| Author |
 Topic  |
|
|
CoarsefishAnton
New Member
73 Posts |
 Posted - 20 February 2004 : 01:38:02
|
Gents
My forum has just been hacked (version 3.4.03) and I have no idea what I am missing that has allowed them to log in as admin and generally have a play. (and post the new admin log in and password, bless 'em)
Any ideas what I have to put right anyone please?
My forum is at http://coarsefish.com/forum/default.asp
Also, how do I shut the forum down until I get home tonight to prevent any further damage?
|
**************************
Explain it like I'm a five year old..... |
Edited by - CoarsefishAnton on 20 February 2004 01:44:37 |
|
|
RichardKinser
Snitz Forums Admin
USA
16655 Posts |
Posted - 20 February 2004 : 02:10:03
|
do you have all of the security fixes installed that are shown in this forum:
http://forum.snitz.com/forum/forum.asp?FORUM_ID=118
v3.4.04 has been out since 01/01/2004, it includes all of the security fixes listed in that forum and also all of the bug fixes listed in the bugs forum. |
 |
|
|
CoarsefishAnton
New Member
73 Posts |
Posted - 20 February 2004 : 02:52:22
|
No, I haven't Richard. Seems like that should be my first port of call.
I have read about closing the forum down on here, am I able to do that temporarily? |
**************************
Explain it like I'm a five year old..... |
|
|
|
RichardKinser
Snitz Forums Admin
USA
16655 Posts |
Posted - 20 February 2004 : 03:47:54
|
you can close the forum by logging into the Admin Options and then accessing the down.asp page:
http://coarsefish.com/forum/down.asp
But, there are ways to get around it, especially if someone is able to login as an Administrator.
Do you have access to your site via FTP, or some other way? If so, you can just download a copy of your database. That way if anything gets messed up, all you have to do is re-upload the database. |
|
|
|
CoarsefishAnton
New Member
73 Posts |
Posted - 20 February 2004 : 11:19:00
|
The funny thing is Richard, I've now closed the site down twice, having first changed the admin password. Each time I return, the forum is there, bold as brass, complete with new postings.
I guess I'll just have to wait until I get home and sort out the fixes that you posted. |
**************************
Explain it like I'm a five year old..... |
|
|
|
CoarsefishAnton
New Member
73 Posts |
Posted - 20 February 2004 : 11:24:12
|
Now I can't even browse to the 'down.asp' page. Logged in as admin, it just refreshes back to the forum default page.
Are my eyes bleeding? 'cos it feels like they are..... |
**************************
Explain it like I'm a five year old..... |
|
|
|
Panhandler
Average Member
USA
783 Posts |
Posted - 20 February 2004 : 11:39:37
|
quote:
Originally posted by CoarsefishAnton
Now I can't even browse to the 'down.asp' page. Logged in as admin, it just refreshes back to the forum default page.
Are my eyes bleeding? 'cos it feels like they are.....
Why don't you just ftp upload a new down.asp file and try that?
If it were me, I think I would try ftp uploading individual files.
But first, ftp download everything before you make any changes. You can analyze it later.
If you need ftp help, send me an email.
|
"5-in-1 Snitz Common Expansion Pack" - five popular mods packaged for easy install
". . .on a mote of dust, suspended in a sunbeam. . ."
HarborClassifieds
Support Snitz Forums
|
|
|
|
RichardKinser
Snitz Forums Admin
USA
16655 Posts |
Posted - 20 February 2004 : 11:42:20
|
you have to be logged into the Admin Options, not just as the admin.
And like I said, there are ways around the down.asp file, it's not meant to close the forum on a permanent basis. It was only meant to be used when archiving topics/replies. |
|
|
|
CoarsefishAnton
New Member
73 Posts |
Posted - 20 February 2004 : 11:53:50
|
Of course, sorry Richard, It's that 'blind panic' moment when you realise (as I did at 6am) that I can't really do anything until I get home from work. 12 hr shifts are bad enough without this little baby to contend with.
Still, we live and learn. |
**************************
Explain it like I'm a five year old..... |
|
|
|
Gremlin
General Help Moderator
New Zealand
7528 Posts |
Posted - 20 February 2004 : 21:44:35
|
| Check to make sure that the "hackers" haven't given themselves Admin permission on another account too, they could just easily be coming back and changing things becuase of that. |
Kiwihosting.Net - The Forum Hosting Specialists
|
|
|
|
CoarsefishAnton
New Member
73 Posts |
Posted - 21 February 2004 : 02:42:03
|
| Good point Gremlin. I don;t think they have, and I have to be honest and say that just as we have good witches and bad witches (we do don't we?) I think the hackers were just highlighting the need for the security fixes as they didn't do any damage, just apple pie'd the bed, so to speak. |
**************************
Explain it like I'm a five year old..... |
|
|
|
Gremlin
General Help Moderator
New Zealand
7528 Posts |
Posted - 21 February 2004 : 02:57:50
|
| Short Sheeted your forum eh ;) .. still definately check, its not uncommon for someone to use a backdoor to gain acess to something and then leave themselves a nice way to get in the front door when they want to come back again. |
Kiwihosting.Net - The Forum Hosting Specialists
|
|
|
| |
Topic |
|
Topic Locked
