News:

Want to get involved in developing SMF, then why not lend a hand on our github!

Main Menu

[NOTICE] How to secure your site against recent attacks

Started by jblazeofek, May 11, 2009, 08:05:23 AM

Previous topic - Next topic
Print
Go Down Pages 1 ... 5 6 7 8 9 10
User actions

Aleksi "Lex" Kilpinen

#120
May 20, 2009, 10:40:53 AM
Yeah, strangely it seems this is pretty much completely out of one static IP address. I don't really understand why someone would do that, but hey - I'm not a script kiddie myself :D
Slava
Ukraini!
"Before you allow people access to your forum, especially in an administrative position, you must be aware that that person can seriously damage your forum. Therefore, you should only allow people that you trust, implicitly, to have such access." -Douglas

How you can help SMF

Dzonny

#121
May 20, 2009, 04:57:16 PM
That is all ok, but will the patch release soon?
I'm sure we all waiting for it... :D
And we know you testing it, but....

JBlaze

#122
May 20, 2009, 05:20:14 PM
Yes, the patch should be out soon. It is being tested for bugs at the moment.
Jason Clemons
Former Team Member 2009 - 2012

Kill Em All

#124
May 20, 2009, 09:07:36 PM
Another way to help protect against hacks is installing SMF 1.1.9.


My Site: KEAGaming.com

Manual Installation of Mods
Prevent Spam and Forum Attacks
Please do not PM or email me for support unless offered, help should be publicly displayed to others.

FataMorgana

#125
May 21, 2009, 03:27:17 AM Last Edit: May 21, 2009, 09:49:08 AM by FataMorgana
Patch installed without problems.
But...
See the hackcodes have not been removed by way of this patch!
Somewhere thought to have read that also would be done buy this; some lazy admins without a recent backup (laike me  :-[) have waited for this.
Now suppose I need still manual replace all 1.1.9 php-files by new (clean) ones?

Or is the code harmless by using version 1.1.9 now and I can just let it stay?
Groet, Greetings, John

Fata Morgana Forum

Deal

#126
May 21, 2009, 07:44:52 AM
Thanks SMF team. I upgraded my forum to 1.1.9 successfully and then looked and found that krisbarteo is a member.  I'm unaware if there are things he left on my site. Can you recommend any further actions besides deleting this member?

Dzonny

#127
May 21, 2009, 09:30:32 AM
Im upgraded too, and have no problems... :)
Glad that this is over now...

@Deal - Think that deleting will be just fine... :D

greystonesguide

#128
May 21, 2009, 11:21:43 AM
Hi

Upgraded too and have no problems - thanks to all


Is it still recommended that attachments are kept in disabled mode at all times

Aleksi "Lex" Kilpinen

#129
May 21, 2009, 11:22:19 AM
No, you should be safe to use them again ;)
Slava
Ukraini!
"Before you allow people access to your forum, especially in an administrative position, you must be aware that that person can seriously damage your forum. Therefore, you should only allow people that you trust, implicitly, to have such access." -Douglas

How you can help SMF

chrishicks

#130
May 21, 2009, 03:46:42 PM
Stupid question, but does this update also cover things like the ultimate profile and gallery mods?

Dzonny

#131
May 21, 2009, 03:50:32 PM
Upgrade have no touch with mods, so it might happen that some mods cant work after upgrading, but you can easy correct them by manually adding codes that are missing...

JBlaze

#132
May 21, 2009, 03:50:55 PM
This update is a generic patch for all 3 branches of SMF. As long as it installs, you are covered.
Jason Clemons
Former Team Member 2009 - 2012

chrishicks

#133
May 21, 2009, 04:02:18 PM
Oh, I installed the update maybe 2min. after it went live yesterday. It installed without a hitch which I was extremely happy about too. I just haven't gotten around to changing permissions for things yet and I was curious about the mods side of things.

Thanks for the replies by the way. :)

joe90

#134
May 22, 2009, 05:06:56 AM
Can anyone help me I have been attacked by this evil thing, pm please
SMF: 1.1.17
Simpleportal:

joe90

#136
May 22, 2009, 05:18:29 AM
Thanks
SMF: 1.1.17
Simpleportal:

CarlT100

#138
May 22, 2009, 10:50:13 AM
Good information here.  Thanks for taking the time to post it.
CarlT100

squad

#139
May 22, 2009, 11:54:20 AM

This has been very interesting reading. This person had tried to
get themselves registered on my forum, but fortunately I was lucky.

I had banned the IP sometime ago, not knowing it was this one, until
earlier this week. Where I consider myself extremely lucky is that I require
all my members to join using a 'real' email address ie; an email assigned
to them by their Internet Service Provider, from the word go.

I also had the 'Restrict Email Providers on Registration' mod installed, as
more of these 'free' email addresses became known I would just add them
to the modification and ban the member using that email address. That
particular modification is one of the best there is :)

Like they wouldn't realise as the request for a IP email address is in big bold
red letters on the registration agreement, but as we all know some people
will try anything once. It is funny of course, most never contact admin regarding
being banned for this reason  :P On our forum we are well aware of what these
members are after, and it isn't to participate, it is solely to copy and paste what
we have onto the forum they do participate on  :P

What I have also started to do, about the middle of the week, was as I
checked the 'guests' and they were from certain parts of the world. I started
to go and use the 'IP Deny Manager' in my cPanel. Not that I don't want 'guests'
but my forum is only for people from my country and would have nothing of
interest to any others.

Edit: Silly old me, thank you for everyone's assistance and information they
have shared during this, what would have been a dreadful time for some of you.
The SMF community is a wonderful place to be a part of :)
Print
Go Up Pages 1 ... 5 6 7 8 9 10
User actions
Advertisement: