• This is the TESTING site!

    - These conversations will be wiped out when we move for real.

    - Please use the regular site https://fordsix.com for your 'real' communications!

    - Please post and poke around here for testing, just be aware that they will wiped out.

Hacked again...

Status
Not open for further replies.

AzCoupe

Defunct
This time they really screwed things up..... I spent nearly the entire day trying to restore the data base. The first time, I used a backup that was done yesterday. While I was able to get the topics back, the post were all jumbled and popping up all over the place. For example, when you clicked on a title, you got post that belonged to another title. And when I tried posting a new topic, it put my post under a different topic, rather than starting a new topic. Not good.....

Next, I restored it using a backup from June 4th. That didn't work either.... same problem. The next backup I had was from May 28, but that was even worse. I think that backup was done right after the last hack, so most of the topics were gone. I finally had to call Host Monster and have them help, as this was obviously way beyond my skill level. They tried all sorts of things and kept me on the phone for three hours. In the end... we had to use the backup from May 21st, which is the one I used last week, because we knew it was OK. Seems the hacker not only deleted the DB this time, they also screwed up the search table and the SQ file, I think? I'm not really sure because I couldn't understand most of the stuff the support tech was trying to tell me. At least they got us back up and running, but once again, we lost all of the topics posted after the 21st. Sorry....

The support tech gave me a lot of good information, so I'm going to try a couple of things that may help to prevent these attacks. I just don't know if I have enough computer savvy to figure it out, but we'll see how it goes. He also said it didn't look like they were trolling for information, just someone being malicious. :evil:

What I really need to do, is find someone who understands all this stuff, and is willing to help.
 
Bless you for your efforts, Mr. Coupe. I have learned a great deal on this site. Thank all of you guys!! My ol' red truck runs better because of you!! :nod:
 

Crosley

New member
Mike, I am just curious on this hacking;

Is the main server or host company server being hacked or just FordSix forums?

i've never really understood this hacking crap the hooligans do
 

80broncoman

New member
Staff member
I think hackers should be locked up in a Room with a continuous playing of the movie "groundhog day" over and over with no way to shut it off. A month or 2 should do it.
 

Cool23

New member
Of all the forums I belong to I can not understand why this forum is so popular with the hackers !
 

CNC-Dude

Active member
Cool23":32vvuoav said:
Of all the forums I belong to I can not understand why this forum is so popular with the hackers !
For real! I have never seen a forum get hacked so many times before in my life. At least every 4-6 months it seems. They must think you have to be rich to fool with a Ford inline, and that they are going ot hit the jackpot or something.
 

StrangeRanger

New member
Over the years there have been literally a handful of people who have been shown the door for anti-social behavior and a slightly larger number who have not been banned but have been chased away for their troll-like postings. I'd almost bet the farm that it's one of them seeking vengeance for imagined wrongs. :roll:
 

Asa

New member
Mike, I was thinking that I don't think I've seen any real updates to the forum in a while, I realize that it might be because you've just left the regular skins in place, but I was wondering if the software that the forum runs on has been updated in a while?
If there is an update out there, it might be worth doing as usually security patches get included in them.

Sidenote: any possibility in switching to a different forum software? I know a couple guys that run their own forums on vBulletin, I have no clue if they would be willing to do so, but you might be able to work something out with them about having them monitor it.
If that sounds like an option, I can talk to them and put you in contact if they are willing.
 

Cool23

New member
CNC-Dude":1i69ad99 said:
Cool23":1i69ad99 said:
Of all the forums I belong to I can not understand why this forum is so popular with the hackers !
For real! I have never seen a forum get hacked so many times before in my life. At least every 4-6 months it seems. They must think you have to be rich to fool with a Ford inline, and that they are going ot hit the jackpot or something.
Yes this forum is hacked more than any other I belong to. When you read about hackers chasing politcal and commercial secrets just what is the attraction here ? You have to feel sorry for Admin here as all they do is create work when I am sure the Admin has better things to do with his time.
 

AzCoupe

Defunct
Like RANGER said, it's probably somebody that has a grudge against us.

As for switching to vBulletin, I doubt the DB is interchangeable from one to the other, so we'd probably have to start over. I'm not willing to do that.... There's just to much good information that we've accumulated over the years. Our DB is over a Gig, which is huge compared to many other forums.

One of our members, who has lots of experience with php and SQ, has stepped up and offered to help. :beer:
 

datac

Defunct
It's likely nothing to do with the content of the site at all, and everything to do with the phpBB version.

It's usually a kid who's written a script to crawl the web looking for unpatched forum installs, and when he finds them he breaks them- sort of the electronic equivalent of throwing rocks through the windows of neglected/abandoned houses/cars/whatever. He gets to brag about his leet skillz to his buddies, that's about it. Not only has he probably never seen the site before the hack, there's a fair chance he may not even speak the language.
 

