Pages:
Author

Topic: About the recent attack - page 5. (Read 14041 times)

sr. member
Activity: 392
Merit: 250
♫ A wave came crashing like a fist to the jaw ♫
hero member
Activity: 952
Merit: 1009
October 07, 2013, 05:20:28 AM
#26
So this site has backdoor since 2011?

full member
Activity: 165
Merit: 100
696B6111
October 07, 2013, 05:09:32 AM
#25
Theymos - Thank you for keeping the forum warm. If people complain, maybe they should go camping with another forum Wink
member
Activity: 84
Merit: 10
October 07, 2013, 05:03:28 AM
#24
Goodjob theymos.

are you fucking kidding me?

What do you mean.
Are you not happy to see forum back again?

well i hope that was a sarcastic "good job"

theymos, upgrade smf for the love of Christ.




I agreed with r3wt. From my understanding there was a security patch for the 2.0 but not 1.1.18 in 1st October. They stop patching 1.1.18. I think it is time to upgrade. Also I suggest you use either Nessus or OpenVAS to scan the forum to see if there are any other problem with the webserver configuration.
full member
Activity: 182
Merit: 100
October 07, 2013, 04:53:35 AM
#23
Thanks for your vigilance Theymos. I'd also like to thank you for taking the site down quickly and leaving it offline until you could ensure security. Plenty of admins would have just gotten it back up as quickly as possible for the sake of revenue.
newbie
Activity: 8
Merit: 500
October 07, 2013, 03:47:57 AM
#22
Good to see the forum back  Smiley  Thanks theymos and others for getting it up and running again.

It might be worth while bolding the statement below in the original post as a lot of members could easily miss it:

The attacker may have modified posts, PMs, signatures, and registered Bitcoin addresses. It isn't practical for me to check all of these things for everyone, so you should double-check your own stuff and report any irregularities to me.
sr. member
Activity: 588
Merit: 253
October 07, 2013, 04:33:24 AM
#22
So this site has backdoor since 2011?
hero member
Activity: 560
Merit: 500
StayFocus and LIVE
October 07, 2013, 03:47:34 AM
#21
thanks for the update!  Grin
hero member
Activity: 952
Merit: 1009
sr. member
Activity: 672
Merit: 254
October 07, 2013, 03:27:43 AM
#19
(.......)
How the attack was done

I believe that this is how the attack was done: After the 2011 hack of the forum, the attacker inserted some backdoors. These were removed by Mark Karpelles in his post-hack code audit, but a short time later, the attacker used the password hashes he obtained from the database in order to take control of an admin account and insert the backdoors back in.
(.......)

Anyone care to summarize the 2011 annoyance. Was that the Bill Cosby incident?
hero member
Activity: 686
Merit: 504
always the student, never the master.
October 07, 2013, 03:12:15 AM
#18
Goodjob theymos.

are you fucking kidding me?

What do you mean.
Are you not happy to see forum back again?

well i hope that was a sarcastic "good job"

theymos, upgrade smf for the love of Christ.


legendary
Activity: 2156
Merit: 1131
October 07, 2013, 03:00:40 AM
#17
Goodjob theymos.

are you fucking kidding me?

What do you mean.
Are you not happy to see forum back again?


Ignore button is shining upon r3wt.
sr. member
Activity: 392
Merit: 250
Bitcoin will survive
October 07, 2013, 02:54:07 AM
#16
very happy at least its back and now I can do again all which I was doing before this closing  Cheesy 
legendary
Activity: 1274
Merit: 1004
October 07, 2013, 02:49:17 AM
#15
Goodjob theymos.

are you fucking kidding me?

What do you mean.
Are you not happy to see forum back again?
hero member
Activity: 686
Merit: 504
always the student, never the master.
October 07, 2013, 02:41:21 AM
#14
Goodjob theymos.

are you fucking kidding me?
legendary
Activity: 1274
Merit: 1004
October 07, 2013, 02:27:39 AM
#13
Goodjob theymos.
legendary
Activity: 1204
Merit: 1015
October 07, 2013, 02:23:51 AM
#12
Was the javascript they entered in the forums harmful? I'd like to know more about that.
No, we determined that it was merely fun and completely harmless. We lucked out big time...
legendary
Activity: 2114
Merit: 1015
October 07, 2013, 02:22:55 AM
#11
Changed my passwords in other places where I used it. It was about time anyway.
This helped a lot:
$ makepasswd --chars 16
uvULbCpFLKg9phb2
...
legendary
Activity: 3682
Merit: 1580
October 07, 2013, 02:18:09 AM
#10
Was the javascript they entered in the forums harmful? I'd like to know more about that.
member
Activity: 118
Merit: 10
October 07, 2013, 01:40:04 AM
#9
The forum is now on a new server inside of a virtual machine

Security-wise what does this get you?  Or is this just a 'fyi, we moved' thing.
Pages:
Jump to: