DNF Hacked

[pertosda]

DNF hacked???

Have you seen this?

http://www.DNF

Wow, Im shocked!

 

[denny007]

Step to follow:
- Buy new server
- Install the latest security patch
- Install the forum script
- install members profile, reset all password by default.
- Ask members to email their password.
- back in business.

You're back in less than 8 hours.

My 2 cent.

If there exist a good backup

And do NOT use microsoft server, even Linux is not save anymore, use Freebsd or Solaris.

 

[Domagon]

And forgot the part about doing a security review of the underlying operating system itself being used, evaluating the server(s) configuration, services installed / running, checking the security of all vbulletin plug-ins / script modifications, verifying the data (ie. board db), etc ... the list goes on and on...

The more popular a website is, the less room for error - the stakes are much higher requiring a more in-depth recovery process beyond simple reinstalling ... if even one little detail is missed, problems could easily happen all over again.

Ron

 

[gatorgrad]

Step to follow:
- Buy new server
- Install the latest security patch
- Install the forum script
- install members profile, reset all password by default.
- Ask members to email their password.
- back in business.

You're back in less than 8 hours.

My 2 cent.

honestly though if you knew dnf just got hacked today and you see and email in your inbox allegedly from dnf asking for your password are you going to respond??

 

[TheWatcher]

honestly though if you knew dnf just got hacked today and you see and email in your inbox allegedly from dnf asking for your password are you going to respond??

Nope, will forward to FBI right away.

 

[lau]

Use Freebsd or Solaris.

:lol: Right,I agree your point.

 

[VirtualT]

:lol: Right,I agree your point.

why? All this stuff is in userspace anyway!

 

[labrocca]

If there exist a good backup

And do NOT use microsoft server, even Linux is not save anymore, use Freebsd or Solaris.

FreeBSD for sure. I haven't been exploited or hacked in about 3 years now since I moved to BSD. Of course I am more careful but BSD is more secure by default.

I agree that he should be up by now if he had a complete backup. They could simply be busy though over at TRAFFIC. I am pretty sure that from nothing you could have a functioning server with the site back up in 6-10 hours if a competent sysadmin was handling this.

 

[gatorgrad]

seems as though they're still battling a bit with the hacker/cracker.... Just a few minutes ago homepage showed a message "I cannot access the database"

and now it's back to the "DNF will be back soon."

 

[denny007]

why? All this stuff is in userspace anyway!

Only small percentage of servers in the world is running Freebsd, even less is running Solaris. So it is for a hacker uneconomical to search exploits for it. I.e. there does not exist any rootkit for BSD or Solaris (afaik).

 

[VirtualT]

Only small percentage of servers in the world is running Freebsd, even less is running Solaris. So it is for a hacker uneconomical to search exploits for it. I.e. there does not exist any rootkit for BSD or Solaris (afaik).

its more likely that the cracker used a php exploit rather than a remote kernel vulnerability

 

[denny007]

its more likely that the cracker used a php exploit rather than a remote kernel vulnerability

Didn't know Microsoft servers has something like "kernel"

 

[VirtualT]

Didn't know Microsoft servers has something like "kernel"

All operating system have a "kernel", and actually your statement is completely incorrect, the larger proportion of the internet runs on some variant of UNIX

 

[scribby]

Still if your running Linux, keep your kernel updated, have a firewall, your pretty much fine. The amount of hosts I see still running old kernels is huge, most people think its pretty hard to get a new kernel up and running without destroying your server, when its fairly easy and if done correctly you can test and if server does not come back online you can get the data center to reboot your server and everything was back like it was before. (I'm talking about grub save once).

I update my system every chance I get and every update that comes out I have within a few hours or less, but this "my server has been up for 365 days straight" seems to be taking over where people are more concerned about how long there server has been up rather than having to do a reboot in order to load a new kernel etc... I mean so what if your server has a 5min boot time, 5mins of downtime while if you don't update and your server is hacked it can take you hours to recover.

 

[denny007]

All operating system have a "kernel", and actually your statement is completely incorrect, the larger proportion of the internet runs on some variant of UNIX

With your sentence "its more likely that the cracker used a php exploit rather than a remote kernel vulnerability" I understood you are talking about DNF, which used MS.