CoupeBoy

New member
AzCoupe":3u7ex7te said:
The support tech gave me a lot of good information, so I'm going to try a couple of things that may help to prevent these attacks. I just don't know if I have enough computer savvy to figure it out, but we'll see how it goes. He also said it didn't look like they were trolling for information, just someone being malicious. :evil:

What I really need to do, is find someone who understands all this stuff, and is willing to help.
Which part is it that you need help with? I assume that the host company provides all the security updates for the server? I also assume that they lock down all ports (incoming/outgoing) except the ones required for the site to run (port 80) and for you to remotely connect (if you need to) either via RDP (port 3389 - windows server) or SSH (port 22 -- Linux host).

Which should leave you with only a couple issues to manage.
Site Security (keeping up with the ever changing patches or security modules)
Backup and Disaster recovery (which it sounds like you have been doing)
One of the most important, and often skipped parts of backup/disaster recovery is TESTING that it actually works. Unfortunately you have had to test yours on the real site, ideally they would give you another test forum to work with.

FWIW, I have working knowledge from personal hobby stuff working with PHP and MySQL (which is most likely what this is running on versus MSSQL or PostgreSQL) I work in IT, I know enough to be useful or dangerous about many things computer related. If you need another set of eyes/hands just let me know.
 

Cool23

New member
I think the hackers have not liked me posting about Ford Australia ceasing production as every time the forum has been hacked the topic has vanished. :roll:
 

xctasy

New member
Cool23":23yirep3 said:
I think the hackers have not liked me posting about Ford Australia ceasing production as every time the forum has been hacked the topic has vanished. :roll:
Agreed. Although its not just us. Two of my favourite forums. The hackers are mental as anything. Its happened too many times. I took up drinking. The nips are getting bigger as I wait for the database to get healed.

http://www.lyricswow.com/mental-as-anyt ... any-times/
http://www.youtube.com/watch?v=j_X3KmWUog4

Mike and his agents have fixed everything else, especially the moofing issue when we used to lose post information if posting took more than two minutes. Your whole posted data could just vapourise. Now, it really ticks me off when you spend a few hours posting very important information, and it just gets removed. Especially when the information is a consolidation of many years of information. That has happened frequently on the two forums I frequent, and it really grots me off.

Same thing at Four Eyed Pride, althought there are enough haters of that forum around for it not to be a coincidence. LOL, at least yellowbullet guys are fun, and its all about creative freedom. Customisers have been putting five year newer fronts on Fords in Australia all the time, and loving it, where as in the US some feel like its a crime. I've never liked European integrated body contoured headlamps, for me, they are the spawn of satan, but hey, its all about freedom. But that's how car nuts like us have always been, and Long May It Continue

Exhibit A, 15 pages of fun, anti FEP diatribe, an example of why America is great. :beer:

http://www.yellowbullet.com/forum/showt ... p?t=364135


and some other examples.

eg 1 http://forums.corral.net/forums/lounge/ ... pride.html

eg 2 http://www.foxtbirdcougarforums.com/sho ... gone/page2

eg 3 http://www.mustangsacrossamerica.com/fo ... r-is-it-me.


People are around who, due to the American enshrined right to free speech, feel like its there right to call the Admin staff a bunch of fa99ots all because some guys prefer to keep quad headlamps and TRX's on there rusty Foxes. Like me. I don't know when it ever became right to hate people for just networking, but there are people around like that, and we should just be happy that the world is still free enough to nut off. If having a free voice costs this much, then its just fine. More power to free speech!!!!

That's why I love North American websites....you guys allow us all to have opinions and that's why I'll always be here. I refuse to save my posts though, it really grates that the net is still such an unstable place for info, despite the anglelic support of Mike W and is team.


As a point of note, FEP are possibly moving away from vBulletin, its not just FSP that got cybe attacked.

FourEyedPride is moving.
6/16/2013
Due to an unexpected event, we are having to try to move the site to our new host.
We do not yet have a time by which we expect this to be done. We do not believe any data has been lost.
An upgrade may or may not be completed during the course of the move.
We apologize for the inconvenience and deeply appreciate your patience.

Updates will be posted here as things progress.

UPDATE 1 1:30 MST - We are looking at putting up a TEMPORARY forum for those who need to get in touch with one another.
Should we do this, you will have to re-register, it will be completely new and it will disappear once the site is restored.
This temporary board will be a different type of forum software, but similar to what you are used to.

A link will be posted once the forum is installed.

UPDATE 9:30 p.m. MST - You know how ripping into a car to fix one issue winds up snowballing into a much larger mess? Yeah. It's like that.

The good news is that we've got some serious hardware with the new host and once the software is dealt with, it'll be rock solid.
 
Status
Not open for further replies.
Top