http://www.mazda3forums.com/

Are we protected?

Yeah M3F has been up and down for the last couple days. Looks like they finally got hit really bad.

http://www.mazda3forums.com/

Are we protected?there is always a chance of any server getting hijacked.

yeah...a couple days ago they lost all information since Oct 14. Looks like they only have weekly back ups.

It's weird, all the posts were gone and PMs gone too...buy/sell section had a bunch of items that were sold and people asking about the items again...also GB's where buyers posts disappeared. Thing is, it can happen to any server.

axelaR.

http://www.mazda3forums.com/

Are we protected?

it happened to us before , remember?

Yea, hence one of the reasons we switched for .com to .ca

We have back ups and security measures in place.

What's the benefit of changing from .com to .ca?

Yea, hence one of the reasons we switched for .com to .ca

We have back ups and security measures in place.
indeed, we have security measures in place, and regular back ups. We also have a very secure server.

no one cares about hacking Canadians :chuckle



What's the benefit of changing from .com to .ca?

indeed, we have security measures in place, and regular back ups.

Broli and I take turns watching the computer that goes "bing" to make sure it doesn't go "bing." We've been told that when it does to stay calm, sit down and have a good cry.

Hey, it's worked so far.

lol.. having .ca removes you from "THE RADAR"..

Card: Why are you and Broli wasting your time?? Just install Windows and be on your way. We all know that Windows is the most secure OS in the world. :werd

"bing"


:pop

SRT owners hit them hard!

BING

























:pop

This site has been kind of slow....

Seriously, when I click on Today's link, it often comes up blank until I hit it again. Just been happening here the past week or two.

This site has been kind of slow....

Seriously, when I click on Today's link, it often comes up blank until I hit it again. Just been happening here the past week or two.
yeah, I'm working on it with our host. Seems be an SQL issue, but we're having trouble finding exactly where.

It seems weird, two forums went down at the same time. Yarisworld.com was hacked and deleted, the only backups are a year old! Everything has been restored to October last year! Like taking a trip back in time, seeing all my old posts. M3F is down too, due to a "hyjacking". What's going on with auto forums?!

In the past few days I have also noticed that our site is slow. Whenever I try to post, the site just hangs. At first I thought it was my internet connection but when this happened I tried opening other sites and everything seemed just fine.

It seems weird, two forums went down at the same time. Yarisworld.com was hacked and deleted, the only backups are a year old! Everything has been restored to October last year! Like taking a trip back in time, seeing all my old posts. M3F is down too, due to a "hyjacking". What's going on with auto forums?!

Wow they only backed it up once a year? Knowing computers. If you have an online forum and don't back it up often... maybe you shouldn't have an online forum.

I backup my work every day. I backup my iphone every day when I connect it. I backup everything all the time.

Did they fall to brute force attack on ssh?
Are we running *nix for our server?

Can't to understand, what bonuses hackers have from crashing servers.
Or it was unsuccessfull atempt to get to members computers?

The only sort of details they could have possibly gotten about the users is A: anything you post, and B: possibily your IP address (assuming the server kept that logged for security reasons)

I wouldn't sweat it if you were a member on both.

In all Honesty, Most servers are VERY secure. I'm quite suprised that those two forums fell victim. I'd bet a shiney dollar that they fell super behind on their updates/patches, or their firewall rules were super relaxed. I'm betting they got in through telnet. There's a way to modify a registry key that allows for Remote desktop, and wreaked havok from there.

Brute force would have locked up any server made in the last... oh 10 years. Unless The Admin has the "lock user account after X many failed logon attempts" disabled.... :-|

Very secure server? lol If it's plugged into a network, it can be compromised. All you can do is secure as much as possible and hope that the new script some 12 year old kid wrote can't get around your firewalls, tcpwrappers, around your DMZ and all that fun stuff.

Even having ftp open on the server this webpage is hosted on is enough to get in.

The only sort of details they could have possibly gotten about the users is A: anything you post, and B: possibily your IP address (assuming the server kept that logged for security reasons)

I wouldn't sweat it if you were a member on both.

In all Honesty, Most servers are VERY secure. I'm quite suprised that those two forums fell victim. I'd bet a shiney dollar that they fell super behind on their updates/patches, or their firewall rules were super relaxed. I'm betting they got in through telnet. There's a way to modify a registry key that allows for Remote desktop, and wreaked havok from there.

Brute force would have locked up any server made in the last... oh 10 years. Unless The Admin has the "lock user account after X many failed logon attempts" disabled.... :-|

You think they got in with telnet which is by default off on every server??? lol

I figured out how they got hijacked...

The developer who made the forum, hand it over to a co op student to manage it for a day.... Can't blame him... "It's my first day" SARC:
LOL!!!!

Yep, just figure that passwords are often shared. And people should change them frequently in this type of situation. Plus i would never give out Admin Passwords let alone my own password.

Thought I heard the computer go "bing."

Nope, that was clearly a "bong".... :chuckle

i figured out how they got hijacked...

The developer who made the forum, hand it over to a co op student to manage it for a day.... Can't blame him... "it's my first day" sarc:
Lol!!!!

lol

I figured out how they got hijacked...

The developer who made the forum, hand it over to a co op student to manage it for a day.... Can't blame him... "It's my first day" SARC:
LOL!!!!

Hey! what's wrong with co-op students? :)

Hahaha Priceless!

And for the record, Telnet is not disabled on a server by default. However, most firewalls will block telnet by default, however.
IT SHOULD be, however. Unencrypted term sessions are just begging to be owned.

Most cracks are done by exploiting flaws in the forum software. This is typically done by feeding the site well crafted "garbage" when requesting a page -- stuff that should be filtered out but sneaks through anyway. The source code for pretty much every forum software is freely available, so the hackers can, and do, pick it appart line-by-line until they find an exploitable flaw. SQL injection and buffer overflow are the two most common mechanisms for cracking a site, but occasionally it's a simple as using a special command that is supposed to be a secret.