Hacked?

wordpress

#1

I noticed this morning I couldn’t get a directory listing using either my Filezilla or Dreamweaver ftp clients.

Looking at my site from the Dreamhost CP, I noticed a new subdirectory in the root called XYIZNWSK that I don’t recognize, with a date stamp of the morning at (6:40 AM on 4-17-05) – a time I was not working on or accessing the site.

This seems very strange to me. Could my site have been hacked?


#2

It’s possible. What software are you running on it? Have you kept up-to-date with security releases?


If you want useful replies, ask smart questions.


#3

Do you have software like awstats or some other 3rd party script(s)? Sites can be hacked via scripts, so it’s good to have the latest version of whatever you use just for the security fixes. Everyday there are attempted “break-ins” to an awstats directory that does not even exist on my domain. Yep, possible.

~Chell


#4

Thanks for the replies.

Looks like the problem was a pbcak error. Had my windows machine running in a minimal services configuration, probably why I couldn’t get a directory listing while running my ftp client.

Still a little perplexed by the new directory though. Continuing to look into that.

I’m running Wordpress and recently installed exhibit Engine for my photos. I had a lot of trial and error getting exhibit Engine configured. Perhaps the new subdirectory is related to that, although the date/timestamp is a little strange.