Forum hacked again

niko · Post by **niko** » Wed Mar 30, 2005 7:32 pm

The forum has been hacked again. Sorry for this. Updated it, restored database, yadayadayada. Don't like this anymore.

Sorry for any inconvenience.

Soy1Bonus · Post by **Soy1Bonus** » Wed Mar 30, 2005 7:46 pm

Really, I can't believe it. And the second time. Hey you, hackers, Why don't you USE the Irrlicht engine and make some games instead of hurting the community?

cmoibenlepro · Post by **cmoibenlepro** » Wed Mar 30, 2005 7:47 pm

That really sucks!

condrula · Post by **condrula** » Wed Mar 30, 2005 7:55 pm

yeah

Armen138 · Post by **Armen138** » Wed Mar 30, 2005 8:15 pm

i wish i had their phonenumbers so i could call their parents... maybe they take the kiddies computer away... on the other hand, maybe they should just go to jail for being retards.

afecelis · Post by **afecelis** » Wed Mar 30, 2005 8:23 pm

Niko, any changes made to try to stop the damn thing?

niko · Post by **niko** » Wed Mar 30, 2005 8:49 pm

I don't think. PHPBB2 is just like windows: Its too popular, and hackers will always find another security hole. I already thought about switching software, but we would loose all the old posts with that.

afecelis · Post by **afecelis** » Wed Mar 30, 2005 9:17 pm

arghhhhh!! bad move, unless there's a phpbb2newsoftware converter to save the database.

Which other alternative is out there to phpbb2? and why would it be safer?

saigumi · Post by **saigumi** » Wed Mar 30, 2005 9:27 pm

You would think that any good forum software group would have a converter to import from a competition's forum database.

Something like this just happened over at another forum I visit, cheapassgamer.com, they were able to swap the whole thing from what I remember.

Still, it's strange how destructive some people are. That's my major fear about starting up a wiki. I want permissions to be loose enough to allow people to add information, but a method to stop people from starting up bots, removing everything, editing things in bad ways, etc...

Right now, http://irrforge.org is set to allow anyone who signs up to create/edit pages. It should stem most of the destruction, but I'll have to get some more helpful eyes on watching the changes. So far, besides myself, only one person has made a change. Which I guess is decent since it's only been publicized in a reply to one post.

Testur · Post by **Testur** » Thu Mar 31, 2005 6:05 am

I've been working as a developer using PHP for a couple of years now, for me it would be easier to write a new forum around the existing database than to write something to convert the database....but writing a forum takes time...

Bryan Abrams · Post by **Bryan Abrams** » Thu Mar 31, 2005 6:11 am

I may suggest trying XMB Nexus, or probably just trying the new vBulletin

MikeR · Post by **MikeR** » Thu Mar 31, 2005 11:11 am

I don't think it would matter which forum program you use. Hackers can get the program, find it's holes, and exploit them.

Testur · Post by **Testur** » Thu Mar 31, 2005 3:09 pm

Unless you have one specifically written for that site only....

vermeer · Post by **vermeer** » Mon Apr 04, 2005 10:30 pm

"It was discovered a few months back that phpBB 2.0.12 and older all had a fatal flaw that allowed anyone to gain admin access through a malformed cookie. If you upgrade to version 2.0.13 or newer you should be safe. And I have been seeing quite a few forums who haven't upgraded getting attacked and erased lately....don't let it happen here."

In case is of some help....

djceejay · Post by **djceejay** » Tue Apr 05, 2005 11:28 pm

Find out who did it and put them in the naughty zone. Get the net Suppernanny to sort them out.