Page 1 of 3 123 LastLast
Results 1 to 20 of 46

Thread: News About The Turkish Hack

Hybrid View

  1. #1
    Survival Through RECON NYLongbow's Avatar
    Join Date
    Oct 2010
    Posts
    10,028

    News About The Turkish Hack

    Yes, it's true. Apparently some turkish hackers group (confirmed via their routed IPs - both in turkey) found an Vbulletin Exploit (the forum software) and was able to wreak havoc on my day.


    They were NOT able to penetrate the server itself, but rather the entire exploit was using the tools provided through the forum software.


    So, i was on the road today and have only now been able to deal with this.


    But first I had to get my account re-established. And then the laborious procedure of redoing all my template mods.


    I have take further actions at the router level to restrict access to the admin sections to my specific IP only now. And since I am certain they didn't penetrate there server I believe this will end their ability to do much here.


    But with things like this you have to wait for the hole to be exploited usually so you can see it and plug it up.


    Extra hard when you didn't write the forum code yourself. Cleaning up someone else's mess is always 10x as hard.


    Hopefully we won't be seeing them again.


    Alex

    (ps... now I want to know who turned some turkish hackers onto my forums )
    "The party told you to reject the evidence of your eyes and ears. It was their final, most essential command."

  2. #2
    Survival Through RECON NYLongbow's Avatar
    Join Date
    Oct 2010
    Posts
    10,028
    Oh yeah... absolutely no threads or data was lost. Just the few hours it took me to get to my machine to fix it.
    "The party told you to reject the evidence of your eyes and ears. It was their final, most essential command."

  3. #3
    Feral She-Bunny of Doom™ DoomNymph's Avatar
    Join Date
    Oct 2010
    Location
    Follow the White Rabbit
    Posts
    5,300
    Thanks, darlin'. :*
    There are more things in heaven and earth, Horatio, Than are dreamt of in your philosophy.

  4. #4
    Economic Refugee Doomsteader's Avatar
    Join Date
    Oct 2010
    Location
    Lawn Guyland
    Posts
    44,933
    Thanks, Alex, for all you do and put up with to make this forum available to us. I was getting Silco withdrawal symptoms after just a few hours without this forum!
    #fuckwashington oh, and #fuckalbany, too

  5. #5
    Senior Member
    Join Date
    Nov 2010
    Location
    Maryland, up the road from the nuclear power plant.
    Posts
    3,124
    Quote Originally Posted by Doomsteader View Post
    Thanks, Alex, for all you do and put up with to make this forum available to us. I was getting Silco withdrawal symptoms after just a few hours without this forum!
    Double Ditto on the thanks. Sad but true on the withdrawal.
    To oppose something is to maintain it. --Ursula K. Le Guin

    The moral of this story, the moral of this song:
    Is that one should never be where one does not belong.
    So if you see your neighbor struggling, help him with his load.
    But don't go mistaking paradise for that home across the road. [Dylan]

  6. #6
    Speechless in Seattle Annihilatrix's Avatar
    Join Date
    Oct 2010
    Location
    Moving forward in all directions
    Posts
    4,153
    Thanks for all your work, Alex. What a PITA! You're amazing and we're lucky that you provide the space/time for this doomtique. Also, it's a heads up for other server admins out here, I think I will be reviewing some firewall settings.

    So, do you really think a disgruntled visitor ratted on you? Or a large swathe automated scan? Or your toaster oven?
    Assume crash position.

  7. #7
    Survival Through RECON NYLongbow's Avatar
    Join Date
    Oct 2010
    Posts
    10,028
    Oh you're all most welcome.
    I took the opportunity to lock down the other forums I have as well.

    I upgraded this forum to the latest version (which messes with template mods of course) in a hope that the exploit is closed. But if they still manage to brute force an account it wont matter as the entire admin directory is now locked down above the data level so they shouldnt get anywhere.

    Quote Originally Posted by Annihilatrix View Post
    Thanks for all your work, Alex. What a PITA! You're amazing and we're lucky that you provide the space/time for this doomtique. Also, it's a heads up for other server admins out here, I think I will be reviewing some firewall settings.

    So, do you really think a disgruntled visitor ratted on you? Or a large swathe automated scan? Or your toaster oven?
    Eh, I dont know. There are few online 'personalities' that chap my ass everytime they have a server issue and blame it on NSA, DOD, CIA and/or turkish hackers. :-P
    UntilI I had absolute proof that someone fed the url to a database, I wouldnt suggest it to be fact.

