Announcement

Collapse
No announcement yet.

Announcement

Collapse
No announcement yet.

Hacking

Collapse
X
Collapse
 
  • Page of 3
  • Filter
  • Time
  • Show
Clear All
new posts
Previous 1 2 3 template Next
  • #1

    Hacking

    Is this a server level attack or are they hacking the vbulletin login?
    Tags: None
  • #2
    They were able to install code directly into vBulletin.

    I paid $100 to have the host company clean the code out and reinstall a clean backup. We are now verified clean. I also added a $1 a month service that I wasn't aware of that monitors everything in the DB and red flags any code changes.

    I blame all of the NSA chatter on this

    Comment

    • #3
      Originally posted by Moonlight J View Post
      They were able to install code directly into vBulletin.

      I paid $100 to have the host company clean the code out and reinstall a clean backup. We are now verified clean. I also added a $1 a month service that I wasn't aware of that monitors everything in the DB and red flags any code changes.

      I blame all of the NSA chatter on this
      I Googled this hackers name, and he's done this a lot. On one attack he said something like, don't be angry, this is just my job. Freaks.

      So I guess they hacked admin level access. Did they tell you how this occurred? Any logs?

      Maybe we need to make sure anyone with admin access doesn't have "password" as their password? Could be that simple

      Comment

      • #4
        There are only 2 admin accounts - myself and Revo. We've both changed our passwords. Mine was always involving letters, numbers, and signs.

        There was a 3rd account for siteground admin but I shut them off and disabled all registrations for the next few weeks. The hosting company gave me a log of the code that did it but don't think they can find the actual offender. I'm going to go through and purge a lot of accounts that are showing inactivity.

        If people want to volunteer as a mod to help with that, I'm all ears.

        Comment

        • #5
          So, we're at $150 for the cleanup and the upgrade of vBulletin.

          I'll add that to the hat-passing post in October as the bills to renew are coming up 1/1/2014.

          Comment

          • #6
            FYI, my prior bookmark - http://forum.rotojunkiefix.com/ is now going to a default/coming soon page. I've updated it to http://forum.rotojunkiefix.com/forum.php for now, but just wanted to mention it.

            Comment

            • #7
              Originally posted by Zupe View Post
              FYI, my prior bookmark - http://forum.rotojunkiefix.com/ is now going to a default/coming soon page. I've updated it to http://forum.rotojunkiefix.com/forum.php for now, but just wanted to mention it.
              same here...if not for Jason's facebook post I never would have made it back.

              Comment

              • #8
                We have been upgraded to 4.2.1 -- check out the new "activity stream" feature above.

                Again, looking for some volunteers to help with some account cleanup. I basically want to purge all of the inactive accounts, and then limit new registrations to where Revo or myself have to review the account before letting it in.

                Comment

                • #9
                  In reviewing our stats log, we show an unusual amount of traffic from China. Either Trader Mac has nothing better to do during the day, or we have a shit load of fantasy sports fans in China. Either way, we need to trim it back because we're also going over our plan on the hosting environment. Apparently we were causing a lot of issues on the server and we may have to move to a $70 monthly plan instead of the $300 a year plan we're on now.

                  Comment

                  • #10
                    Can you block all IP's from China? Maybe add an exception for Mac.
                    "The Times found no pattern of sexual misconduct by Mr. Biden, beyond the hugs, kisses and touching that women previously said made them uncomfortable." -NY Times

                    "For a woman to come forward in the glaring lights of focus, nationally, you’ve got to start off with the presumption that at least the essence of what she’s talking about is real, whether or not she forgets facts" - Joe Biden

                    Comment

                    • #11
                      I can't do it through vBulletin and I'm guessing he's not on a static one where he is. When I looked at the logs, China IP is 3x higher than any other source

                      Comment

                      • #12
                        If we get activity from North Korea - then we know it is Mac

                        Comment

                        • #13
                          Originally posted by Moonlight J View Post
                          I can't do it through vBulletin and I'm guessing he's not on a static one where he is. When I looked at the logs, China IP is 3x higher than any other source
                          cant add an exception or cant block China IP's? If you're looking at going from $300/yr to 840/yr largely due to this.... There's really only one choice.
                          "The Times found no pattern of sexual misconduct by Mr. Biden, beyond the hugs, kisses and touching that women previously said made them uncomfortable." -NY Times

                          "For a woman to come forward in the glaring lights of focus, nationally, you’ve got to start off with the presumption that at least the essence of what she’s talking about is real, whether or not she forgets facts" - Joe Biden

                          Comment

                          • #14
                            Originally posted by cardboardbox View Post
                            cant add an exception or cant block China IP's? If you're looking at going from $300/yr to 840/yr largely due to this.... There's really only one choice.
                            Yeah that's very strange. I don't think we can justify $840 per year in any way. Maybe there is a cheaper hosting option if we change provider? It's shouldn't be that expensive these days.
                            Originally posted by Moonlight J View Post
                            Again, looking for some volunteers to help with some account cleanup. I basically want to purge all of the inactive accounts, and then limit new registrations to where Revo or myself have to review the account before letting it in.
                            I can give you a hand at deleting the spam accounts and unused accounts. I'll email you tonight.

                            Comment

                            • #15
                              actually found a feature in the software to let me purge users by coming under a certain post count or a lack of activity. Went in and did that and disabled registration for the time being. I'll turn it back on in a few weeks.

                              Comment

                              Previous 1 2 3 template Next
                              Working...
                              X