Page 1 of 2

So what happened last night?

Posted: Sun Jul 31, 2005 12:14 pm
by nielsene
I was starting to wonder if all of phpDB is under attack. First we lose the walrus, then this site was gone for a while, etc....

Posted: Sun Jul 31, 2005 2:18 pm
by feyd
it appears a few russian hackers ran some exploitations or something last night.. we got it band-aided at this point, we're updating several other systems to fix it good.

Posted: Mon Aug 01, 2005 7:36 pm
by McGruff
Unfortunately php bbcode tags have been affected by the changes. New posts should be fine but older ones aren't being formatted properly. Hopefully this will be sorted out soon.

I wish I had unit tests to work against...

Posted: Mon Aug 01, 2005 8:46 pm
by Ambush Commander
How do you know they're russian?

Posted: Mon Aug 01, 2005 8:52 pm
by theda
Probably because they spoke upside down English?

Posted: Mon Aug 01, 2005 9:07 pm
by Roja
theda wrote:Probably because they spoke upside down English?
No, thats the Australians.

The site was briefly redirected to a .ru site - russian, and the text was entirely cyrillic (also russian). Of course, it could have been a notrealcountrian, who wanted to be funny and redirect it at a Russian site for no particular reason.

Posted: Mon Aug 01, 2005 9:31 pm
by Ambush Commander
Hmm... that's interesting.

I don't mean to have the mentality of "why didn't you do something beforehand" but do we know what the exploit was?

Posted: Mon Aug 01, 2005 9:56 pm
by McGruff
Can't really discuss server security measures on a public forum I'm afraid.

Posted: Tue Aug 02, 2005 5:00 am
by shiznatix
i dont understand peoples hatred of this forum. this is the second major attack iv seen since i joined here and its like why, we do nothing to anyone and provide help to everyone that wants it. gah i hate people

Posted: Tue Aug 02, 2005 5:31 am
by CoderGoblin
Is the problem phpBB related or the server. If phpBB is there any details on the phpBB web site (couldn't see any yesterday). Are there any fixes (I know of a least customer of my firm that uses phpBB and although not responsible for it would like to inform them of any possible hack prevention).

Posted: Tue Aug 02, 2005 6:51 am
by feyd
we're still investigating the actual cause, but gut reaction says phpbb..

Posted: Tue Aug 02, 2005 8:11 am
by theda
Oh come on, you can talk security here :). We'd all love to log into the main FTP server.

Posted: Tue Aug 02, 2005 8:18 am
by Roja
theda wrote:Oh come on, you can talk security here :). We'd all love to log into the main FTP server.
ftp.example.com
Username: phpdn
password: 12345

Oddly, Jason has the same password on his luggage.

Posted: Tue Aug 02, 2005 8:21 am
by theda
Oh damn... For a second there, I thought I was going to be teh 1337 h4x0rs.

Posted: Wed Aug 03, 2005 4:41 pm
by evilmonkey
What russian site just out of curiosity? I speak Russian, might shed some light. If it was something generic, like aport.ru or rambler.ru, then no. But I'd still be interesting if you posted the site it redirected to.