vbportal?

**mackers8923** · Sat 29 Jul '06, 3:56pm

Originally posted by Marcellus

Hacked again?

Sorry to see you guys put through the ringer like this. I hope to see vbportal back up and running soon. I also hope the culprits get what they deserve.

Best of luck to the vbportal team! I look forward to a new update!

Looks like it from the message on the domain at the minute. Thinking about your guys vbp hope your back with us soon.

**kman2000** · Sun 30 Jul '06, 5:44am

Looks like it's down again. Was this voluntary or involuntary?

**WurkAnimal** · Sun 30 Jul '06, 6:12am

Good luck with the site, hope all goes well.

**wajones** · Sun 30 Jul '06, 8:42am

Hacked Again

Bad news we were hacked again.
Good news, I don't think vbportal or vbulletin were exploited to do it.

They must have inserted a back door during the first attack, what they did is delete all the tables from the phpportals database.

Our host 'Liquidweb' to date has been little or no help at all. The first line tech's have responded with a few things an have tried to help, but bottom line the abuse support is non existent as far as security.

Security has not even answered my tickets in 4 days. I ask last night to have my database restored (they supposably backup every night) Not even a answer about that.

(I do have my own backup, but that's not the point)

**ShadyNight** · Sun 30 Jul '06, 8:48am

Sorry to hear it Bill. Perhaps a time to switch hosts is in order eh?

Good luck on all fronts!

**Steve Machol** · Sun 30 Jul '06, 8:49am

Bill,

Here's some info eva2000 provided concerning a different server that was compromised. Perhaps this may be applicable to yours as well:

Originally posted by eva2000

I'd get them to update their apache and linux kernel versions in case... my web host for my server issues an alert as there's some serious kernel bugs which just were reported that allow local users to gain escalated privileges on a server

effects all kernels prior to 2.6.17.4

About Secunia Research | Flexera

http://secunia.com/advisories/21041/

Flexera provides software licensing management, software compliance, installation and application packaging solutions to developers and their customers.

and

About Secunia Research | Flexera

http://secunia.com/advisories/20953/

Flexera provides software licensing management, software compliance, installation and application packaging solutions to developers and their customers.

**WurkAnimal** · Sun 30 Jul '06, 8:54am

Bill, I know you'll probally shout at me for asking but is it alright to use VBAdvanced?

Sorry fo hear your attack again.

The Little ****s

**Steve Machol** · Sun 30 Jul '06, 9:04am

Originally posted by NashTax

Bill, I know you'll probally shout at me for asking but is it alright to use VBAdvanced?

Honestly that's a pretty rude question. It's clear that this has nothing to do with vBPortal.

**wajones** · Sun 30 Jul '06, 9:11am

Originally posted by NashTax

Bill, I know you'll probally shout at me for asking but is it alright to use VBAdvanced?

Sorry fo hear your attack again.

The Little ****s

To be fair I can't answer that, and to be fair why would we discuse it in this thread. I'm trying to deal with answering questions about the phpPortals site.

Thanks Scott for the info I'll sure look into that, it's beginning to look like something like that, but it's taking me up to 24 hours for Liquidweb to respond to each question and/or request. At this rate I might be down a week unless I find a new host.

**WurkAnimal** · Sun 30 Jul '06, 9:47am

ThePlanet is an exellent host. They responce to emails right away too.

**effectica** · Sun 30 Jul '06, 10:37am

Originally posted by NashTax

ThePlanet is an exellent host. They responce to emails right away too.

I am sorry for the troubles you are having.
For what it is worth, I agree with Nashtax. I am a total noob when it comes to dedicated servers, and the guys at ThePlanet always helped me fast.

**gothic** · Sun 30 Jul '06, 11:23am

ThePlanet has most certainly proved helpful here too. Very prompt assistance.

**NathanLedet** · Sun 30 Jul '06, 11:32am

well you fellas at vbPortal sure do have your work cut out for you. I wish you the absolute best of luck and I wish there was more I could do to be of help. I guess all I can say is good luck, and I will continue to remain a loyal customer. vbPortal has never given me any problems and I doubt this great program ever will. I will continue to follow along in this thread and keep up to date with what's going on. I know you can solve the problem. Good luck

**Scott MacVicar** · Sun 30 Jul '06, 2:42pm

I suggest you simply clear your entire public directory and database and start from known good backups before this started happening.

Your server has been compromised and you dont know to what extent they've installed backdoors etc, so its probably easier to accept the data loss and merge things back manually or the known good backup.

Its a hard thing to accept but you have no guarantee to whats on your system, there was also a post to the security list about the exploit this morning, so unfortunately the script kiddies now know how to exploit it.

**jw00dy** · Sun 30 Jul '06, 3:26pm

do you mind posting a link to the article on this exploit. I would like to see what exactly this entails. You can PM me if you don't want to spread the info (which is probably a good idea --> to not spread the info that is).

vbportal?

Comment

Comment

Comment

Comment

Comment

Comment

Comment

Comment

Comment

Comment

Comment

Comment

Comment

Comment

Comment