Yup, thats right folks, jimdrewes.com was hacked - And I am furious about it.

If you hadn't noticed, jimdrewes.com (and all other websites hosted on my server) have been down for the last 2-3 days. This includes email as well. I've been working feverishly to backup data and re-do the entire server. The hosting company (adiungo - never use them. The support I had during this time flat out stunk) made me back everything up so they could wipe out the server and start completely fresh. This, of course, was no small task. I had to hunt down, compress, and transfer everything that I needed to make this server run correctly. This was about 1GB worth of data. Then, after it was wiped, I had to start putting stuff back up. I'm still only about 1/2 done in restoring the server.

So, a little bit about the hack: The hackers found an old phpNuke site running on my server, which was probably left over from some experimental sites that I had going a while ago. This old instance of phpNuke had a security flaw in it which allowed hackers to execute their own code on the server - this opened up jimdrewes.com to them. They then proceeded to use jimdrewes.com as a spam relay, which raised a huge flag with the hosting company, since my outgoing traffic experienced a major spike. This spike caused them to shut down my server, and they would only open it back up to me, and even then they did so with hesitation.

So I now have a newfound hatred of hackers and spammers. I always looked down on these types before, but now that I've been directly hit, they absolutely boil my blood. Hackers and spammers are scum.

I don't think many people would argue that spammers are just about the worst type of internet abuser out there. In fact, in many interviews, spam kings themselves often chuckle about how they are able to make a buck by exploiting the power of the Internet. Hackers are a little different though. Although the term "hacker" is seen as a vile term by most of the population, there is a curiosity that surrounds them which leads some misguided people to believe that there are some "good" hackers out there that operate only to advance the computing security community. This is crap. Take this article for example. PBS found the need to explore whether or not hackers are Outlaws or Watchdogs. The answer is neither. They are bored people who have nothing better to do than screw with other people's property and resources for either: A. Financial gain, B: Bragging Rights, or C: Some twisted destructive pleasure. In the case of my server, it was for financial gain. Some idiot thought that it was okay to hack into my system, cause massive amounts of damage, eat up my resources, cause me to have 2-3 days of downtime which resulted in me spending hours and hours trying to bring the thing back up, they caused myself and several of my users to miss important business-related emails, they eliminated the web-presence of several important things - such as the website for Kenyon's IGF game, which will be featured in some articles in a few days... All that damage, and for what? So they could churn out a couple of million emails to people (and in the process, pissing those people off and eating up Internet traffic), just to get a hundred or so responses. Scum. All of them. Even the ones who think they are "enhancing security" by exploiting security flaws. Thats a bunch of bull. They are just making it easier for malicious hackers to come through and do the real damage. It doesn't make any sense. Just because there is a security flaw that you can leverage to gain access to a system, doesn't mean you should exploit that to prove that its there. That would be like me saying, "gee.. its easy to get into your car. All I have to do is leverage the weakness in your window, and BAM! I'm in. So, you should fix that problem. Its not my fault someone came by later on and stole your radio."

Jerks.