My Forum Under Attack Help!

**Steve Machol** · Sun 30 Oct '05, 10:03am

What's the error?

**OS,** · Sun 30 Oct '05, 10:10am

i ahve my inbox full of these errors, all in my sql i have over 30 emails...., do u think this could be the hack somebody is trying to use?

**Steve Machol** · Sun 30 Oct '05, 10:11am

I can help without knowing what the exact errors are.

**OS,** · Sun 30 Oct '05, 10:29am

sure:

Error 1 out of 40

Database error in vBulletin 3.0.8:

Invalid SQL:
SELECT
post.*, post.username AS postusername, post.ipaddress AS ip,
user.*, userfield.*, usertextfield.*,
icon.title as icontitle, icon.iconpath,
avatar.avatarpath, NOT ISNULL(customavatar.avatardata) AS hascustomavatar,
customavatar.dateline AS avatardateline,
level,
NOT ISNULL(deletionlog.primaryid) AS isdeleted, deletionlog.userid AS
del_userid, deletionlog.username AS del_username, deletionlog.reason AS
del_reason,
editlog.userid AS edit_userid, editlog.username AS edit_username,
editlog.dateline AS edit_dateline,
editlog.reason AS edit_reason,
post_parsed.pagetext_html, post_parsed.hasimages,
IF(displaygroupid=0, user.usergroupid, displaygroupid) AS displaygroupid

FROM post AS post
LEFT JOIN user AS user ON(user.userid = post.userid)
LEFT JOIN userfield AS userfield ON(userfield.userid = user.userid)
LEFT JOIN usertextfield AS usertextfield ON(usertextfield.userid =
user.userid)
LEFT JOIN icon AS icon ON(icon.iconid = post.iconid)
LEFT JOIN avatar AS avatar ON(avatar.avatarid = user.avatarid) LEFT JOIN
customavatar AS customavatar ON(customavatar.userid = user.userid) LEFT JOIN
reputationlevel AS reputationlevel ON(user.reputationlevelid =
reputationlevel.reputationlevelid)
LEFT JOIN deletionlog AS deletionlog ON(deletionlog.primaryid = post.postid
AND deletionlog.type = 'post')
LEFT JOIN editlog AS editlog ON(editlog.postid = post.postid)
LEFT JOIN post_parsed AS post_parsed ON(post_parsed.postid = post.postid)
WHERE post.postid IN
(0,23763,23764,23766,23767,23768,23770,23771,23773,23774,23775,23776,23777,23778)
ORDER BY dateline

mysql error: Lost connection to MySQL server during query
Database error in vBulletin 3.0.8:

Invalid SQL:
SELECT
post.*, post.username AS postusername, post.ipaddress AS ip,
user.*, userfield.*, usertextfield.*,
icon.title as icontitle, icon.iconpath,
avatar.avatarpath, NOT ISNULL(customavatar.avatardata) AS hascustomavatar,
customavatar.dateline AS avatardateline,
level,
NOT ISNULL(deletionlog.primaryid) AS isdeleted, deletionlog.userid AS
del_userid, deletionlog.username AS del_username, deletionlog.reason AS
del_reason,
editlog.userid AS edit_userid, editlog.username AS edit_username,
editlog.dateline AS edit_dateline,
editlog.reason AS edit_reason,
post_parsed.pagetext_html, post_parsed.hasimages,
IF(displaygroupid=0, user.usergroupid, displaygroupid) AS displaygroupid

FROM post AS post
LEFT JOIN user AS user ON(user.userid = post.userid)
LEFT JOIN userfield AS userfield ON(userfield.userid = user.userid)
LEFT JOIN usertextfield AS usertextfield ON(usertextfield.userid =
user.userid)
LEFT JOIN icon AS icon ON(icon.iconid = post.iconid)
LEFT JOIN avatar AS avatar ON(avatar.avatarid = user.avatarid) LEFT JOIN
customavatar AS customavatar ON(customavatar.userid = user.userid) LEFT JOIN
reputationlevel AS reputationlevel ON(user.reputationlevelid =
reputationlevel.reputationlevelid)
LEFT JOIN deletionlog AS deletionlog ON(deletionlog.primaryid = post.postid
AND deletionlog.type = 'post')
LEFT JOIN editlog AS editlog ON(editlog.postid = post.postid)
LEFT JOIN post_parsed AS post_parsed ON(post_parsed.postid = post.postid)
WHERE post.postid IN
(0,23763,23764,23766,23767,23768,23770,23771,23773,23774,23775,23776,23777,23778)
ORDER BY dateline

mysql error: Lost connection to MySQL server during query

mysql error number: 2013

Date: Sunday 30th of October 2005 12:25:30 PM
Script: http://www.theasianplace.net/forum/showthread.php?t=688&page=2&pp=15
Referer: http://www.theasianplace.net/forum/showthread.php?t=688
Username: Mizteriouz
IP Address: 81.105.194.72

