Θύμα από hackers το phpbb.com

Προβληματισμοί και ανταλλαγή ιδεών από την Επικαιρότητα και διάφορα άλλα θέματα.

Συντονιστής: Super-Moderators

Απάντηση
Άβαταρ μέλους
Serpatinas
Δημοσιεύσεις: 605
Εγγραφή: 18 Ιούλ 2002 10:53
Τοποθεσία: ΘΓΚΑ
Επικοινωνία:

Θύμα από hackers το phpbb.com

Δημοσίευση από Serpatinas » 09 Φεβ 2005 06:51

Απλά κάνω paste το κείμενο...

Last updated: 8th February 2005, 02:08 GMT

At present www.phpbb.com is offline due to a group of politically motivated hackers wishing to use an opensource project to push their agenda ... shame on them.

We have some possible further details of the events which led to the loss of www.phpbb.com. Though I have not spoken with them myself I have learnt through an intermediary the group that appears to have attacked phpbb.com did indeed use a vulnerability in awstats to gain entry to our server (note the singular use of server there, we don't own a server cluster, just a server).

Since it would be totally inappropriate in this situation to simply "restore" (without investigating what happened we could simply be restoring an already vulnerable system) the box is being shipped from its datacenter to our server manager. There it will be analysed so we can confirm just what happened. Of course a full reinstall will then be performed after recovering the database. This will take some time. We are hoping to have an intermediate solution but there are no guarantees this is doable, or even worthwhile given the time frames. As I said before, best guesstimates for a return are from tomorrow (8th Feb) through to the end of this week.

To our community, please do not ask us for further updates as to the situation, its cause, etc. Everything we have to say is said here. Our support channel (#phpbb) on IRC has at times been swamped with "What happened? Any news?" style questions which are making it extremely difficult to support users with real issues. So we appreciate the interest but please, accept that we have nothing else to add.

Users in need of support with phpBB 2.0.x can visit our development board, area51.phpbb.com where such support is being offered at this time. Of course you can also view the next version of phpBB, 3.0 "Olympus" in the process (minus the new style of course!). We are also maintaining our IRC support channel, #phpbb on the irc.freenode.net network

Again we apologise for any problems this may cause our userbase. We obviously take the huge support our community gives phpBB very seriously. And we will do our best to return to "normal operations" just as soon as we can.

psoTFX - phpBB Group
Αγ
Ρούχα στο DRESS


Άβαταρ μέλους
cordis
Administrator, [F|H]ounder, [C|S]EO
Δημοσιεύσεις: 27626
Εγγραφή: 09 Οκτ 1999 03:00
Τοποθεσία: Greece
Επικοινωνία:

Θύμα από hackers το phpbb.com

Δημοσίευση από cordis » 09 Φεβ 2005 17:08

Last updated: 9th February 2005, 12:22 GMT

Hi everyone,

A further update and reminder as to the situation with this site. Our system was compromised Sunday evening by a group of hackers/crackers who (based on available information apparently corroborated by said hackers/crackers) used an exploit in awstats to gain entry. I'll repeat this very clearly since some people and worse some hosting providers are not listening to what is being said. Based on said information we do not believe, nor do we have any reason to believe, that our system was compromised due to any fault in phpBB 2.0.11.

Server update, unfortunately the datacenter where our box is located have been less than helpful. The box was supposed to have been shipped Monday, it wasn't. With further pushing we were told it would definitely ship yesterday (Tuesday), it didn't. The box is now being collected "manually". Very unimpressive service quite frankly. Because of this we are now working to an altered plan which may see the site return tomorrow (Thursday 9th) or Friday (10th). Please note that we will not be able to comment on the method used to exploit our site for at least several days.

It is actually quite fustrating at present that some hosting providers are asking or forcing their customers to remove installs of phpBB 2.0.11 due to the loss of phpbb.com. As I say above, our best available information right now is that phpBB was not to blame. If a hosting provider knows different perhaps they can inform us (along with details of how they know!).

Equally it's annoying to see some people posting the same old highlighting exploit claiming their 2.0.11 board was hacked via it. Again unless my team and indeed our other teams, heck large sections of our community, are all lying to me that vulnerability was fixed in 2.0.11. Sites running .11 and claiming (or thier hosts claiming) to have been attacked using it should take a close look at other applications they have installed. phpBB is not alone in being exploited, all the major boards can be if you don't update as new releases are made. Equally users should ensure the relevant highlighting fix is indeed present. Over the years we've dealt with thousands of users who say they've patched something (be it an exploit or bug) but upon examination we've discovered the problem code is still there. Equally hosts should look at their own systems. Are you running awstats if so have you updated? Do you regularly update your OS and particularly the kernel (if appropriate) as fixes are released? Are your users running old versions of other PHP/Perl/etc. software? Have you set appropriate permissions on key folders such as /tmp and /var/tmp? Is your webserver running with as few permissions as possible? Just because we overlooked something doesn't mean you should!

To our community, please do not ask us for further updates as to the situation, its cause, etc. Everything we have to say is said here. Our support channel (#phpbb) on IRC has at times been swamped with "What happened? Any news?" style questions which are making it extremely difficult to support users with real issues. So we appreciate the interest but please, accept that we have nothing else to add.

Users in need of support with phpBB 2.0.x can visit our development board, area51.phpbb.com where such support is being offered at this time. Of course you can also view the next version of phpBB, 3.0 "Olympus" in the process (minus the new style of course!). We are also maintaining our IRC support channel, #phpbb on the irc.freenode.net network

Again we apologise for any problems this may cause our userbase. We obviously take the huge support our community gives phpBB very seriously. And we will do our best to return to "normal operations" just as soon as we can.

psoTFX - phpBB Group
Δεν απαντάω σε προσωπικά μηνύματα με ερωτήσεις που καλύπτονται από τις ενότητες του forum. Για ο,τι άλλο είμαι εδώ για εσάς.
- follow me @twitter

Απάντηση

Επιστροφή στο “Επικαιρότητα & Διάφορες Συζητήσεις”

Μέλη σε σύνδεση

Μέλη σε αυτήν τη Δ. Συζήτηση: Δεν υπάρχουν εγγεγραμμένα μέλη και 0 επισκέπτες