Pay attention, folks.
The server is moving.
This means there will be an outage this weekend, from Friday onwards, during which time the forum will be shut down, and you will be unable to access it. Once it comes back up, there may be a delay while the DNS updates, or there may not - details are still forthcoming, and will be updated here when they arrive.
Slightly longer description is that the server has been having some hardware problems of late, and we're outgrowing it (not us, but everyone on the server combined); as a result, the owner is migrating to a new solution with more bandwidth, more disk, more (4x) CPU, and more (4x) RAM. (And, of course, more cost; anyone who wants to donate to server costs, feel free to contact me and I'll find out how you can help.) This will, perforce, require us to move with and when he asks us to. That will involve locking down the forum, taking a backup, moving it to the new server, and re-enabling access, more or less in that order. Some of these may take some time to accomplish. And, as expected, we'll need to work in with everyone else to make this work with minimal disruption, so we don't have much say in when it kicks off.
We will, of course, keep you up to date with when and what we expect.
Any questions? I thought not. ;-]
Do note that the forum is already paid for as part of the hosting package I pay. I'm not trying to dissuade anyone from helping out (since the server owner is a good guy and the deal I have is made possible by his willingness to be flexible with the hosting package), but I don't want anyone to think that the forum isn't already paid for or that we're trying to gouge money out of people.
I pay the fair share of costs for the forum, so only donate if you want to, not out of fear that the forum will go away if you don't.
Indeed; if it wasn't clear, that _was_ what I was aiming at.
What about payments to make the forum go away? How will that work?
Pay them directly to me then GTFO.
;)
Good luck with the move! I hope it all goes smoothly.
...Unlike my computer. >.>
Can we pay to have specific people go away? How does pricing teirs work for say admins and mods?
It depends on how much I like them :)
Quote from: Damaris on July 13, 2011, 08:31:22 PM
It depends on how much I like them :)
Are there people with negative pricetags?
Oh this will be cheaper then I thought. No one likes llearch.
Quote from: Damaris on July 13, 2011, 08:31:22 PM
It depends on how much I like them :)
Dammit.
Quote from: ShadesFox on July 13, 2011, 10:08:12 PM
Oh this will be cheaper then I thought. No one likes llearch.
Double dammit.
Quote from: VAE on July 13, 2011, 09:12:29 PM
Quote from: Damaris on July 13, 2011, 08:31:22 PM
It depends on how much I like them :)
Are there people with negative pricetags?
Gah! Triple dammit!
You guys suck. And not in a good way. :-P
An in update to this.
We done got rooted. Only, it wasn't us. The current understanding of the server admin is that it's probably someone else's unsecured, unpatched, wordpress install elsewhere on the box that got busted.
As a result, all files that contained index, default, home, or main in the filename had their contents replaced with a pretty html output generated in microsoft frontpage - so the sad monkeys who did this can't even write their own html - with obvious poor results on the various websites hosted on the server.
We believe we've recovered almost everything from backup; there are still some bugs outstanding, but we're working on that.
In the meantime, we apologise for the disturbance.
Do not try to adjust your televisions...
I should point out that the skript kiddies weren't even able to log in. They'd changed the password, but the owner was still logged in, so he just changed it back, after killing their connection.
Ho hum. Not even competent monkeys.
He did mention that to me, and I found it rather funny.
Not that, had they been able to log in, they would have gotten far. He already swore he'd lock the server down and do a remote wipe/backup if he had to.
Quote from: llearch n'n'daCorna on July 14, 2011, 03:21:03 PM
As a result, all files that contained index, default, home, or main in the filename had their contents replaced with a pretty html output generated in microsoft frontpage - so the sad monkeys who did this can't even write their own html - with obvious poor results on the various websites hosted on the server.
Yeah, I noticed the Frontpage bit. I was worrying as to whether the login tables might have been stolen, though from what you're saying it is starting to sound a little less likely.
Nah, the login tables are in the database, and the files controlling the access to that were not touched.
It's a standard script, that simply finds all files and writes over them. Much easier than trying to get login details.
Oh, and they shouldn't be able to get back in, either; we're obviously not 100% on that, but we have made it harder...
Everything I've read on 'Killermind' seems to point to either weak ftp passwords or wordpress exploits. Doesn't seem to be anything too sophisticated.
Edit: Looks like he's got some IIS exploits too. I rescind my previous statement. That's a little bit smarter.
It was someone's WordPress. They didn't use a very powerful script, just executed at the right place.
This didn't happen over the weekend, the server owner is busy.
So it'll happen at some point unexpectedly this week. We'll try to give as much advance warning as possible.