Ask a lawyer, and, you wont find any good one for FREE, online. :)

Better save your money on security, and switch from the idiot who installed your forum.

I reall would like to nail this loser. He's a career welfare case who spends all his time being a pain in the ass on several forums. Someone post some derogatory comments about him (all true by the way) on our board. So he hacked it. It will take all day to figure out how he did it. There maybe a loss of data.

So, some idiot... loser... hacked your forum and it will take you guys all day to figure out how he did it? Right?

It is important to hire a system administrator who can deal with updating, patching and upgrading software that the server is running. If the forum is your own, talk to the developer to find out why it was 'hacked' otherwise ensure you were updated to the latest version, if not it's your fault you were running insecure software.

Take it as a lesson and restore from a backup, you got those right? If not get a system administrator to perform backups daily.

Hard to find someone you don't know who your looking for or know where they live, and if they are out of your country... Good luck.

I have his IP number, his real name, his county in CA, and his email address and website.

Does he know he's messing with the Borg?

First of all, if im going to deface your website Im going to go through proxies so that you dont really have my IP address. Thousands of open proxies exist that make it so you can bounce around.

Secondly if I were to deface a page and put a link to my website I would not put my real registration information in the whois. What happens when you call the person(s) number listed in the whois db? If you wanted to, you could contact the registrar once you find out its invalid information and have the domain revoked but that takes some time.

Thirdly, if you have all this information you should report it to your local authorities to further investigate.

Fourth, I'd spend the time on making the website secure vs trying to stop someone who probably did a google query for the software and insecure version number to find your site.

I have his IP number, his real name, his county in CA, and his email address and website.

But more importantly you have a website that you need to secure, right?

Perhaps the guy has done you a favour by highlighting a hole.

Move on, rise above it and spend your time doing constructive things. A tit for tat exchange is only going to escalate the problem, and by the sounds of it, he's more savvy on your forum engine that you might be, so I wouldn't go picking a fight with him.

A friendly email to him might prove more valuable in the long run.

TJ

Do you know what country he is in? Last I was advised it's very difficult to take action against people in foreign countries unless there are reasonably large sums involved.

How can we make sure that he pays the maximum price for his crime?

>>> Does he know he's messing with the Borg?

Have you tried assimilation?

Seriously; as has been pointed out; there is a lesson to be learnt in all of this - a hard lesson, but a good one. Now you know to take even greater care in future.

Syzygy

Crime?

Hacking, on the scale of human suffering and misery, is pretty low on that scale - especially since no resources were endangered or lost, only 1's and 0's.

Don't sweat about it. Learn from the experience, plug whatever holes the hacker used, and move on.

I had the same thing happen to me a couple of months ago. I had phone threats as well telling me to shut down my site. As the site was borderline legal and making no money and was no real use to anyone I decided to shut it down anyway. The hackers who I am assuming were just a bunch of kids destroyed the forum.

My fault really. I never kept up to date with the security. ;oP

Lesson Learnt.

Keep your security patches up to date. It is so easy, if you can spot an unpatched board, to exploit vulnerabilities. Even my cat could do it.

I hope, unlike me, that you have kept daily backups of your database.

Ska