Forum hacked August 2006

Organization and Administration

Moderator: Jani Soderhall

Locked
Donald Campbell
Pavel
Pavel
Posts: 2036
Joined: Mon Apr 26, 2004 8:49 pm
Location: germany
Contact:

Forum hacked August 2006

Post by Donald Campbell » Tue Aug 22, 2006 6:42 pm

You don't want to tell us there are no back up copies of the forum content?

Wesley Tucker
1961-2013 (RIP)
1961-2013 (RIP)
Posts: 3279
Joined: Tue Aug 27, 2002 2:00 am

Post by Wesley Tucker » Tue Aug 22, 2006 7:49 pm

Jani regularly backs up the entire forum. He is travelling this week for work. If he is able to get online (which I am sure he is) while on the road he will easily recognize the problem.

Don't panic. Remember: this site is maintained solely by VOLUNTEERS. They attend to issues when their work and time permits. All will be well soon.
Image

Wesley Tucker
1961-2013 (RIP)
1961-2013 (RIP)
Posts: 3279
Joined: Tue Aug 27, 2002 2:00 am

Post by Wesley Tucker » Mon Aug 28, 2006 5:54 pm

Well, here's some bad news:

I just found out that Jani's profile and registration was the one that got ZAPPED by the hackers. As such, all his posts were changed to GUEST and of course his "jani@slalomskateboarder.com" e-mail address no longer works.

Would someone please be kind enough to forward Jani's off-site e-mail? Whether personal or professional would do. As far as I know he is still unaware of the situation with SS.com that occured last week.

As anyone can tell, there has yet to be a restoration of data from the backup since we were hacked. I'm afraid this was a maintenance task handled by . . . jani.

Thanks for everyone's patience.
Image

Jani Soderhall
ISSA President 2011-2020
ISSA President 2011-2020
Posts: 4188
Joined: Thu Aug 22, 2002 2:00 am
Location: Sweden, lives in France
Contact:

Starting to put things back in order.

Post by Jani Soderhall » Tue Aug 29, 2006 12:01 am

So I was informed today that the site is not in a good state right now. The hackers used the summer vacation to visit our little community. Poor little bastards. Apparently they are not skilled enough to hack into anything more interesting than our site, where basically the doors are open wide.

I'll look into the state of things over the next few days and then set up a plan for a correction of the site and an update of the software.

If you're an FTP user of this site, expect passwords to change, so don't be surprised if you can't log on using FTP. That'll remain until I distribute the new FTP password to those who need it. Please request one, if you want it.

Also expect the site to be closed down during maintenance work. That could happen any day this week or next.

If you notice more problems on the site, please let me know.
I think my email works fine, so send me an email or simply post in this topic.
So far the only problems I'm aware of is:

1.
Title of the site was changed. [Fixed]

2.
My user was deleted. [Fixed]

3.
I was removed as a named moderator in the certain forums. I have admin rights, so I can still moderate topics anywhere (if you didn't already know).

4.
All my posts now show up as guest.

5.
All topics in Randow Topics were deleted.

6.
All my private messages are gone. Both the ones I sent and those that I received.

/Jani

Ron Barbagallo
Fatboy
Posts: 757
Joined: Fri Mar 05, 2004 3:23 pm
Location: Jersey
Contact:

Post by Ron Barbagallo » Tue Aug 29, 2006 3:48 pm

twats!

With all the porn available on the internet, why do they gotta F_uck with a stupid skateboard forum?

Well, we'll smile silently when they move out of their parent's basement, go off to college, and get a scorching case of herpes when some drunken tranny gives it up!
Evil Potentate
Team Fatboy - all hopped up on goofballs!

Still douchebags, but CLASSY douchebags ;)

UNDISPUTED WORLD CATAMARAN CHAMPS!

Jani Soderhall
ISSA President 2011-2020
ISSA President 2011-2020
Posts: 4188
Joined: Thu Aug 22, 2002 2:00 am
Location: Sweden, lives in France
Contact:

Post by Jani Soderhall » Wed Aug 30, 2006 11:29 pm

OK, I've gone through the stuff now and I know what is missing and what has been damaged.

I'll get going Friday night or in the weekend, so expect a forum shut down for several hours or an entire day. Like that I can do all the necessary maintenance in one go.

/Jani

Jani Soderhall
ISSA President 2011-2020
ISSA President 2011-2020
Posts: 4188
Joined: Thu Aug 22, 2002 2:00 am
Location: Sweden, lives in France
Contact:

Post by Jani Soderhall » Wed Sep 06, 2006 5:33 pm

Maintenance and database restoration done.

