| Author |
 Topic  |
|
|
loftwork
Starting Member
10 Posts |
 Posted - 06 December 2007 : 20:20:08
|
Hi,
Having implemented the most recent security patch yesterday, today my forum was comprehensively hacked. Before I restore it from backup I need to ensure it is actually reasonably secure, but I can't find a security tutorial anywhere. Could someone possibly point me to a security overview topic?
Many thanks,
Rick |
|
|
loftwork
Starting Member
10 Posts |
Posted - 06 December 2007 : 20:53:41
|
P.S. I'm using the .05 release with patches. I remember seeing a note somewhere that the forum directory could be encrypted but there were no explanatory comments.
Thanks, RH |
 |
|
|
weeweeslap
Senior Member
USA
1077 Posts |
Posted - 06 December 2007 : 20:59:46
|
| You have an outdated version. The latest version 3.4.06, you should upgrade to the newer one and check the security announcement forum for any patches that you might have missed and are not applied to latest release yet. |
coaster crazy |
|
|
|
ruirib
Snitz Forums Admin
Portugal
26364 Posts |
Posted - 06 December 2007 : 21:34:47
|
Can you give us any info on the hacking? What actually happened? Can you get to the forum? Any new admins?
In order to understand what happened and how we can protect you and all our users better, that info would be important. |
Snitz 3.4 Readme | Like the support? Support Snitz too |
|
|
|
loftwork
Starting Member
10 Posts |
Posted - 07 December 2007 : 02:23:26
|
Underlying forum functionality seemed OK. The visible changes were to fields in the master config page, e.g. copyright, forum logo, forum title etc. AFAIK SBS Server 2003 ntfs security was not affected - the changes were limited to file(s) in the forum directory accessible to a forum admin. On balance it was probably someone qualifying themselves as a forum admin. I deleted the entire directory since I've got a recent backup - should have kept it to look for more clues!
It's curious that after three years without problems the hack should happen within 24 hours of applying your Dec. 1st security patch and also turning off email validation. I wonder if this could be the exploit that led to the 13th March bugfix, which I did not patch. <<sigh>>
I posted to general help because I may well have missed some obvious security basic when setting the forum up but couldn't find a discussion of it.
I've resisted updating to .06 because there are some custom mods buried in the code and I'm not sure I can find and reapply them without more work. It's fairly important to me because I've got another three forums set up the same way. :-(
Thanks very much,
Rick |
|
|
|
ruirib
Snitz Forums Admin
Portugal
26364 Posts |
Posted - 07 December 2007 : 03:31:51
|
Do you have access to server logs? Did you check whether there were people who were admins and could not be?
Right now, my recommendation is that you set mail validation and restrict registration to On and approve manually every single member, rejecting those that may look risky. |
Snitz 3.4 Readme | Like the support? Support Snitz too |
|
|
| |
Topic |
|
Topic Locked
