously route everything through some captured bot computer ip.

Looking at the photo of the hack, there are some jargon on there that I think resemble how he accomplished his act or contact details

Oh yes I did try to find him on the net because I wanted to avoid the gruelling work of reactivating my site manually (which I had to do in the end). He was untraceable. The only details I found led to hacker forums. I found this guy has wrecked many dreams. On one site they actually had a scoreboard of who has defaced the most websites. Its appaling this guys get a kick from ruining people's livelihood and dreams.

I lost 6 sites in this attack. My wordpress sites were ok but the support staff at bluehost told me he could have left a hidden script somewhere. I therefore reset the account to zero. The next 1 month will be for rebuilding again.
Webmasters / Re: Picture Of My Hacked Site And How I Resolved The Problem by Albato(m): 5:43am On Jun 28, 2010
Dual Core:

Hopefully he is not seeing your last post about your work in progress  grin


Honestly I have this paranoid feeling he is watching and having a laugh.
Webmasters / Re: Picture Of My Hacked Site And How I Resolved The Problem by Albato(m): 1:09am On Jun 28, 2010
I finally got the site up again. I have worked all through the weekend. I have re-loaded up to 80% of my old posts. Its been gruelling task. I lost some of the functionalities on the site but I will bring these back as time goes on.

- Am now using the lasted version of Drupal 6.
- I updated all modules to the latest and secure versions.
- I have also disabled all HTML for users.
- I have disabled user registration for now until I sort things out.

Hope fully this hacker will stay out of my way.

Thanks everyone for your concern.
Webmasters / Re: Picture Of My Hacked Site And How I Resolved The Problem by Albato(m): 6:54am On Jun 27, 2010
Thanks everyone. I cant believe I made NL front page. I have to be honest, I've had a horrible weekend. I fell asleep yesterday uploading the backed up files. I just discovered its daylight now. Thats how hard I have been at work to recover from this DZ Z3RO hoodloom's pranks. I should be live today at least. I summary:

--- The hack happened because of a security vulnerability. No one is sure from where but these are possible sources.:--
I allowed the use of full HTML tags for registered users. This is a stupid move - it was not deliberate sha. One should never allow Full HTML or PHP. If you notice on NL here, you are allowed limited use of HTML. Only certain tags are allowed.

--- The attack could have come via another hosted site in the shared server. Until you are on your own dedicated server, this is something that can happen.

--- It could have been an sql injection attack. :  This is a sad reality as long as you are using contributed modules/ plugins that you did not write yourself. According to one person here, these hackers read the codes from down to up just to find and exploit vulnerabilities. Their motivation, a sick passion for destruction and a fake sense of power which they can never have in real live because of their antisocial lives.

---- Always make your own backups. Only now did Bluehost tell me their backup should not be relied upon. In other words, your site's safety is your responsibility. A backup at least every 2 days will not be too bad from now on. And again, keep a local copy on your computer. These hackers also compromise any backups they find within the vicinity of the attacked site.

--- Use the latest version of your CMS. They are always security tested and unlikely to have security holes. Otherwise, if you are good with coding, then build your own security systems.
Webmasters / Re: Picture Of My Hacked Site And How I Resolved The Problem by Albato(m): 10:33pm On Jun 26, 2010
I think most likely an sql injection was responsible for this drama. Only now do I remember that I had allowed registered users the use of full html in creating text entries. It was an error but I suspect this could have been a vulnerability. Users should only be allowed plain text or limited html tags usage.

Another source could have been any of the modules/ plugins I installed. What puzzled me was that 3 different sites were affected simultheneously. Until someone identifies and reports a vulnerability. Some modules could remain a backdoor through which criminal hackers destroy a site.

I could also be that the attack was launched from any of the sites in the shared host am on. Am not going to blame Bluehost entirely but I did not get all the help I needed during this crises. Thier backup is completely useless.

I have completely reset my account. I am currently uploading stuff from my local backup. Should be ok by tommorrow. I have learnt my lesson.

I keep wondering what motivates someone to delibrately destroy someone else's work like this. I mean I could be depending on this for a living. Its not as if this hacker is getting any money out of this. Its just some devilish pleasure and bragging rights in some secret hacker's conclave.

I am now using the latest/ stable version of drupal 6. I will never ignore those security/update warnings again.
Webmasters / Re: Picture Of My Hacked Site And How I Resolved The Problem by Albato(m): 8:37am On Jun 26, 2010
Its been tough. Its increasingly becoming clear that I have to manually do stuff. Luckily the database was left untouched. It appears I have to manually upload everything after resetting the account. Painful.

The hosting company has not been very helpful. Thay had no backup of my account. They claimed to have restored my files from 2 different sys backups. Nothing changed.

I am going to manually delete files and reupload from my computer now. Horrible weekend this is. I just had to delve into the anatomy of the drupal database to find my posts. Thay are there still.

I think the hacker may have installed a script somewhere that destroys the files once they get restored
Webmasters / Re: Picture Of My Hacked Site And How I Resolved The Problem by Albato(m): 5:45am On Jun 26, 2010
Site still down!. A restored backup did not solve the problem. I found to my dismay that the webhost had not backed up my files properly. Another, and an earlier backup is being done now.

