Just wanted to provide a recap of the recent "attack" we faced over the past ~24 hours or so.
At some point around January 28-29th, the forum database was compromised. The phpbb_groups table had been altered in such a way that removed all of the default groups. Some of you may have noticed when you logged in yesterday that you couldn't view the public forums. This is because everyone is placed in a "registered users" group that is allowed to view everything public. Well, if this group doesn't exist, you would only be able to view private forums that have been assigned to specific groups. Luckily for you guys I'm awesome and I take regular SQL dumps (lol!) and it was a simple import.
The SSH logs show no extraneous authenticated root users, so it was likely a direct SQL injection through a security flaw in phpBB. We're constantly getting ass-pounded with attacks from Hong Kong/China/other fuckers/etc.
The good news is that phpBB released a security update just the other day, so I've gone and applied it.
I've taken steps to harden SSH security and also added a system (fail2ban) that automatically IP bans any of these assholes.
Oh yeah I added two new smilies for this occasion...
Updates and such
Gaming:
Workstation:
Workstation:
Re: Updates and such
Gaming:
Workstation:
Workstation:
Return to “News and Announcements”
Who is online
Users browsing this forum: No registered users and 8 guests