I used the latest backup I had (June 21:st) to restore all the missing messages in Random Topics, all my PM's and a bunch of other things (including some forum settings) that had been deleted or damaged during the hack.

As my latest backup was about 2 months old we still lost some posts in the Random Topic area, luckily that was one of the least active forums during the summer months (much more was happening in the race forums), so hopefully the damage is not that important.

I hope I have put everything back in it's correct place and that the restore is about as good as it could have been.

One thing that you might notice is that if you've been doing some maintenance yourself to your own PM's (deleting for example) since the late June you may find that those deleted messages have now been restored. I apologize for that inconvience, but I didn't check the reason for deleted PM's, I just restored all I could from the backup.

If you notice anything wrong (however small it might be) please let me know. That could be an indicator of something that I may have done wrong in the process.


Backup schedule

I typically backup the database about every two weeks and I'll try to stick to that schedule from now on, to avoid important damage happening if there is a new hack. That will make the restore process so much faster also as there will not be so many new posts to take care of when comparing the backups of a hacked and a non-hacked backup.

FTP access / new passwords

For those of you who have had access to the password(s) of this site (for image/file upload through FTP) and still want access, just let me know and I'll provide a new password for you.

/Jani

Jani Soderhall
ISSA President 2011-2020
ISSA President 2011-2020
Posts: 4188
Joined: Thu Aug 22, 2002 2:00 am
Location: Sweden, lives in France
Contact:

Post by Jani Soderhall » Wed Sep 06, 2006 5:34 pm

Maintenance and database restoration done.

I used the latest backup I had (June 21:st) to restore all the missing messages in Random Topics, all my PM's and a bunch of other things (including some forum settings) that had been deleted or damaged during the hack.

As my latest backup was about 2 months old we still lost some posts in the Random Topic area, luckily that was one of the least active forums during the summer months (much more was happening in the race forums), so hopefully the damage is not that important.

I hope I have put everything back in it's correct place and that the restore is about as good as it could have been.

One thing that you might notice is that if you've been doing some maintenance yourself to your own PM's (deleting for example) since the late June you may find that those deleted messages have now been restored. I apologize for that inconvience, but I didn't check the reason for deleted PM's, I just restored all I could from the backup.

If you notice anything wrong (however small it might be) please let me know. That could be an indicator of something that I may have done wrong in the process.


Backup schedule

I typically backup the database about every two weeks and I'll try to stick to that schedule from now on, to avoid important damage happening if there is a new hack. That will make the restore process so much faster also as there will not be so many new posts to take care of when comparing the backups of a hacked and a non-hacked backup.

FTP access / new passwords

For those of you who have had access to the password(s) of this site (for image/file upload through FTP) and still want access, just let me know and I'll provide a new password for you.

/Jani

Wesley Tucker
1961-2013 (RIP)
1961-2013 (RIP)
Posts: 3279
Joined: Tue Aug 27, 2002 2:00 am

Post by Wesley Tucker » Wed Sep 06, 2006 8:54 pm

Before any Americans freak out,

I just e-mailed Jani. For some reason with his update and maintenance project the entire regional USA Forum is missing.

I'm online at 2:53 EDT which I think is close to 8:00 in Paris and I can see that Jani is also working late as he is online. So he is aware of the situation.
Image

Donald Campbell
Pavel
Pavel
Posts: 2036
Joined: Mon Apr 26, 2004 8:49 pm
Location: germany
Contact:

Post by Donald Campbell » Wed Sep 06, 2006 10:29 pm

nobody has to freak out jani has it under control
he knows what he's doing
if he forgot a part of the whole package he will add it later

Jani Soderhall
ISSA President 2011-2020
ISSA President 2011-2020
Posts: 4188
Joined: Thu Aug 22, 2002 2:00 am
Location: Sweden, lives in France
Contact:

US Regional Forums back again

Post by Jani Soderhall » Thu Sep 07, 2006 10:42 am

Donald Campbell wrote:jani has it under control
he knows what he's doing
I thought so, but it's easy to overlook little details with such a large database. We have about 40.000 posts, 20.000 PM's and many other parts of the database. All in all we have close to 1.4 million records in the database with an approximate size of 95 MB (counting only text entries, not images/PDFs and other linked files).

It took me a few minutes of investigation this morning to understand what had happened with the US regional forums. Once I had understood it was repaired in 5 minutes.

/Jani

Locked