Updates and such

All important info is posted here, such as server IP's and Vent info.
User avatar
Darkfoxx
Site Admin
Posts: 9638
Joined: Mon Jul 02, 2007 7:09 pm
Location: Alexandria, VA
Contact:

Updates and such

Postby Darkfoxx » Fri Jan 30, 2015 11:50 am

Just wanted to provide a recap of the recent "attack" we faced over the past ~24 hours or so.

At some point around January 28-29th, the forum database was compromised. The phpbb_groups table had been altered in such a way that removed all of the default groups. Some of you may have noticed when you logged in yesterday that you couldn't view the public forums. This is because everyone is placed in a "registered users" group that is allowed to view everything public. Well, if this group doesn't exist, you would only be able to view private forums that have been assigned to specific groups. Luckily for you guys I'm awesome and I take regular SQL dumps (lol!) and it was a simple import.

The SSH logs show no extraneous authenticated root users, so it was likely a direct SQL injection through a security flaw in phpBB. We're constantly getting ass-pounded with attacks from Hong Kong/China/other fuckers/etc.

The good news is that phpBB released a security update just the other day, so I've gone and applied it.

I've taken steps to harden SSH security and also added a system (fail2ban) that automatically IP bans any of these assholes. :thumbsup:

Oh yeah I added two new smilies for this occasion... :shotty: :sniper:
Gaming:
Image
Workstation:
Image

User avatar
Harness
Da Bumble
Posts: 2069
Joined: Mon Dec 10, 2007 6:13 pm

Re: Updates and such

Postby Harness » Fri Jan 30, 2015 12:55 pm

First!

User avatar
Harness
Da Bumble
Posts: 2069
Joined: Mon Dec 10, 2007 6:13 pm

Re: Updates and such

Postby Harness » Fri Jan 30, 2015 12:57 pm

Darkfoxx wrote: I'm awesome and I take regular SQL dumps

:shotty: :sniper:


Thats funny, I take regular SQL dumps too!

User avatar
Darkfoxx
Site Admin
Posts: 9638
Joined: Mon Jul 02, 2007 7:09 pm
Location: Alexandria, VA
Contact:

Re: Updates and such

Postby Darkfoxx » Tue Feb 03, 2015 10:45 am

Let's try this again...

phpBB released another patch to fix the previous one...so that's been installed. Let's hope things are fixed now.

In other news, here is a list of all the fuckers that have been autobanned since I implemented the new fail2ban system:

Code: Select all

222.186.56.43
211.154.136.132
212-129-36-6.rev.poneytelecom.eu
138-115-74-198-dedicated.multacom.com
61.19.247.71   
175.102.11.6   
midphase.com   
222.186.34.243
204.51.174.61.dial.wz.zj.dynamic.163data.com.cn
201.51.174.61.dial.wz.zj.dynamic.163data.com.cn
218.203.54.156
59.15.47.193   
195.208.220.132
228.51.174.61.dial.wz.zj.dynamic.163data.com.cn
115.239.228.14
114.255.149.210
193.107.17.72 
231.51.174.61.dial.wz.zj.dynamic.163data.com.cn
58.215.179.202
190.144.226.82
115.239.228.35
198.51.174.61.dial.wz.zj.dynamic.163data.com.cn
CPE56245.tvcom.net.ua
indra.commaster.ru
229.50.174.61.dial.wz.zj.dynamic.163data.com.cn
62-210-125-142.rev.poneytelecom.eu
244.50.174.61.dial.wz.zj.dynamic.163data.com.cn
202.51.174.61.dial.wz.zj.dynamic.163data.com.cn
225.50.174.61.dial.wz.zj.dynamic.163data.com.cn
dedic530.hidehost.net
188.50.174.61.dial.wz.zj.dynamic.163data.com.cn
115.231.222.45
115.231.222.176
115.231.223.170
115.239.228.9 
115.239.228.12
205.213.120.106.static.bjtelecom.net
115.239.228.15
62-210-129-168.rev.poneytelecom.eu
115.239.228.16
115.239.228.34
115.239.228.7 
115.230.126.151
115.231.218.131
115.231.218.130
183.136.216.3 
115.239.228.11
183.136.216.4 
115.239.228.4 
bobmacdonald.com
122.225.109.125
115.239.228.6 
122.225.103.125
115.239.228.13
206.51.174.61.dial.wz.zj.dynamic.163data.com.cn
105.49.174.61.dial.wz.zj.dynamic.163data.com.cn
195-154-168-59.rev.poneytelecom.eu
62-210-211-45.rev.poneytelecom.eu
200.51.174.61.dial.wz.zj.dynamic.163data.com.cn
115.239.248.48
123.157.150.48
smtp107.mysmtps.com
149.4.161.222.adsl-pool.jlccptt.net.cn
251.50.174.61.dial.wz.zj.dynamic.163data.com.cn
61.160.223.67
Gaming:
Image
Workstation:
Image

