MrExcel
.
- Joined
- Feb 8, 2002
- Messages
- 3,410
- Office Version
- 365
- Platform
- Windows
Hi Everyone,
Here is an update on why the board was down for most of Sunday:
We were hacked. This is the second time the board has been hacked. If you were around long enough, you might recall the Chinese New Year hack back in early 2003. ("Happy New Year - to help you get a fresh start, we removed half of your posts!").
Smozgur jumped right in to investigate this hack. The person had found a back door at the site. About a year ago, I was trying to distribute the podcasts via BitTorrent. In order to see the BitTorrent clients, I had created a folder where the public was allowed to write files. When I abandoned the BitTorrent idea, I never CHMOD the folder back to be private. The hacker loaded a small script to that folder that deleted the user table from the board. We have the I.P. address that executed the command, which provides a name, e-mail, telephone, and postal address in Serbia. Of course, there is a good chance that the I.P. was spoofed and this is not the real person.
We have a daily backup, and it appears that only four people had signed up between the backup and the attack. So, to those four people, ("I could have sworn I signed up yesterday!") - I'm sorry - but you will have to sign up again.
Since the hacker didn't delete the message table, it does not appear that we lost any posts.
By about midnight eastern time in the US, Smozgur had restored the file and had closed the backdoor. I really want to thank him for spending a good deal of time on Sunday investigating the problem.
If you notice any strangeness, please drop a note to suat at MrExcel.com.
Bill
Here is an update on why the board was down for most of Sunday:
We were hacked. This is the second time the board has been hacked. If you were around long enough, you might recall the Chinese New Year hack back in early 2003. ("Happy New Year - to help you get a fresh start, we removed half of your posts!").
Smozgur jumped right in to investigate this hack. The person had found a back door at the site. About a year ago, I was trying to distribute the podcasts via BitTorrent. In order to see the BitTorrent clients, I had created a folder where the public was allowed to write files. When I abandoned the BitTorrent idea, I never CHMOD the folder back to be private. The hacker loaded a small script to that folder that deleted the user table from the board. We have the I.P. address that executed the command, which provides a name, e-mail, telephone, and postal address in Serbia. Of course, there is a good chance that the I.P. was spoofed and this is not the real person.
We have a daily backup, and it appears that only four people had signed up between the backup and the attack. So, to those four people, ("I could have sworn I signed up yesterday!") - I'm sorry - but you will have to sign up again.
Since the hacker didn't delete the message table, it does not appear that we lost any posts.
By about midnight eastern time in the US, Smozgur had restored the file and had closed the backdoor. I really want to thank him for spending a good deal of time on Sunday investigating the problem.
If you notice any strangeness, please drop a note to suat at MrExcel.com.
Bill
