Did Techcrunch get Hacked? (technews.techcrunch.com)
I was doing a search for Reddit's open source version and stumbled upon this article http://techcrunch.com/2008/06/18/introducing-technews-our-own-reddit-clone/ and when I followed the link this Asset Management group website popped up?
18 comments
[ 2.6 ms ] story [ 53.6 ms ] threadhttp://techcrunch.com/
This subdomain also has the same content:
http://primaries.techcrunch.com/
http://technews.techcrunch.com/
I'm pretty sure both of these subdomains aren't ever used though.
http://www.google.co.uk/search?q=black+oak+asset+management
http://wayback.archive.org/web/20070915000000*/http://primar...
Still bad though, since they now have access to the cookies/local-storage of techcrunch.com itself.
The IPs have just been recycled and are being used by MediaTemple hosting customer.
But overall they were simply confused as to why I cared to tell them.
So true. They can't even appreciate what is going on here and probably thought you were trying to sell them something.
The truth is that SEO wise the techcrunch site comes up when "blackoak asset management" is the search string. Not blackoakam.com (see contact page).
But someone should sell them some help with getting this straightened out so they don't disappear once TC fixes the DNS.
I mean, "Black Oak" on SOPAs "Black Out" day?
But maybe I'm just giving them too much credit...
Also: Pretty messed up (on TCrunches part) that this Black Oak site would now have access to cookies/LS from techcrunch, as one person points out.
Basically rather than explicitly binding each IP address for their servers to the server's MAC address itself they just allowed IP addresses to be assigned on the servers themselves essentially creating IP address conflicts if the same number was assigned by the administrators of 2 servers on the same LAN.
This first manifested itself when I accidentally assigned the wrong IP address to one of my servers and received angry emails telling me that I had taken someone elses site offline. Obviously I was embarrassed by this , apologized and corrected the address and didn't think much else of it.
Months later , after I had a server go down and rebooted it I found that my website was now pointing to some scam site.
Turns out that someone had got a server on the same LAN (rented or hacked I don't know) and assigned it every possible IP address just waiting for another server to go down so that they could steal the address.
Possibly what happened here?
The solution ended up being to drive to the DC, plug a monitor into the machine, and see Windows' "IP Address Conflict" dialog box on the screen >_<.