it doesn't appear to be a "hack" so much as just a simples php scripting error. People are quick to assume things...I know my phpbb forum has had problems before that I have fixed...but its never been hacked. If it is determined to be a hacking attempt the admin councel should seriously consider re-evaluating the security policies in place or that the host provides.
10-15-2004, 09:13 AM
Smulkin
It was a particular modular exploit used for the hack - not an error I am afraid.
10-15-2004, 09:21 AM
First_time_herp
Darn hackers! Is that why bp.net wasn't up last night?
10-15-2004, 09:22 AM
Marla
Yes, but I've fixed it for now. Gettin' my exercise, LOL.
10-15-2004, 09:23 AM
Shaun J
it said "Kernal Attack Ownz Here"that is exactly what it said
10-15-2004, 09:24 AM
Marla
Well, they don't "0wnz" jack.
10-15-2004, 09:26 AM
Shaun J
lol
10-15-2004, 09:26 AM
Shaun J
i was devastated
10-15-2004, 09:28 AM
First_time_herp
Edit button.
But yeah, I was really ticked off.
10-15-2004, 09:41 AM
gen
That makes me so mad! :evil: Why can't they just leave us alone? Glad you guys were able to fix whatever it was though.
10-15-2004, 09:45 AM
mlededee
Rat prices
thanks for fixing things up for us yet again. i figured something was up last night when i started getting errors. someone out there must be feeling awfully childish lately.
10-15-2004, 11:33 AM
TekWarren
Smulkin, I'm not sure how the nuke versions of phpbb are kept as far as updates and security but phpbb has had several security releases within the past few months if this is the method of vandalizm. I've recently updated a forum I run on my webserver at home to ver 2.0.10. With the attacks this close together its likely more are to come when the vulnerabilities of this site spread. Otherwise get on the host to secure the PHP and database isntallations !! I have about the same number of active users (inactive accounts pruned) on my board and no one has ever gotten through using exploits or other holes.
I realize its harder to keep things buttoned up when your using a commercial host, but still it is their resonsibility.
10-15-2004, 11:42 AM
Marla
The host is useless and we plan to switch. They are not actually getting in through pnphpbb2, but through a different exploit and a server access hole that the host has *refused* to fix.
10-15-2004, 12:36 PM
Super_Smash
YOU ADMINS ARE MY HEROS!!!
love you guys :heart::heart::heart::heart:
10-15-2004, 12:53 PM
led4urhead
Quote:
Originally Posted by Marla
The host is useless and we plan to switch. They are not actually getting in through pnphpbb2, but through a different exploit and a server access hole that the host has *refused* to fix.
Even after we pointed out where it was and how to fix it!
10-15-2004, 01:56 PM
Smulkin
IN THE EVENT OUR SITE IS UNAVAILABLE
Yep - forewarned is forarmed. Marla hit it - was not a PhP vulnerability and it is a bit more involved - of course you'll understand if we don't go into details ;)
10-15-2004, 02:11 PM
Ironhead
Another big thank you to the admins for getting us back up and going again.
10-15-2004, 04:57 PM
TekWarren
Short stupid jokes
Understood...wow I guess the hosting company is just that irresponsible. Switching would be a good idea. You guys/gals got it under control but if I can help give a yell.
10-15-2004, 09:15 PM
Marla
Thanks, TekWarren. We appreciate the offer and may call on you for consultation. We want to make the site move as smooth and secure as we can.
10-15-2004, 09:18 PM
CTReptileRescue
Quote:
Another big thank you to the admins for getting us back up and going again.
