Queerios!
http://www.austinrocky.org/phpBB3/

Forum Downtime
http://www.austinrocky.org/phpBB3/viewtopic.php?f=2&t=839
Page 1 of 1

Author:  Riff Raff [ Thu Dec 16, 2004 2:26 pm ]
Post subject:  Forum Downtime

As you probably noticed, the forums were down for awhile. The reason for this was that the webserver this web site resides on was hacked into and had a rootkit installed onto it twice in the last week. Were unable to determine the origin of it the first time, but after the second time had it narrowed down to almost certainly being a security hole in the phpBB forums that are used here and on one other site on the same server. Here's the security hole:

http://www.phpbb.com/phpBB/viewtopic.php?f=14&t=240513

And conveniently enough, here's a fairly simple Perl script that lets you take advantage of it:

http://www.k-otik.com/exploits/20041122.r57phpbb2010.pl.php

Even more conveniently, doing a Google search for the phrase "powered by phpBB 2.0.10" will produce a list of hundreds of sites that you can use this on. Whee! At any rate, after each breakin we had to completely reinstall the operating system (Linux) and set up all the web sites over again after transferring the data backups from elsewhere. That took... a bit of time last week. Once things were going again and I was fairly sure I knew what was being taken advantage of to break into the server, I left it running for a bit without the forums just to make sure I was correct that it wouldn't be immediately broken into again. I've installed some security patches and changed some PHP settings to hopefully avoid this sort of thing happening ever again, even when there is a security hole like that in PHP software running on the server. Carry on... :)

Page 1 of 1 All times are UTC - 6 hours [ DST ]