PDA

View Full Version : Sorry for the continued disruption



wingnutLP
-11th October 2011, 16:56
This is driving us crazy.

After fixing the forum last time somehow we missed something that turned out to be glaringly obvious which let the same person back in. We have had to revert to a backup of the database from Saturday I am afraid.

The whole contents of the server has been cleaned and replaced with fresh filed from Vbuletin and the database has been checked. We are now running the latest release with aall of the relevant security patches.

I am really sorry for the inconvenience caused to members.

Sorry!!

Alex

Cyranna's Father
-11th October 2011, 17:33
Nothing to apologise for Alex - I imagine most of us are just happy to have it back up again and you guys do such good work at keeping it going.

Thanks to the FF team for all your hard work.

Foilling Around
-11th October 2011, 18:05
If you ever find out who it isd then please publish the details and then watch the sky for smoke!!

Cyranna's Father
-11th October 2011, 18:34
the last 2 or 3 interruptions have come from hackers who belong to sites that glory in this kind of thing - sad 16 year old spotties with no real life

marcus170888
-11th October 2011, 22:11
It's the fact that the things they're posting sound like they believe they're doing us a favour...noble intentions or not, it's still sad and pathetic vandalism.

Hungry Hippo
-12th October 2011, 06:37
Help - My avatars been hacked and gone away somewhere - an eponymously pictured one.

Anybody else suffered this, or am I being picked on!

wingnutLP
-12th October 2011, 07:10
Nothing to apologise for Alex - I imagine most of us are just happy to have it back up again and you guys do such good work at keeping it going.

Thanks to the FF team for all your hard work.

Thanks for the sentiments with the numeber of times the forum has bene hacked though it doesn't feel like we are doing a great job of keeping it secure.

I think the main problem is that Vbulletin are trying to make the software more and more complex and add millions of new features that I am not sure are necessary. They have added some sort of content management system for this update that seems a bit half thought through and then there are the blogs, groups friends etc etc... The Groups "feature" was how the hackers got in with an exploit that has been posted on bloody you tube!!

When we looked at how many people had set up a group in the last 6 months it was 2 and they were both hackers, one that failed and one that succeeded.

I wish they would go back to their core and offer a V bulletin lite that was just a forum.

The hackers themselves seem to just use other peoples code to exploit loopholes that other people have found.

All very boring...

Sorry again for the down time and particurlaly for the fact we have lost posts.

mattc
-12th October 2011, 08:12
Maybe time to ditch vBull and move to something less well known? Not necessarily any more secure but less likely to be targeted by script kiddies.

Gav
-12th October 2011, 08:48
Maybe time to ditch vBull and move to something less well known? Not necessarily any more secure but less likely to be targeted by script kiddies.



You get other problems associated with other software. It's also not inherently more secure (you know that). Plus the look and feel of most other forum software isn't as good as Vbulletin. There are a couple of not-bad ones out there though.

mattc
-12th October 2011, 14:28
The trouble is, I suspect this url is on a list now (probably more than one list), and although we're theoretically safe for the time being it's fairly inevitable that vulns will eventually be found in this version. Once the slightly more capable kiddies come up with an automated exploit and run it against their list then we may we be got again...

Of course, changing the url would also stop this, and be somewhat easier.

hokers
-12th October 2011, 14:43
It's very clear from google results which sites are running which versions of forum software. The only real way to avoid that is to have no search engine presence at all, which is counter-productive. Just got to stay patched and backup regularly I think.

wingnutLP
-12th October 2011, 14:44
Unfortunately changing the URL will not help. It is farrly easy for them to scan huge numbers of sites for ones that contain particular file names unique to Vbulletin.

They can even easily search for sites with the version they have an exploit for by using VBulletin's handy footer which proudly displays:

Powered by vBulletin® (http://www.vbulletin.com/) Version 4.1.7
Copyright © 2011 vBulletin Solutions, Inc. All rights reserved.

We have installed a couple of new security features to try to help but they would not have helped us with the exploit used most recently.

Honestly, there are how to hack videos posted with 13 year olds doing the voice over on you tube. It is incredibly irritating.

DaveAlmighty
-18th October 2011, 13:16
Unfortunately changing the URL will not help. It is farrly easy for them to scan huge numbers of sites for ones that contain particular file names unique to Vbulletin.

They can even easily search for sites with the version they have an exploit for by using VBulletin's handy footer which proudly displays:

Powered by vBulletin® (http://www.vbulletin.com/) Version 4.1.7
Copyright © 2011 vBulletin Solutions, Inc. All rights reserved.

We have installed a couple of new security features to try to help but they would not have helped us with the exploit used most recently.

Honestly, there are how to hack videos posted with 13 year olds doing the voice over on you tube. It is incredibly irritating.

Hey guys. i know nothing about fencing but I just took the 20 mins to sign up, and confirm email, to do or say 1 thing...

Queers who messed with your site (and many other sites including mine) have been taken down. Their site has been off for 3 days now. Like any other admin/ owner of a site i took it very personally. I followed tabs to see what they were up too. I also wanted to thank you, for making the thread on vbulletin.com letting them know what those kids were up too.

but yeah as you stated in your message, they were just kids, who followed the 8423424 of youtube tutorials on how to hack vun vbulletin websites. Being on the lastest vb4.1.7 will stop Tutorial Hackers since theirs no vun out for this version. I wont claim to know much of anything when it comes to security but double pass word protection threw cpanel is great.

also:
http://snpr.cm/Bd5Kco.png that image shows a mod, its on vbulletin.org not sure if u have it already but it explains a few other things u can do. like hide the config.php file, rename admincp n modcp ect thing like that.

when it boils down to it, if someone wants in theirs always a way. we all know nothing is 100% secure, but from those low level kids, being in the lastest version should be good enough. U seem like you have some cool members from the post i was reading. Hope the best for your website, and hope the worse is behind you guys, have a good one. N remember to smile because now those bastards have no website of their own...