| Author |
 Topic  |
|
|
Webbo
Average Member
United Kingdom
982 Posts |
 Posted - 21 April 2007 : 08:01:28
|
Our forum is 3.4.03 with all security fixes in place but we've recently had a couple of strange events >
Both the 'Prohibit New Members' and 'Email Mode' have been changed from our usual settings
Ie 'Prohibit New Members' was toggled to 'On' and 'Email Mode' was toggled to 'Off'
There are only two members with access to the admin areas, myself being one of them. The other seldom goes into these areas and has not done on either of these occasions, and I trust him implicitly
Is it possible for someone without Admin access to change these settings, nothing else has been affected ?
Regards,
Dave |
Edited by - Webbo on 21 April 2007 08:02:45 |
|
|
MarkJH
Senior Member
United Kingdom
1722 Posts |
|
|
pdrg
Support Moderator
United Kingdom
2897 Posts |
Posted - 21 April 2007 : 09:51:18
|
| Try MarkJH's suggestion - you're looking for an M_LEV of 3 for admins |
 |
|
|
Webbo
Average Member
United Kingdom
982 Posts |
Posted - 21 April 2007 : 09:59:50
|
Okay, just checked the db and yes we had a new member on 10th April who was set at lev3
Name: listing84
Email: listing84@list.ru
Country: jamaica
I have removed him from the db
Also the main admin's password has been changed (my second account)
How is this been possible to do? |
|
|
|
ruirib
Snitz Forums Admin
Portugal
26364 Posts |
Posted - 21 April 2007 : 10:15:16
|
You need to look at the logs. Given the fact that it has happened to several forums, it seems there is some security issue with 3.4.03. We've had no complaints regarding the current version, so...
You do need to look at the logs to find out how it was done, so that we can help with that. |
Snitz 3.4 Readme | Like the support? Support Snitz too |
|
|
|
Webbo
Average Member
United Kingdom
982 Posts |
Posted - 21 April 2007 : 10:25:16
|
| It is a MySql db ruirib, is it possible to get logs of changes made to it - I've never had to do it before |
|
|
|
ruirib
Snitz Forums Admin
Portugal
26364 Posts |
|
|
Webbo
Average Member
United Kingdom
982 Posts |
Posted - 21 April 2007 : 10:43:50
|
Okay, I'll get them from our hosts as it's a managed server
Do you want them emailing to you when I receive them? |
|
|
|
ruirib
Snitz Forums Admin
Portugal
26364 Posts |
|
|
Webbo
Average Member
United Kingdom
982 Posts |
Posted - 21 April 2007 : 11:00:15
|
Cheers, I've requested them, if you could email me your address from the forum, I'll reply back to you when they are received
Thanks for the help so far |
|
|
|
ruirib
Snitz Forums Admin
Portugal
26364 Posts |
|
|
Webbo
Average Member
United Kingdom
982 Posts |
Posted - 21 April 2007 : 11:13:49
|
Try Googling: listing84
It looks like they've been around the block a few times where Snitz forums are concerned |
|
|
|
ruirib
Snitz Forums Admin
Portugal
26364 Posts |
Posted - 21 April 2007 : 11:18:24
|
| A quick browsing did not allow me to find any forum with a version later than 3.4.03, which really makes me thin~k that the issue is connected to that version and older versions. |
Snitz 3.4 Readme | Like the support? Support Snitz too |
|
|
|
Webbo
Average Member
United Kingdom
982 Posts |
Posted - 21 April 2007 : 11:20:41
|
Also Google: Hacked by G.F.I. as they appear to be connected
(Nice picture of Paris Hilton on one of the hacked sites but that's immaterial ;) ) |
|
|
| |
Topic |
|
Topic Locked
