23 replies to this topic

[cxwq]

At least one NH member recently received an email purporting to be from NH admins and requesting that a link be followed. If you received the same, do not click on the link!

I'm looking into things now but early information suggests an SQL injection attack. I will keep everyone updated as I learn more.

[Hunter]

Thanks for getting on that so quick, Cxwq. Let me know if forwarding the email to you would help.

[cxwq]

Thanks for getting on that so quick, Cxwq. Let me know if forwarding the email to you would help.

No need, the headers won't tell me anything because I already know it was sent by our forum software. Fortunately I have admin logs that give me some information about how that happened. The possibilities are currently as follows:

1. An account with admin privs was hacked by some asshat in Frankfurt and used to send a bulk spam message. If this was the case then it won't happen again as I just reset that account's PW.

2. There is an SQL injection vulnerability against our current version of IBF and some asshat in Frankfurt abused it to send a bulk spam message. I think this is probably the more likely possibility because we're running pretty old code. I'm going to upgrade the forum code sometime this week which should take care of things.

Either way, I appologize for the spam being sent out in my name.

[cxwq]

Yeah, so we're back up.

Anyone notice a difference?


Too bright... must...

kill...


monitor!

[dragon26]

Yeah, bit strange seein the Haven so...Bright. I do believe my eyes will have to be ripped out soon.

So either way it was an asshat in Frankfurt. That makes me chuckle.

[Black Wrath]

So is this going to be a perminant thing now?

It's so weird to see NH like this... and with this skin.

Fucking hackers too. I thought only NHq was that "n00b".

[cxwq]

Yeah, bit strange seein the Haven so...Bright. I do believe my eyes will have to be ripped out soon.

So either way it was an asshat in Frankfurt. That makes me chuckle.

Actually, I later found it was an IP anonymizer in Frankfurt. The asshat turned out to be in Russia. So it goes with this Interweb stuff.

[The Infinite Shindig]

We are lucky we have a well backed up website and webmaster who knows what he is doing. Our backlog of posts is intact, and that's all we can ask for in my opinion. Carry on people.

[Carbon]

We are lucky we have a well backed up website and webmaster who knows what he is doing. Our backlog of posts is intact, and that's all we can ask for in my opinion. Carry on people.

That's the truth. The last board crash I was on had to roll back a month in its backups before it could get back up. Nevermind that updating the board software there took a month. Thans for keeping it all in hand, Cx.

[cxwq]

So is this going to be a perminant thing now?

It's so weird to see NH like this... and with this skin.

Fucking hackers too. I thought only NHq was that "n00b".

An eye-soothing dark blue skin of some sort will be up soon. I just need to write one from scratch because the old CSS formats have been dumped by Invision.

As far as the haxor thing, ALL forum software gets exploited from time to time. That's just a fact of life running complicated php code that's externally accessible to anyone in the world. I just upgraded something like 12 versions, point versions, and security updates. Fortunately, the new update system is MUCH easier to use so it will be more convenient to stay up to date in the future.

[Black Wrath]

An eye-soothing dark blue skin of some sort will be up soon. I just need to write one from scratch because the old CSS formats have been dumped by Invision.

As far as the haxor thing, ALL forum software gets exploited from time to time. That's just a fact of life running complicated php code that's externally accessible to anyone in the world. I just upgraded something like 12 versions, point versions, and security updates. Fortunately, the new update system is MUCH easier to use so it will be more convenient to stay up to date in the future.

Oh, that sounds good then. Perhaps this won't be a total loss. I just loved how you had the portal page setup, you did a great job with that stuff.

I can't wait for the dark skin though.

Is it just me, or is the BB code a little different now? No uppercase code, and you need spaces inbetween the [____] and [/____]. Oh well.

[Illadar]

So can we like... set up an Attack barrier, to screw the bastards next... unless they went through a Defense barrier. Enough Ghost in the Shell references, what I'm really posting about is: How close to the Haven that we all know and love will this be with the new version of invision. Are we talking like exact clone, that the average(me) won't even notice, or will the differnce be apparent.
And its good to see that the ole loser filter still works.

Edited by Illadar, 17 April 2006 - 09:08 PM.

[GeneralPrimevil]

Yeah, this is a bit...wierd...I kinda like...but my eyes are starting to burn.