 

[VirtualT]

With your sentence "its more likely that the cracker used a php exploit rather than a remote kernel vulnerability" I understood you are talking about DNF, which used MS.

from wikipedia:

"In computing, the kernel is the central component of most computer operating systems (OSs). Its responsibilities include managing the system's resources and the communication between hardware and software components. As a basic component of an operating system, a kernel provides the lowest level of abstraction layer for the resources (especially memory, processors and I/O devices) that applications must control to perform their function. It typically makes these facilities available to application processes through inter-process communication mechanisms and system calls."

Just because windows kernel is inaccessable doesn't mean it doesn't have one

 

[tpyo]

Firstly, "hacker" verse "cracker" - technically, there is a distinction between the two terms, but as language usage changes so do meanings of things, especially when the original meaning was obscure to the bulk of the populace ... bottom line is that the layperson associates "hacker" with bad stuff...

Ron, of course you're right.

If you tell a layperson you spend most of your time in front of a pc screen, are an active member of several forums on the internet, and make a five figure US$ amount off the internet monthly, they'll also believe you're some kind of obscure "hacker".

 

[TheWatcher]

I was a very active programmer during my highschool and college days back in late 80s. We use the word hacker to bring the best out of programming and create useful program. We called a hacker because of that ability.

Our friends in media overcooked the term "hacker" and sent the wrong message.

 

[denny007]

from wikipedia:
Just because windows kernel is inaccessable doesn't mean it doesn't have one

Thats why I wrote "Didn't know Microsoft servers has something like kernel" - and you wrote "your statement is completely incorrect, the larger proportion of the internet runs on some variant of UNIX" - so I am saying now "HUH ?"

And as you cannot compile Windows kernel it does no matter if it does or does not have a kernel. From the security point of view is same - you usually need to wait for some official patch...

 

[VirtualT]

Thats why I wrote "Didn't know Microsoft servers has something like kernel" - and you wrote "your statement is completely incorrect, the larger proportion of the internet runs on some variant of UNIX" - so I am saying now "HUH ?"

I was refering to your statement:

"Only small percentage of servers in the world is running Freebsd, even less is running Solaris. So it is for a hacker uneconomical to search exploits for it. I.e. there does not exist any rootkit for BSD or Solaris (afaik)."

 

[tpyo]

I was a very active programmer during my highschool and college days back in late 80s. We use the word hacker to bring the best out of programming and create useful program. We called a hacker because of that ability.

Our friends in media overcooked the term "hacker" and sent the wrong message.

Exactly. I liked to think of myself as a hacker while I was struggling to make sense of assembly code and the Z80, and 300 baud was an amazing speed for an acoustic coupler.

"California games" on my C64 was cracked.

I remember Golden Shower of Warez - (I didn't get the shower part. And I used to think that "Warez" was a city in Mexico).

Never mind.

 

[denny007]

I was refering to your statement:

"Only small percentage of servers in the world is running Freebsd, even less is running Solaris. So it is for a hacker uneconomical to search exploits for it. I.e. there does not exist any rootkit for BSD or Solaris (afaik)."

So ? I am not contradicting most servers is running some Unix. But most of Unix servers is running some version of Linux. Only small percentage is running BSD and even less Solaris (and AIX and VMS etc). Thats why hackers are not interested in it - they rather hack Linux or MS.

 

[VirtualT]

So ? I am not contradicting most servers is running some Unix. But most of Unix servers is running some version of Linux. Only small percentage is running BSD and even less Solaris (and AIX and VMS etc). Thats why hackers are not interested in it - they rather hack Linux or MS.

umm, actually unix is not linux, linux is a branch of unix, and solaris IS unix

 

[denny007]

umm, actually unix is not linux, linux is a branch of unix, and solaris IS unix

Huh ? Why are you saying like I said something I did not say ? Saying Unix these days means Unix-like. There is still trademark for the brand "Unix" http://en.wikipedia.org/wiki/Unix

I am ending this debate you pick some sentence and apply to it answer which is not in context.

back to the topic - I already made new post on DNF:
http://www.DNF/showthread.php?p=981538

Update - new post has been deleted and now can not do posts

 

[Domino]

Hi Denny...ColdGin here...I cannot reach the site...

 

[denny007]

Hi Denny...ColdGin here...I cannot reach the site...

Yeah Its slow now.

Recent print screen http://jzn.com/DNF.gif