vbportal?
Collapse
X
-
-
-
Hacked Again
Bad news we were hacked again.
Good news, I don't think vbportal or vbulletin were exploited to do it.
They must have inserted a back door during the first attack, what they did is delete all the tables from the phpportals database.
Our host 'Liquidweb' to date has been little or no help at all. The first line tech's have responded with a few things an have tried to help, but bottom line the abuse support is non existent as far as security.
Security has not even answered my tickets in 4 days. I ask last night to have my database restored (they supposably backup every night) Not even a answer about that.
(I do have my own backup, but that's not the point)
Comment
-
Comment
-
Bill,
Here's some info eva2000 provided concerning a different server that was compromised. Perhaps this may be applicable to yours as well:
Originally posted by eva2000I'd get them to update their apache and linux kernel versions in case... my web host for my server issues an alert as there's some serious kernel bugs which just were reported that allow local users to gain escalated privileges on a server
effects all kernels prior to 2.6.17.4
Flexera provides software licensing management, software compliance, installation and application packaging solutions to developers and their customers.
and
Steve Machol, former vBulletin Customer Support Manager (and NOT retired!)
Change CKEditor Colors to Match Style (for 4.1.4 and above)
Steve Machol Photography
Mankind is the only creature smart enough to know its own history, and dumb enough to ignore it.
Comment
-
Bill, I know you'll probally shout at me for asking but is it alright to use VBAdvanced?
Sorry fo hear your attack again.
The Little ****sComment
-
Steve Machol, former vBulletin Customer Support Manager (and NOT retired!)
Change CKEditor Colors to Match Style (for 4.1.4 and above)
Steve Machol Photography
Mankind is the only creature smart enough to know its own history, and dumb enough to ignore it.
Comment
-
Thanks Scott for the info I'll sure look into that, it's beginning to look like something like that, but it's taking me up to 24 hours for Liquidweb to respond to each question and/or request. At this rate I might be down a week unless I find a new host.
Comment
-
-
Comment
-
well you fellas at vbPortal sure do have your work cut out for you. I wish you the absolute best of luck and I wish there was more I could do to be of help. I guess all I can say is good luck, and I will continue to remain a loyal customer. vbPortal has never given me any problems and I doubt this great program ever will. I will continue to follow along in this thread and keep up to date with what's going on. I know you can solve the problem. Good luckComment
-
I suggest you simply clear your entire public directory and database and start from known good backups before this started happening.
Your server has been compromised and you dont know to what extent they've installed backdoors etc, so its probably easier to accept the data loss and merge things back manually or the known good backup.
Its a hard thing to accept but you have no guarantee to whats on your system, there was also a post to the security list about the exploit this morning, so unfortunately the script kiddies now know how to exploit it.Comment
-
do you mind posting a link to the article on this exploit. I would like to see what exactly this entails. You can PM me if you don't want to spread the info (which is probably a good idea --> to not spread the info that is).Just another squirrel trying to get a nut
allthingsmoto.com, bodynspirit.net, & payinitoff.comComment
widgetinstance 262 (Related Topics) skipped due to lack of content & hide_module_if_empty option.
Comment