Continued Server issues

This is an open MRC ONLY discussion area for the discussion or petition of Rules, Policies, or other MRC and MRC Alliance items. Please announce any absences (long term or short term) on this board. New campaign announcements will be posted on this board, as well.
Webmaster (F)
User avatar
Posts: 1842
Joined: Thu Sep 27, 2001 6:00 pm
Location: Cheyenne, WY

Continued Server issues

Postby Lanji » Thu Jun 23, 2005 11:49 am

Greetings everyone, sorry for the problems, but I'm currently in Boston on business and getting slammed every few hours by this problem.

What's happening is someone has found a way to get into phpBB on older boards on the server and basically load a simple spam sending file. The spam file basically takes over all of the CPU and shuts down mySQL in the process, which causes everything else to go down.

While I'm trying to get this fixed, I'm unfortinatly able to shutdown everyone that needs shutdown due to other agreements I have made.

So unfortinatly the MRC has to suffer at this time until I'm back in Wyoming.

BTW, I missed my flight this morning, so its going to be a few extra hours or even an extra day before I can do anything about this seriously.

For now I have placed tighter restrictions on the /tmp directory, but that's only working a little so far.

Also, everyone give Xuric a huge thanks for doing his best without Root right now!! He's been a huge help.

Ji'Tuan
User avatar
Posts: 395
Joined: Thu Dec 23, 2004 6:00 pm
Location: Virgina, U.S.

Postby Blue Phoenix » Thu Jun 23, 2005 6:15 pm

Thanks xuric! Thanks Lanji!

Have a fun flight, and good luck with the php doohikies :D

Game Master
User avatar
Posts: 12405
Joined: Tue Oct 16, 2001 6:00 pm
Location: Vancouver, BC

Postby Sabre » Thu Jun 23, 2005 9:40 pm

Thanks Xuric. You rock!!

Assistant Game Master
User avatar
Posts: 998
Joined: Fri Oct 17, 2003 6:00 pm
Location: Behind a computer sipping coffee.

Postby NightLance » Thu Jun 23, 2005 9:53 pm

Xuric pwns with this. o.o

Game Master
User avatar
Posts: 2244
Joined: Mon Feb 18, 2002 6:00 pm

Postby MasumiX » Fri Jun 24, 2005 2:12 am

... now if we could only house train him ... :evil: :D

Ji'Tuan
User avatar
Posts: 395
Joined: Thu Dec 23, 2004 6:00 pm
Location: Virgina, U.S.

Postby Blue Phoenix » Fri Jun 24, 2005 7:00 am

Oh!.....So that wasn't applejuice? :oops:

Wing Leader
User avatar
Posts: 664
Joined: Sat Jun 07, 2003 6:00 pm

Postby Kai » Fri Jun 24, 2005 11:26 am

If you think it will help, you are welcome to kill anything from WT on the server until you get back :)

Webmaster (F)
User avatar
Posts: 1842
Joined: Thu Sep 27, 2001 6:00 pm
Location: Cheyenne, WY

Postby Lanji » Mon Jul 25, 2005 11:04 pm

Another quick update, we've upgraded to phpBB 2.0.17 the "lets hope that the phpBB group gets their act together upgrade."

Thanks,
-Lanji

Member
User avatar
Posts: 25
Joined: Fri Sep 19, 2003 6:00 pm
Location: U.S.A

Postby Shimmernet » Tue Jul 26, 2005 1:44 pm

"lets hope that the phpBB group gets their act together upgrade."


What does that mean exactly? Has there been a lot of holes in their updates lately? I always thought of coders as these celestial beings out of the reach of mere mortals. I do know however that bad software compared to good software either makes or breaks my day.

Webmaster (F)
User avatar
Posts: 1842
Joined: Thu Sep 27, 2001 6:00 pm
Location: Cheyenne, WY

Postby Lanji » Tue Jul 26, 2005 7:28 pm

phpBB as one of the top free (GNU) applications on the Internet is used heavily by just about anyone that wants a free message board, and doesn't want to used a restricted license board, or a board with fewer features.

As a peice of software with source code available, its easier for hackers and script kiddies alike to figure out how to make trouble with it.

Part of my comment though is that over the last two months there have been 3 major security related upgrades, 2.0.15, 2.0.16 and 2.0.17, which is the version we are on now. Keeping up with these upgrades is very time consuming, and takes a serious chuck out of time I would be spending doing other projects.

But, such is life. But that still doesn't mean that I don't think the phpBB people shouldn't increase their staff, and speed forward a little bit on getting these simular problems fixed. (All three recent upgrades had to do with cross-site scripting problems.)

Member
User avatar
Posts: 25
Joined: Fri Sep 19, 2003 6:00 pm
Location: U.S.A

Postby Shimmernet » Wed Jul 27, 2005 7:11 am

Wow, I never had an idea phpBB was open source or one of the projects under the GNU liscense. That's cool, I always thought they where a for profit business. I've been to their official forums once or twice when I was trying to figure out how to indent text. I noticed this board had a lot of plugins compared to the other phpBB boards I've been at. The Character Post ID is the most unique feature I've seen.

Yeah this forum must use a SQL server right? The entire database must be taken down so it must be a long process. Thanks for explaining it to me.

Wing Leader
User avatar
Posts: 664
Joined: Sat Jun 07, 2003 6:00 pm

Postby Kai » Mon Aug 01, 2005 9:05 am

Heh, actually the MRC is rather tame in regards to hacks, there's an entire site dedicated to it, I've written 6 or 7 myself :)

Web Managers Group
User avatar
Posts: 1476
Joined: Sat Oct 13, 2001 6:00 pm
Location: The Middle of NoWhere

Postby Xuric » Mon Aug 01, 2005 1:59 pm

:o You've written 6 or 7 hacks?

Wing Leader
User avatar
Posts: 664
Joined: Sat Jun 07, 2003 6:00 pm

Postby Kai » Mon Aug 01, 2005 2:42 pm

Oh right, the PC police at the official site have decided to call them Mods now, haven't they? Add-ons, improvements, extras, hacks :)

Web Managers Group
User avatar
Posts: 1476
Joined: Sat Oct 13, 2001 6:00 pm
Location: The Middle of NoWhere

Postby Xuric » Mon Aug 01, 2005 4:51 pm

oh, phpbbhacks.com ... I'm familiar with them. Heh, the other meaning of "hack." The kind I do. :)

Wing Leader
User avatar
Posts: 664
Joined: Sat Jun 07, 2003 6:00 pm

Postby Kai » Tue Aug 02, 2005 9:04 am

Sorry, must have slipped into techspeak there ;) Me and the official site had a uh..little falling out in regards to their policies for approval like in the 1.4 days, I haven't bothered with them other than grabbing point updates in years. They will always be hacks, and exploits will be exploits. Course phpbbhacks.com might hate me now cause I never did finish Account Switch 2.0. Sigh.

Return to Member Updates

Who is online

Users browsing this forum: No registered users and 14 guests