Rerurn to Romy the Cat's Site


In the Forum: Site Support Forum
In the Thread: From GoodSoundClub, with apologies.
Post Subject: From GoodSoundClub, with apologies.Posted by Romy the Cat on: 10/30/2012
fiogf49gjkf0d

I have to inform you with regrets that due to presumable hacker attack to my site I lost data since October 6. So, the posts you made during last 3 week are unfortunately can’t not be recovered.

Well, I have to say that it was due to the hacker attack but in reality it was due to my stupidity. The site is running on 50/50 Meg, static IP, fiber optic line. The site uses 3 HP DL360 machines, web server, database server and DR backup server, all on Win2003 Enterprise Servers. Preserving the server I periodically remove the hot-swap drives in array 0; since the context of the site hardly changes I do it once a month . The database is backed up dally, it is SQL 2005. The database’s backup script off the server to two 3 destinations: a LEN located backup workstation, DR backup server and network drive storage.  In addition I have once a month scripted process that takes all important files off the server to a dev workstation. I have this configuration for years and I thought that I am on a save ground in term of disaster recovery.

4 days ago I shut down my server ( was time to replace UPS battery) and the server did not boot up, the Array Controller did not now even recognize the drives. The drive was not able to be booted at the DR machine. I was able to boot the machine from September drive with no problems. This kind of funny I figure and went for the database backup to bring the site up to date. With my horror I recognize that during the recent remodeling the network was disconnected and my database backups were not removed from the server. So, the very last database backup that I had was from Oct 6, when my script took “important” files of the server to my dev workstation. I know, I know, I can tell you many stories like this but it is what it is.

I took the sever drive to forensic data recovery people and they claims that  both drivers do not have even partition tables on them and no data of any kind, the drives not even allocated.  I have absolutely no idea how partition table could be vanished from both hard drives, particularly from drive that run the site perfectly for a month. I did have a heavy hacker attack in early October, one of my machines was compromised and I am dealt with it. I presume that worm that hackers were trying to inject in my network did LAN scan, found the server and was sitting there, waiting there for a fist reboot. I have no more lucid explanation for the events.

Anyhow, the posts you made over the last 3 weeks are unfortunately gone. I have some email notifications with context of the posts but I do not have the first posts of the threads.  If you feel so then send me your first posts of the threads and I will be able to rebuild the thread from emails. The images unfortunately are gone.

Once again my regrets for the shity administrative work on my end.

Rgs,
Romy the Cat

Rerurn to Romy the Cat's Site