Announcement

Collapse
No announcement yet.

An Interesting vB Infiltration

Collapse
X
 
  • Filter
  • Time
  • Show
Clear All
new posts

  • #16
    Back to the topic at hand...

    FatCat's latest act has been to hack a phpBB community. It seems he's on somewhat of a rampage.

    According to my friend (connected to the original forum), FatCat has also been attacking the community's IRC channel with a bot-net (merely to wreak havoc, I suppose).

    Is this simply a power trip?

    Comment


    • #17
      Sounds like a script kiddie to me, especially with the IRC botnet addition.

      Comment


      • #18
        dunno all i know is that everytime i switch to vbulletin from invision the forum gets hacked

        Comment


        • #19
          Originally posted by thefifthlord View Post
          dunno all i know is that everytime i switch to vbulletin from invision the forum gets hacked
          Do you have any mods installed on your VB forum? That can make all the difference in the world. Yes, even 1 wrong mod can create a nice little hole for them to get though and have access into your forum. While I do like both VB and IPB, I hear this same thing on occassion from IPB users. 9 out of 10 times it was because of a mod or something the owner added to the forum.

          Comment


          • #20
            no i had no mods simply vbulletin nothing else.

            Comment


            • #21
              Originally posted by thefifthlord View Post
              no i had no mods simply vbulletin nothing else.
              then you ahve a server configuration problem. if there was such a huge issue with vb it would be all over the security lists and blogs..and there is nothing. YOu need to be running a tighter security setup on your server.

              first..use a distro with SELINUX or something similar and have it active
              second bind mysql to a sock file and don't let it talk on the network at all(if you ahve a dedicated server that is).
              thrid don't leave your config files in a publicalloy accessible area.
              since you ahve had your account compromised it's time to change al passwords and change all file paths. use http://www.grc.com/password for some excellent passwords.

              That's jsut to start...

              Comment

              widgetinstance 262 (Related Topics) skipped due to lack of content & hide_module_if_empty option.
              Working...
              X