    I do find it odd though. Odd indeed.
    "The party told you to reject the evidence of your eyes and ears. It was their final, most essential command."

  8. #8
    The Changeling ♥RÉĎRËÅMÊR♥'s Avatar
    Join Date
    Oct 2010
    Location
    Fingerlakes, New York, United States, Planet Earth
    Posts
    6,010
    much appreciated and thank you! xox

  9. #9
    Mellowed out Jag Farlane's Avatar
    Join Date
    Dec 2010
    Posts
    1,910
    Thank you!
    I hear the angels call my name and I am Winter Born.

  10. #10

  11. #11
    Speechless in Seattle Annihilatrix's Avatar
    Join Date
    Oct 2010
    Location
    Moving forward in all directions
    Posts
    4,153
    Well, if you think about not just individuals having wordcloud tracking but entire forums -- kinda makes sense this place would be a target.
    Assume crash position.

  12. #12
    Survival Through RECON NYLongbow's Avatar
    Join Date
    Oct 2010
    Posts
    10,028
    actually thats the odd part.
    There is no word cloud on this forum because ALL the thread text is behind logins.

    No crawlers from google, nor tagging... no FB connections.

    Doesnt mean it could just be a random target, but the keyword theory only works if you have public content :P

    Make's ya wonder huh?
    "The party told you to reject the evidence of your eyes and ears. It was their final, most essential command."

  13. #13
    Speechless in Seattle Annihilatrix's Avatar
    Join Date
    Oct 2010
    Location
    Moving forward in all directions
    Posts
    4,153
    It does make me wonder, as well.
    So.

    Log-ins = Schmog-ins???


    Quote Originally Posted by NYLongbow View Post
    actually thats the odd part.
    There is no word cloud on this forum because ALL the thread text is behind logins.

    No crawlers from google, nor tagging... no FB connections.

    Doesnt mean it could just be a random target, but the keyword theory only works if you have public content :P

    Make's ya wonder huh?
    Assume crash position.

  14. #14
    The Changeling ♥RÉĎRËÅMÊR♥'s Avatar
    Join Date
    Oct 2010
    Location
    Fingerlakes, New York, United States, Planet Earth
    Posts
    6,010
    Quote Originally Posted by NYLongbow View Post
    actually thats the odd part.
    There is no word cloud on this forum because ALL the thread text is behind logins.

    No crawlers from google, nor tagging... no FB connections.

    Doesnt mean it could just be a random target, but the keyword theory only works if you have public content :P

    Make's ya wonder huh?
    woah... so they just hacked a random forum they knew nothing about WHAT the forum discusses? so it was completely random?

    i don't understand this stuff but KNOW you are very security conscious. So it was a roulette wheel attack? just our turn?

  15. #15
    Senior Member GrievousBodilyHarm's Avatar
    Join Date
    Oct 2010
    Posts
    3,480
    Oh, them Turks...
    Let the people know my wisdom--fill the land with smoke.

  16. #16
    Speechless in Seattle Annihilatrix's Avatar
    Join Date
    Oct 2010
    Location
    Moving forward in all directions
    Posts
    4,153
    Too many smarties here, Alex, face it, you're on the target list. Cool!
    Assume crash position.

  17. #17
    Senior Member Arabi's Avatar
    Join Date
    Oct 2010
    Posts
    702
    Thank you!!!
    Humbug!

  18. #18
    Senior Member
    Join Date
    Oct 2010
    Posts
    575
    Sending a mental cruise missile their way! Thanks, Alex.

    Draftlady

  19. #19
    Senior Member
    Join Date
    Oct 2010
    Posts
    1,562
    I haven't a clue what it means to 'feed the url', nor why Turks would mess here in particular. Weird. Glad you're back on track.

  20. #20
    Survival Through RECON NYLongbow's Avatar
    Join Date
    Oct 2010
    Posts
    10,028
    wow.. have been reading the horror stories that some of these poor bastards have gone through.
    Looks like more than a few are just giving up and starting completely AGAIN...
    wow.

    Hopefully the above-the-data-locks I have in place will be sufficient.
    Last edited by NYLongbow; 09-14-2013 at 07:11 PM.
    "The party told you to reject the evidence of your eyes and ears. It was their final, most essential command."

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •