Forums updated
Forums updated
Well, as you've probably noticed, the forums have been updated. It had to be done due to security issues (for starters - but mostly because of that). From what I can see, the update went fine. There might be some subtle errors here and there - if you spot them, let me know.
I've also tracked down the problems with antivirus software - certain things were added to the main website and the forums' index.php. I suspect the initial breach has either happened on the old server (as I've previously stated, the old server was compromised a few days before the server move), although though because the problems seem to be limited to the system user who "owns" the Chaotic Dreams website, I suspect it had to do with an exploit in PhpBB2 - the software that was installed has a lot of known exploits - examples: http://www.cvedetails.com/vulnerability ... .0.22.html.
This suspicion was reinforced by the fact that the problematic pieces of code kept reappearing, even when I've removed them before. Now that the forums have been updated, things should be better - if not, I'll try something else to get to the bottom of this.
I've also tracked down the problems with antivirus software - certain things were added to the main website and the forums' index.php. I suspect the initial breach has either happened on the old server (as I've previously stated, the old server was compromised a few days before the server move), although though because the problems seem to be limited to the system user who "owns" the Chaotic Dreams website, I suspect it had to do with an exploit in PhpBB2 - the software that was installed has a lot of known exploits - examples: http://www.cvedetails.com/vulnerability ... .0.22.html.
This suspicion was reinforced by the fact that the problematic pieces of code kept reappearing, even when I've removed them before. Now that the forums have been updated, things should be better - if not, I'll try something else to get to the bottom of this.
Re: Forums updated
Great job Tim. thanks.
Re: Forums updated
[youtube]http://www.youtube.com/watch?v=hUQX2B67KL4[/youtube]
Re: Forums updated
cool
- http://octaforge.org - OctaForge scriptable game engine
- FreeBSD user and open source enthusiast
- FreeBSD user and open source enthusiast
Re: Forums updated
Well, the problem seems to have returned, despite the update - I'm looking at logs and doing different stuff to try and stop this from happening. I'll get to the bottom of this come hell or high water!
Fortunately, the problem is limited only to Chaos and didn't infect the rest of the system, meaning that whatever's been doing this cannot gain root access.
Unfortunately, the problem is in Chaos and didn't instead infect a less important site
Fortunately, the problem is limited only to Chaos and didn't infect the rest of the system, meaning that whatever's been doing this cannot gain root access.
Unfortunately, the problem is in Chaos and didn't instead infect a less important site
Re: Forums updated
I haven't had any alerts or warning since you've switched over to the site.
Re: Forums updated
Me neither!
Re: Forums updated
Just received a threat warning from avast as soon as the forums loaded.
Re: Forums updated
I know, I've been fighting this crap for days... Still can't find the source of the problem, but it's still limited to just this one user...
Re: Forums updated
It hasn't happened to me for a while. I was also thinking maybe it was a false positive for Avast but it lists the site this one tries to send me to so I have to think it is real. Very Odd.
Re: Forums updated
It's definitely real, I even know exactly which files were changed in the attacks and how often (3 times a day, and I'd rather not say which files due to security reasons).
What matters though is that the problems appear to have been fixed - there's not been an attack in a day and a half. I'd also rather not say how they were fixed, again, for security reasons (you know, in case the attacker are reading this and whatnot).
What matters though is that the problems appear to have been fixed - there's not been an attack in a day and a half. I'd also rather not say how they were fixed, again, for security reasons (you know, in case the attacker
Re: Forums updated
I have my fingers crossed Tim. I have not had a positive hit here in over a week and I'm here at least 5 times a day. I'm glad you know what you're doing! I'm grateful you are doing what you are doing too. Keep up the great work!
Re: Forums updated
Once the priorities are resolved..possible to replace the "phpbb" logo in the upper-left with a Chaos logo?
Re: Forums updated
Still no breakins. I think it's safe to say that the problem has been defeated, at least for now
As for the logo, RFlagg tried to modify an old image to remove the white background so that it's transparent, but he didn't succeed (primarily because the file was a jpeg - low quality at that - and the artefacts were making problems with the removal).
I'll try using a model for CUT2 or similar to throw together a montage with a bunch of proxies and stuff (which was what was in the image) at the end of the week when I get back to my main computer and the software installed on it - I just hope I don't forget.
As an apology for the logo still lacking, I have added a Chaos Official Complementary Forum and Website Browser Icon (TM). In other words, the proxy icon for the forums and main website is back - it might take a while for your browser(s) to realize this, however
As for the logo, RFlagg tried to modify an old image to remove the white background so that it's transparent, but he didn't succeed (primarily because the file was a jpeg - low quality at that - and the artefacts were making problems with the removal).
I'll try using a model for CUT2 or similar to throw together a montage with a bunch of proxies and stuff (which was what was in the image) at the end of the week when I get back to my main computer and the software installed on it - I just hope I don't forget.
As an apology for the logo still lacking, I have added a Chaos Official Complementary Forum and Website Browser Icon (TM). In other words, the proxy icon for the forums and main website is back - it might take a while for your browser(s) to realize this, however
Re: Forums updated
.... Oops!Tim wrote: - I just hope I don't forget.