Forum attack

[gegyx]

There is also the capacity: "traffic econology: 300 MB and 28 GB of transfer for September"

Candide's question: if there are 50 recurrent speakers, this means 50 people really interested in the current formula and many others interested in passive reading or even summary interest…
How then to explain the disproportion in the survey for the creation of an association "Econology", where there are currently 290 people who have declared themselves resolutely in favor of an amount of 1 to more than 100 € of subscription? ;)

[Christophe]

In case of change of Forum for phpBB for example, it is quite simple to migrate the data. Scripts already ready may exist elsewhere.
It would be a shame to lose all the data accumulated over several months ....

Possibly I can give a helping hand for migration, I have already migrated a forum owner to phpBB without too many problems ...

SixK

Since Invision and phpBB are "concurrent" I did not think that such scripts existed ... I would obviously be VERY interested in such scripts and a helping hand would be welcome

When do we start?

[Christophe]

I am amazed at the number of people who seem not to have been worried by this bp… Given the few interventions in this post, and the multitude of other interventions, as if nothing had happened, where everything had been transparent …
It started early Saturday afternoon, following an attempt to download Christophe and Olivier's patent; boulé each time, with the code; and then reconnecting to the forum, my Mc Afee antivirus signaled me a Trojan horse “sploit.ani”, and prevented me from going further, and this until the evening; I put Ad Aware, then A2 Squared free, then my anti-virus detected nothing more on the computer. I reconnected on the forum tonight.

1) yes the little reaction surprises me too ... but this confirms the active "50" ...

2) I did not know that it dated from Saturday! Do you have the most accurate time possible? I have the raw logs but hey ... more than 20 MB per day in .txt you see the mass ... It's pretty indigestible ...
I did not notice anything on Saturday ... besides for the password I noticed no bp ... but it is true that I do not download every day on my site: rolleyes:

3) The attack does not seem very serious, however ...

4) What worries me, I repeat, is the fact that everything came back "automatically" in order ....

[Christophe]

Hello !
What is reassuring is that everything is back in order in a few hours, even on a Sunday! So if it is the work of the host, it is well done on their part!

it went quickly enough, I saw nothing on my side!

yahi

I would say, on the contrary, that this is what worries me because my host claimed to me that it was a targeted attack!

I got a response from the host, here are the exchanges:


My questions

Hello

I would like to warn you that: I suffered yesterday (Sunday 23/10) in the afternoon, an attack on the forum

1.jpg: loading the applet
2.jpg effect on the internal pages of the forum (all except home)

Effect: set up on all pages at the top of the forum :

The problem "apparently" disappeared around 21pm ....

My questions :

1) Is this attack specifically dedicated to my site or to the whole shared server on which I am? (which I suppose since the problem disappeared automatically ...)
2) What can I do to protect myself from a possible more serious future attack? (apart from regular backups that I do anyway)
3) How do I find the source of this attack (if it is personally destroyed)? Have you noticed anything special in the security logs of my site?

Thank you for your quick reply.

Greetings

Their response :

Hello,

this type of alert only affects one site, no correspondence with a server or host.

the best is to update your forum. an update on the publisher's site must be available at this level.

you must check your raw logs to identify the attack.

Regards, Gilles

If this is true (they defend their image), well answer 2) is essential as I thought!

[Christophe]

There is also the capacity: "traffic econology: 300 MB and 28 GB of transfer for September"

Candide's question: if there are 50 recurrent speakers, this means 50 people really interested in the current formula and many others interested in passive reading or even summary interest…
How then to explain the disproportion in the survey for the creation of an association "Econology", where there are currently 290 people who have declared themselves resolutely in favor of an amount of 1 to more than 100 € of subscription? ;)

I think that :

1) lots of site visitors just don't come to the forum
2) it is easy to tick a promise to contribute ... but the practice will undoubtedly be much less (I bet on a reality 30 to 50% which already does not hurt: a hundred members for the 1st year)
3) that this attack, if targeted, may be related to this association creation project ... because if we start to legally associate it we will be much more powerful .... "We" therefore seek to demotivate and scare me ... by illegal methods

[Christophe]

Small suggestion: is it not possible to leave the forum on
multiple servers? this will limit this type of problem and
will avoid overloading an unfortunate server which does not request it
not so much. The way I think about it ... how do we do 50 for
saturate a server? there is something I don't get. <_

1) I think it exists for very large forum ( forum-auto.com for example) managed by oracle database for example ... but we are far, very far, from that ...

2) 50 people is nothing for one forum... especially that they are not simultaneous ... because in case of simultaneous presence my accommodation is far from sufficient ... you may have seen that it is saturated at the level of 20 people connected ...

3) ... but given the growth in traffic I am OBLIGED to take a dedicated server for econology ... this will leave us a lot of "margin" (storage: 40 GB , unlimited traffic, and simultaneous requests very possible) But this at a cost: 80 € per month. Hence the presence of the econo self-financing page ... for the moment it does not work too badly: around 2 € per day on average (if I touch the money one day! With the sponsors we are sure of nothing. ..) I put that aside for the dedicated (860 € to pay at once ...)

[Christophe]

"by turning your pages, NORTON informs me of a" download.trojan "coming from your site
a free line in my favorites !!! "


I just received this email (which dates from yesterday evening 23:45 pm) ... someone confirms?

If yes well, the war is not over! Problem: am not armed

[DavidHervé]

If there has been little reaction this is not very surprising
these are technical questions that cannot be easily resolved, and there is still something to understand ...
Then I do not know whether to believe the host when he says that the attack was targeted, it is about his brand image. I do not really see who the site can really disturb, it is not all the same a gathering of technophile warriors: ph34r:
In my opinion we were attacked in a will to recover address for spam, as such it would be interesting to know if the participants of the forum will receive more than usual in the coming weeks
Otherwise Christophe you can always try a new one forum based on other technical specifications, but we are never immune to anything: huh:

Finally, I would like to say that I am an inactive but attentive user, I read a good part of new messages and I thus learn a lot of interesting things even if I still haven't done my Pantone at home. On the other hand I do a little technical support even if it is invisible.

[Rabbit]

If you take an adsl or cable connection with the server at home.
it will be cheaper even if you take a pro connection.
And with a router a single connection to the net will be enough for your use
personal plus that of the server with a pro connection.

To find a cheap pc it doesn't have to be a big deal. Without anything
ask I already received 3 pc PII with screens and all the kit. I already gave some
2 on foot for families as needed.
Question server, there are some free. And these prog are not very
greedy, a PII should suffice.

By the way undertake them regularly throw PCs is enough to inquire.

[Christophe]

Stop talking to me about a waiter at home! This is impracticable given the traffic and bandwidth requests at peak on econo (150 kb / s asked to see more during peak hours, 30 gb transferred and average at 12 kb / s over a month!)

This is the solution to remember if you want to download documents at 2 kb / s ....

So it is out of the question to do this!