The last resort would be to reinstall drupal and start putting back stuff manually from my last corrupt backup files. This is something I was dreading. It will keep me indoors all through the weekend. hate that.
Webmasters / Re: Picture Of My Hacked Site And How I Resolved The Problem by Albato(m): 11:49pm On Jun 25, 2010
I have downloaded a backup I made last night. It happened that the compromise had happened before I made the backup. It was useless. The situation looks really bad now. This cyber criminal has done a great deal of damage already. Bluehost tech support have been very helpful though.

I have made a local copy of the latest version of drupal 6. Right now a restoration is ungoing from a system backup done around 7 days ago. I have realised I will loose a few posts. Nothing that I cant put back in 2 days.

I intend installing the secure version of drupal immediately the restore is over. Hopefully my site will be up by morning.
Webmasters / Picture Of My Hacked Site And How I Resolved The Problem by Albato(m): 4:42pm On Jun 25, 2010
(update: site is now up again. thanks everyone)
I woke up this morning to discover my site (the one in my signature) has been hijacked by this hacker calling himself DZ Z3RO. If you look there now, you will find a skull and bone picture plus his other jargons all over the place. I want to chronicle my fight to restore back my website here on NL.

The worst part of this affair was that I was 10 minutes to leaving for work when I found out. I promptly contacted my hosting company: Bluehost.com but they kept telling me to download my last backup, clean it and re-upload - all by myself. How on earth am I supposed to do this? What if I am not tech oriented? No matter what I said, the support guy at bluehost repeated the same thing. In frustration, I told him we will talk later, I just had to leave for work.

My website has remained defaced all day long. I cant repair the damage from work. Such antics are not allowed from the office PC. Moreover it will take too much time. Cant risk that. I have read up on all the attack routine I will adopt over the weekend. I'll keep ya'll posted.

My website is built on Drupal 6. I blame myself mostly for this catastrophe because I had not updated to the latest secure version despite getting the warning several times. I think this hacker exploited some of the security loopholes in the vulnerable version of drupal I was using. There is a sugestions he may also have entered via another hosted site on the shared server my account is hosted. In this case, Bluehost will be blamed. But I know they will never own up to that.

My accounts host 3 drupal sites and 3 wordpress sites. All the wordpress sites are ok. All the drupal sites are down. I have learnt my lesson and I want ya'll to do same. Always update your CMS with the latest security updates.

Anyway, its 16.30pm now. I will be home soon to launch a counter attack. I dont know what extent this criminal has damaged my files but I have a recent backup. Hopefully I will recover.

I have made a screen capture of the hack. For those not bold enough to check out my site, I will upload the screen photo here later.

Webmasters / Re: Help Out Pls by Albato(m): 9:28pm On Jun 23, 2010
I never cease to find this forum very amusing. In the middle of a serious discussion there must be one comedian to make me laugh out loud. Actually, using a CMS does not make you lazy. You do need to know how to customise it a bit to make your site look different though. I have always spoken against those lazy joomla users who use freely available template without caring to make it look different a bit. That is one of the major downside of using a cms.

Infact most web designers these days dont waste time re-inventing the wheel. A lot many big sites run on cms like typepad, drupal, wordpress, joomla etc. You may not know it. Even our dear NL runs on a ready made cms called smf  smiley

Some of the downsides to using "manufactured" code or CMS include
- your site looks like everyone else's (if u cant code enought to customise it). This is no issue if you can code a little.
- Hackers can understand the inner working of your site because your source code is openly available. This is very unlikely unless you are running a "non" approved version of the cms. Always install the tested and approved version. Install all security updates.
- add yours

On the other hand, the advantages of using cms is uncountable.
- easily launch sites in minutes.
- save your brain cells.
- access to well tested and secure codes
- these cms websites have forums where you can rub mind with gurus and get answer to any questions
- continually improving codes
- add yours
Webmasters / Re: Php Photo Script by Albato(m): 8:20pm On Jun 23, 2010
Dr. Lorenz:
@Albato by CMS, i guess you mean Content Management System? What i don't understand is if you mean the software i'm using to design the site or a web application. Please xplain. . .thanks. And oh. . .am not coding from scratch.

Correct smiley
CMS = Content Management System. As said above, the popular ones are joomla, wordpress, drupal, typepad etc. They are already made systems that can help you launch a website within minutes without coding. They are all open source too. You can recode anything the way you want. They have very active communities of programmers around them. These geniuses keep on turning out modules or plugins or small applications you can attach to the core codes to achieve almost anything. Good news: You need not be a source code nutter these days to build a website.

If you are using Drupal, its your lucky day. I can help you FREE. Otherwise there are lots of modules/plugins that will help you achieve what you want easily. Check the website for the cms you are using. Also have a look at fotomumu. com. Its drupal and may be close to the kind of stuff you are talking about.

So what CMS are you using or are intending to use?

(1) (2) (3) (4) (5) (6) (of 6 pages)

(Go Up)

Sections: politics (1) business autos (1) jobs (1) career education (1) romance computers phones travel sports fashion health
religion celebs tv-movies music-radio literature webmasters programming techmarket

Links: (1) (2) (3) (4) (5) (6) (7) (8) (9) (10)

Nairaland - Copyright © 2005 - 2021 Oluwaseun Osewa. All rights reserved. See How To Advertise. 199
Disclaimer: Every Nairaland member is solely responsible for anything that he/she posts or uploads on Nairaland.