My monitor detests--scratch that, HATES everything about the shade white. It literally will display other colors in its place. As in...I have dots of purple in it all over the place. Does the same thing with black...

Well, the blue will be nice. I haven't had blue in forever. I used the grey/gray skin with the old/other/older forum.

One last question: Will I, with multiple firewalls and latest McAfee, with Netscape (Mozilla?), have to worry about that trojan/whateveritis invading my puter? I have some very dear files to me...ones which are not pr0n, in case anyone was wondering...let's just say they are worth money for me...

Well, nice to see that cx knows everything he needs to know to run a highly-succesful forum.

By the way, do you happen to know the address/location in lat-long of the hacker? I know a few people who have relations in Russia, and they owe me a favor.

[LordoftheRing434]

CX handled this magnitude of a hack with grace and flair. It's good to know the NIC can rely on someone with such dominant skill.

Not to sound racist or anything, but yes, dark skin is much better.

Aye, another Russian seems to be holding a prolonged grudge against us. I'd choose someplace happier than Frankfurt if I wanted an alias though...

Edited by LordoftheRing434, 17 April 2006 - 09:29 PM.

[NirvanaScorpion]

"If you visited the site between 8:19AM and 3:30PM on 4/17 and are using IE without having applied critical windoze updates then you probably have a trojan/keylogger/adware."

It says primarily IE (Internet Explorer) so with your firewalls I bet it would have detected it.I have AVG, which I never really liked that much but just as I got directed to the site before it got blocked off it automatically popped up with (finally) a working heal button, after that i made sure to clean, and everything but but if I have a free version of AAVG and it caught multiples, McAfee, and the others you said Im guessing would have taken care of it. Also you said netscape, so I would be thinking a little safer anyway.

[cxwq]

It's a bit of a proto-portal, but not too bad for a morning's work. I'll set up a redirect on the http://nerfhaven.com/ front page when I have it tweaked a bit more.

voila

Clicking on the Invision logo (where the NH logo used to be) will also take you to the portal now.

[NirvanaScorpion]

Whoa, pretty nice. I have to say, not at all bad for the amount of time you had to start with pretty much nothing. Cant wait for your new skin though.

[Anothernoob]

Yea CX deserves a round of applause. Seriously. I wouldn't say this if running Nerfhaven was the only thing he had to do in life, but I suspect he's busy. He's taking time out of his life ya'll. Devotion.

Ha, alright. Sorry bout the asskissing, but it does make ya think.

Oh and GeneralPrimevil, you may have done this already, but try degaussing your monitor.

[Groove]

Thanks for getting this back up and running Cx, although not at full-steam-ahead working capacity, something is better than nothing. Keep us updated on the situation.

Eyes...burning! I need my mellow blue!!!

-Groove

[Rambo]

Very nice job with the new skin. I have a few questions though, and as always, I apologize if they have been answered, as I merely skimmed the thread.

1) Will you be getting more skin plugins that are user adjustable? Not a big deal, just curious
2) Did you lose the Mods/Homemades/Store/DBf/Etc. Links alongside the CoC with the hack attack? If not and they are viewable elsewhere, could you point me in the proper direction? If not, any idea when they will be up?

[cxwq]

Very nice job with the new skin. I have a few questions though, and as always, I apologize if they have been answered, as I merely skimmed the thread.

1) Will you be getting more skin plugins that are user adjustable? Not a big deal, just curious
2) Did you lose the Mods/Homemades/Store/DBf/Etc. Links alongside the CoC with the hack attack? If not and they are viewable elsewhere, could you point me in the proper direction? If not, any idea when they will be up?

I think what you're talking about is the portal, not the skin. Still working on the skin.

As far as user customizable items, this is the lightweight portal that comes with Invision. I haven't yet decided whether to keep this one with its tight integration and easy customization or to go with a 3rd party portal that's more flexible and has more modules.

Regarding the static content (mods, dbf, etc) take a look 2" under the invision logo on the portal page.

[One Man Clan]

uh, just make it dark. That'll do it for me.

[AirApache]

Leave for a week and the forum gets hacked... well, glad to see NH still up and running.

AA

[Rambo]

Bah, somehow I managed to lose paint? And my Freehand/Fireworks won't install so my screenshot is useless. Anyway, if you scroll to the bottom there is a skin selector. I know there are lots of plug-ins for it for other skins. Thanks for the info about the additional pages, I usually go straight to the forum.