Apologies for the outage!

4 replies [Last post]
bcrabtree
Offline
Joined: Mar 7 1999
Folks,
 
Sorry about the forum downtime.
 
There was an attempted hack on the server. Although the baddies didn't get in, they did overwhelm the server sufficiently to take it off line.
 
Martin has now implemented a security feature to block IP addresses that use invalid credentials too many times, so a hack using the same method should not put us out of action again.
 
Once again, apologies for the downtime.
 
Cheers
 
Bob
FreeFlow
Offline
Joined: Mar 1 2012
Re: Apologies for the outage!
Why on earth do they target this place? Surely Apple or Microsoft would make meatier prey?! Not that I'm putting down DVF!
johnpr98
Offline
Joined: Aug 20 1999
Re: Apologies for the outage!
Thanks Bob
Fingers crossed for Martin's security fix

johnpr98
 
If you have any Forum Suggestions please post them here

paulears
paulears's picture
Offline
Joined: Jul 8 2008
Re: Apologies for the outage!
The Blue-Room forum I belong to had something similar recently and it caused significant damage, and an attempt was made to get at the usernames and passwords. I'm not forum backside literate, but the guys who are said it was a serious attack exploiting a vulnerability in the software - which is now fixed. They suspect the intention was to exploit those people who use the same username and password everywhere. The attack also hit the front page and added lots of links to eastern europe/russian sites. A day or two later they did the same thing to disco/DJ forum reported a member who was active on both. 
 
Some discussion suggested that typical forum members of these kinds of places buy expensive equipment and often buy online. The passwords are kept encrypted but some knowledgable folk wonder if they are as secure as they were thought to be. These things are organised and designed to gain information - not just to be annoying.
sleepytom1
Offline
Joined: Feb 16 2012
Re: Apologies for the outage!
I somewhat disagree there Paul. 
 
Yes most forum hacking is data mining of one type or another. But there really isn't an easy way to crack the passwords. (Drupal 6 passwords are *fairly* secure D7 is lots better http://joncave.co.uk/2011/01/password-storage-in-drupal-and-wordpress/ ) It is possible to decrypt the passwords of a given user, but it is time consuming. 
 
I think that people are giving the "hackers" a bit too much credit here. Generally sites such as this one will be attacked by a fully automated script, this will not of been written by the people who are attacking us. The script will scan urls looking for sites which have lots of pages / users, when they find a big site they will start to auto attack using known exploits to get into the database. When they have got in they can access the database for the info which is valuable to them.
 
what is this data? Its not your password and username combo - this would only be of interest to people looking to commit quite serious crime, getting enough info to steal someone's identity is a lot of work and not the kind of thing that is suited to a random harvesting session of script kiddy hacking. The most likely data they are looking for is a list of email addresses and phone numbers. A list of 5000 active phone numbers is valuable and it will be sold to the same people who run the PPI text message scams. Same with email addresses, active ones are worth money to spam sending companies. 
 
Ok such a list may be only worth a few quid, but given that the "hacking" is basically fully automated it is possible for a hacker to target thousands of websites per day. This is why  we get hacked, not because anyone has really singled us out for special attention.
 
If anything this kind of hack just shows we have quite a good google presence combined with a domain name containing the word "forum".