User avatar
Harness
Da Bumble
Posts: 2069
Joined: Mon Dec 10, 2007 6:13 pm

Re: Updates and such

Postby Harness » Tue Feb 03, 2015 11:07 pm

Darkfoxx wrote:Let's try this again...

phpBB released another patch to fix the previous one...so that's been installed. Let's hope things are fixed now.

In other news, here is a list of all the fuckers that have been autobanned since I implemented the new fail2ban system:

Code: Select all

222.186.56.43
211.154.136.132
212-129-36-6.rev.poneytelecom.eu
138-115-74-198-dedicated.multacom.com
61.19.247.71   
175.102.11.6   
midphase.com   
222.186.34.243
204.51.174.61.dial.wz.zj.dynamic.163data.com.cn
201.51.174.61.dial.wz.zj.dynamic.163data.com.cn
218.203.54.156
59.15.47.193   
195.208.220.132
228.51.174.61.dial.wz.zj.dynamic.163data.com.cn
115.239.228.14
114.255.149.210
193.107.17.72 
231.51.174.61.dial.wz.zj.dynamic.163data.com.cn
58.215.179.202
190.144.226.82
115.239.228.35
198.51.174.61.dial.wz.zj.dynamic.163data.com.cn
CPE56245.tvcom.net.ua
indra.commaster.ru
229.50.174.61.dial.wz.zj.dynamic.163data.com.cn
62-210-125-142.rev.poneytelecom.eu
244.50.174.61.dial.wz.zj.dynamic.163data.com.cn
202.51.174.61.dial.wz.zj.dynamic.163data.com.cn
225.50.174.61.dial.wz.zj.dynamic.163data.com.cn
dedic530.hidehost.net
188.50.174.61.dial.wz.zj.dynamic.163data.com.cn
115.231.222.45
115.231.222.176
115.231.223.170
115.239.228.9 
115.239.228.12
205.213.120.106.static.bjtelecom.net
115.239.228.15
62-210-129-168.rev.poneytelecom.eu
115.239.228.16
115.239.228.34
115.239.228.7 
115.230.126.151
115.231.218.131
115.231.218.130
183.136.216.3 
115.239.228.11
183.136.216.4 
115.239.228.4 
bobmacdonald.com
122.225.109.125
115.239.228.6 
122.225.103.125
115.239.228.13
206.51.174.61.dial.wz.zj.dynamic.163data.com.cn
105.49.174.61.dial.wz.zj.dynamic.163data.com.cn
195-154-168-59.rev.poneytelecom.eu
62-210-211-45.rev.poneytelecom.eu
200.51.174.61.dial.wz.zj.dynamic.163data.com.cn
115.239.248.48
123.157.150.48
smtp107.mysmtps.com
149.4.161.222.adsl-pool.jlccptt.net.cn
251.50.174.61.dial.wz.zj.dynamic.163data.com.cn
61.160.223.67



Image

User avatar
Bacon
People Know Me
Posts: 1380
Joined: Wed Aug 15, 2007 9:40 pm

Re: Updates and such

Postby Bacon » Wed Feb 04, 2015 8:12 am

crazy :sniper:


Return to “News and Announcements”

Who is online

Users browsing this forum: No registered users and 1 guest