Error 2 out of 40

Database error in vBulletin 3.0.8:Invalid SQL: SELECT calendarpermission.usergroupid,calendarpermission.calendarpermissions,calendar.calendarid, calendar.title,displayorder FROM calendar AS calendar LEFT JOIN calendarpermission AS calendarpermission ON(calendarpermission.calendarid=calendar.calendarid AND usergroupid IN(1)) ORDER BY displayorder ASC mysql error: Can't connect to local MySQL server through socket'/var/lib/mysql/mysql.sock' (111)mysql error number: 2002Date: Sunday 30th of October 2005 12:25:36 PMScript: http://www.theasianplace.net/forum/index.php?Referer: http://www.theasianplace.net/forum/index.php?IP Address: 217.51.145.6

Error 3 out of 40

Database error in vBulletin 3.0.8:Invalid SQL: SELECT * FROM style WHERE (styleid = 1 AND userselect = 1) OR styleid = 1 ORDER BY styleid ASC LIMIT 1mysql error: Can't connect to local MySQL server through socket'/var/lib/mysql/mysql.sock' (111)mysql error number: 2002Date: Sunday 30th of October 2005 12:25:36 PMScript: http://www.theasianplace.net/forum/private.php?Referer: http://www.theasianplace.net/forum/showthread.php?t=686&page=2&pp=15

IP Address: 87.80.128.7

Error 4 out of 40

Database error in vBulletin 3.0.8:Invalid SQL: SELECT * FROM session WHERE sessionhash = '9ec7785049619123c71fb046e804e06f' AND lastactivity > 1130692101 AND host = '81.105.194.72' AND idhash = 'f96b52ed4d3f5bd0baecfb5533f7fac6' mysql error: Lost connection to MySQL server during querymysql error number: 2013Date: Sunday 30th of October 2005 12:25:30 PMScript: http://www.theasianplace.net/forum/forumdisplay.php?f=14Referer: http://www.theasianplace.net/forum/

IP Address: 81.105.194.72

Error 5 out of 40

Database error in vBulletin 3.0.8:

Invalid SQL:
SELECT
user.username, (user.options & 512) AS invisible, user.usergroupid,
session.userid, session.inforum, session.lastactivity, session.location,
IF(displaygroupid=0, user.usergroupid, displaygroupid) AS displaygroupid
FROM session AS session
LEFT JOIN user AS user ON(user.userid = session.userid)
WHERE session.lastactivity > 1130692065
ORDER BY username ASC

mysql error: Lost connection to MySQL server during query

mysql error number: 2013

Date: Sunday 30th of October 2005 12:25:32 PM
Script: http://www.theasianplace.net/forum/index.php?
Referer: http://www.theasianplace.net/forum/member.php?userid=7
Username: MI$$ J4TT1
IP Address: 82.27.148.69

ok shall i carry on??

also the username it mentions, its deffinately not them, maybe those are the users that have been online, and this weirdo is maybe using them as a gateway because their online?

**Steve Machol** · Sun 30 Oct '05, 10:31am

Please provide the 'wait_timeout' setting from your MySQL variables:

Admin CP -> Maintenance -> Diagnostics -> System Information -> MySQL Variables

The default is 8 hours (28800). When this is lowered from the default setting, there seems to be an increase in 'lost connection' errors.

**OS,** · Sun 30 Oct '05, 10:46am

i'll let you know eventually, once i can login that is, i think my hosting company working on it, but dont go anywhere steve im always refreshing to see if it comes, and i'll post back! Thanks,

**OS,** · Sun 30 Oct '05, 11:03am

wait timeout is: 10800

**Steve Machol** · Sun 30 Oct '05, 11:04am

That should be fine. You need to contact your host about this. See this post for the possiblecauses of a lost connection error:

Error 2013 but server up for 6 days - vBulletin Community Forum

http://www.vbulletin.com/forum/showthread.php?s=&postid=310265#post31026

Hello, Ive been running vBulletin without any incident for about 8 months now. I've recently switched ISP's and when I transferred over to the new server I started getting error emails, always error 2013. I have been switched over for about 1 week now, some days i get 15-20, others I have gotten 150-200. I have asked my ISP

**OS,** · Sun 30 Oct '05, 11:07am

they restarted server, it seems fine now, just asked them what the cause was, hopefully i'll find out,

**OS,** · Sun 30 Oct '05, 12:12pm

they said: "There were some hung processes on this server. The reboot killed these and we will continue to watch this server" i think its server problems.

My Forum Under Attack Help!

My Forum Under Attack Help!

Comment

Comment

Comment

Comment

Comment

Comment

Comment

Comment

Comment

Comment