Hello! Welcome to the Michigan Radio & TV Buzzboard. Please visit the newly created "Buzzboard v3.0 features" forum to view announcements as to recently installed new features, as well as to report any issues or share your opinions regarding recent site changes. All accepted new account registrations through 7-16-2017 at 6:00p ET have been activated.

(Note: hover your mouse pointer near the upper right corner of this box and click the "x" to close it.)

Apologies for the outage...

Got a question? Can't figure out how to get that neat picture under your user name? Need any other tech tips? Post it here! Also, this is where I make important site related announcements.
User avatar
MWmetalhead
Site Admin
Posts: 3857
Joined: Sun Oct 31, 2004 11:23 am

Apologies for the outage...

Post by MWmetalhead » Mon May 15, 2017 9:44 pm

Some asshole from Kuwait decided to hack my board.

All he/she/they did was overwrite three simple files in the root folder. Once I replaced those with my backup files, the issue was easily corrected.

I apologize for the inconvenience. Please let me know if you encounter any issues from a functionality standpoint.


Regards,

M.W.
Radio station web sites that do not offer music logs or at least a "songs recently played" list are stupid.

User avatar
RingtailedFox
Posts: 377
Joined: Tue Jul 26, 2011 3:11 pm
Location: A raccoon's nest high up in a tree in west Windsor, Ontario
Contact:

Re: Apologies for the outage...

Post by RingtailedFox » Mon May 15, 2017 9:53 pm

So far, everything looks good on my end, but how did they get remote root access? That's a pretty serious vulnerability!
~ The Legendary Raccoon-Fox has spoken!

User avatar
MWmetalhead
Site Admin
Posts: 3857
Joined: Sun Oct 31, 2004 11:23 am

Re: Apologies for the outage...

Post by MWmetalhead » Mon May 15, 2017 9:59 pm

I have no clue. Everything they edited was set to read-only permissions. This seems to be an annual or bi-annual occurrence.
Radio station web sites that do not offer music logs or at least a "songs recently played" list are stupid.

User avatar
audiophile
Posts: 4523
Joined: Sat Dec 04, 2004 9:21 pm
Location: Between 88 and 108 MHz.

Re: Apologies for the outage...

Post by audiophile » Mon May 15, 2017 10:05 pm

Do you use an ftp program? Those often very unsecure.
Ask not what your country can do FOR you; ask what they are about to do TO YOU!!

User avatar
craig11152
Posts: 1346
Joined: Tue Nov 06, 2007 8:15 am
Location: Ann Arbor

Re: Apologies for the outage...

Post by craig11152 » Tue May 16, 2017 7:00 am

MWmetalhead wrote:
Mon May 15, 2017 9:44 pm
Some asshole from Kuwait decided to hack my board.
Please let me know if you encounter any issues from a functionality standpoint.
When I logged in my mouse blew up. Doc says my hand will be OK in a couple days and I have a backup mouse. :blink
Finally, he switched to a bone saw to finish the job, and at 9:17 p.m., Mountain time, the head of the greatest hitter who ever lived had been sliced off.

User avatar
TheForce
Posts: 651
Joined: Sat Mar 31, 2007 6:12 pm

Re: Apologies for the outage...

Post by TheForce » Tue May 16, 2017 9:05 am

That was crazy! I was wondering if it was that virus/hack going around that supposed to be really big.

User avatar
audiophile
Posts: 4523
Joined: Sat Dec 04, 2004 9:21 pm
Location: Between 88 and 108 MHz.

Re: Apologies for the outage...

Post by audiophile » Tue May 16, 2017 9:17 am

I doubt it was related...
Ask not what your country can do FOR you; ask what they are about to do TO YOU!!

User avatar
MWmetalhead
Site Admin
Posts: 3857
Joined: Sun Oct 31, 2004 11:23 am

Re: Apologies for the outage...

Post by MWmetalhead » Tue May 16, 2017 6:22 pm

Audio - to answer your earlier question, I do indeed use an FTP program. Only once in a great while, though. Prior to yesterday (to investigate and undue damage from the hacker), the last time I actually used my FTP program was in February.

When I was running phpBB version 3.0.x, I had to use FTP more frequently.

I am coming up entirely empty handed in terms of researching the origins of the weird page that was loading on May 15. A Google query turns up nothing.
Radio station web sites that do not offer music logs or at least a "songs recently played" list are stupid.

User avatar
RingtailedFox
Posts: 377
Joined: Tue Jul 26, 2011 3:11 pm
Location: A raccoon's nest high up in a tree in west Windsor, Ontario
Contact:

Re: Apologies for the outage...

Post by RingtailedFox » Tue May 16, 2017 8:31 pm

that makes me think it might have been a backdoor related not to phpbb, but to whatever HTTP daemon you use as a webserver (apache, nginx, microsoft IIS) or a vulnerability in the operating system of the server itself (linux, BSD, Windows, OS X, whatever...)
~ The Legendary Raccoon-Fox has spoken!

TC Shuts Up
Posts: 751
Joined: Sun Dec 23, 2012 12:10 pm

Re: Apologies for the outage...

Post by TC Shuts Up » Thu May 18, 2017 5:49 pm

Send a MOAB to that hacker's bunker!
Never eat Sushi past its expiration date.

User avatar
RingtailedFox
Posts: 377
Joined: Tue Jul 26, 2011 3:11 pm
Location: A raccoon's nest high up in a tree in west Windsor, Ontario
Contact:

Re: Apologies for the outage...

Post by RingtailedFox » Thu May 18, 2017 8:46 pm

where's that like button? :lol
~ The Legendary Raccoon-Fox has spoken!

Post Reply Previous topicNext topic

Who is online

Users browsing this forum: No registered users and 1 guest