After some research into the problem, I have made some updates to hopefully avoid having problems similar to what FBTB.net has been experiencing.
There is apparently a worm going around that exploits a problem with PHP and takes advantage of phpBB intallations. You can read about it here:
http://news.zdnet.com/2100-1009_22-5499725.html
I am not sure if this was what hit FBTB, or if they were the victim of a targetted hacking attack.
I have updated the server to the latest build of PHP which is supposed to take care of the issue. I have also upgraded the forums to the latest build of phpBB which should also help.
Troy
Forums have been upgraded
- Troy
- King Mnementh the Bronze
- Posts: 304
- Joined: Tue Sep 09, 2003 3:38 am
- Location: Cleveland, Ohio
- Contact:
Forums have been upgraded
Visit Troy's Surplus LEGO
http://www.bricklink.com/store.asp?p=mnementh
http://www.bricklink.com/store.asp?p=mnementh
- Troy
- King Mnementh the Bronze
- Posts: 304
- Joined: Tue Sep 09, 2003 3:38 am
- Location: Cleveland, Ohio
- Contact:
Well, "security through obscurity" almost never works. Staying up to date with system patches and such is the best defense. If someone really wants to hack the site bad enough, they will find a way.Redaxe wrote:It's good to know you're taking steps to prevent this! On the other hand, I'm not sure you should post this kind of info in the future.... Some hacker may read this and view it as a "challenge" to hack the site. Isn't it better to keep them in the dark as to what version of software you're running?
Besides, I never actually said what versions I upgraded the site to. Although, the version of phpBB is given at the bottom of every page in the forum, so it is not like that is a secret. As for PHP itself, it gets trickier because there are "current versions" of both PHP4 and PHP5.
Troy
Visit Troy's Surplus LEGO
http://www.bricklink.com/store.asp?p=mnementh
http://www.bricklink.com/store.asp?p=mnementh