|
Joined: Nov 2001
Posts: 1,080
Member
|
Member
Joined: Nov 2001
Posts: 1,080 |
About less then an hour ago (4:45am PST) one of my members messaged me telling me the board was down. Now recently we've been having ISP problems so I immediately thought that was causing the down time again. Hmm...I'm not sure now. Reason:
My site loads up fine and the test boards load fine as well. Only the (public) board doesn't load. Basically it doesn't even give an error message, it just stays in limbo (as if something is blocking the loading process). The loadbar just stopped midway. I didn't mess with any of the .cgi files which would have been a possible cause.
My question (without jumping to conclusions): Could the board have been hacked?
|
|
|
|
Joined: Mar 2002
Posts: 45
Member
|
Member
Joined: Mar 2002
Posts: 45 |
yes, hacked by your isp who has somehow screwed up the .cgi mappings in that dir, or overloaded that dir, or they can't handle the traffic u get to it
to test theory to opening some graphics, i.e. noncgi/smile.gif
if they dont work then ur isp has seriously stuffed things up
and if ur hacked your page WILL load up, but it'll say:
"el33t h4x0rs, d@ l33t kr3w w4$ h3r3 & w3 ***0r3d j00"
it wont just load forever:)
|
|
|
|
Joined: Nov 2001
Posts: 1,080
Member
|
Member
Joined: Nov 2001
Posts: 1,080 |
Thks lok for replying.
I did test the images and they do load. The testing boards that are on the same server loads as well...Only my public board doesn't.
I was also thinking about an overload as well but at that time I don't think that was the case here...But I can't say for certain. Our connection is not shared.
I'm curious now if I were to move the folder and reset the permissions as well as remap the paths to the new location if the board will then work? I'm not on the server side so I'll have to contact my partner/friend who does this in Cali.
|
|
|
|
Joined: Mar 2002
Posts: 45
Member
|
Member
Joined: Mar 2002
Posts: 45 |
i had a very similiar thing happen to me when i ran ubb on WebSiteProfessional from DeerField, no idea what happened, just stopped working after a few days so i gave up on the web server
try renaming the .cgi files to .cgi.txt and see if the open (obviously only for a quick test do this:))
if they do its obviously somethin with the load and the sever just can't handle ur scripts being so popular and has crashed for a while, maybe give it a restart or, infact, make a few test cgi scripts eg
!#blah blah
print "hi"
see if that works if they do, then hmmm, if they dont, then good (in a way), just restart and maybe it'll work;)?
|
|
|
|
Joined: Mar 2002
Posts: 45
Member
|
Member
Joined: Mar 2002
Posts: 45 |
|
|
|
|
Joined: Nov 2001
Posts: 1,080
Member
|
Member
Joined: Nov 2001
Posts: 1,080 |
K...I'll try what you suggested...Better yet I'll ask my friend to cause he'll understand a lot more about this then I will.
Possibility: I checked the paths (clean) and I've been checking the .cgi files (so far clean). Since UBB seems untouched I'm wondering if the server itself was messed with. Every other file works except that and I don't think anyone knows our (exact) root directory for the UBB.
If this is the case then, because we do know of server vulnerabilities, the server could have been attacked. Recently we've been getting threats on our site, UBB and server. I'm going to try to contact my friend now and see if the server was touched.
|
|
|
|
Joined: Nov 2001
Posts: 1,080
Member
|
Member
Joined: Nov 2001
Posts: 1,080 |
BTW...Your smilie did show.
|
|
|
|
Joined: Mar 2002
Posts: 45
Member
|
Member
Joined: Mar 2002
Posts: 45 |
hmm:) yeah, thats why i edited it, looked a little silly:)
|
|
|
|
Joined: Nov 2001
Posts: 1,080
Member
|
Member
Joined: Nov 2001
Posts: 1,080 |
Update: It's about 3:30pm (PST) and now the site is down. I still didn't get in contact with my friend who does the server side. Several members however, was able to ping the server (which) they say it's up...And now think that only the IIS (if anything) has been attacked. Until I get in contact with my friend we still don't know what went wrong. We do have a security specialist on the team but he too is not available. I'm just keeping whoever is interested up to date and thks lok for your time thus far.
|
|
|
|
Joined: Mar 2002
Posts: 45
Member
|
Member
Joined: Mar 2002
Posts: 45 |
well like i said before, u wouldn't have been hacked did you try making some test scripts? try opening any of the other .cgi files, i.e. just http:/beep/members/0000001.cgi (if that is availble) does it load? give an error about it not executing? try, copying the directory, and accessing that http://beep/temp/ultimate.cgi try re-naming it http://beep/utlimate.cgi.txt what seems to have happened (depending on the outcomes of above) is that someone has changed the settings in one of your folders so that .cgi possibly doesn't have some sort of access, or something weird... so definately the directory one is a good one to try. if that doesn't work, and re-naming does work, i'd try replacing ultimate.cgi cause that doesn't have anything stored in it anyway...
|
|
|
|
Joined: Nov 2001
Posts: 1,080
Member
|
Member
Joined: Nov 2001
Posts: 1,080 |
Thks lok. I can't go into the server atm cause I access it via FrontPage and the site is down now. I was thinking about moving the directory and trying that but I don't have access atm either. I didn't get a chance to renaming the files either...But we'll try that. Also I did replace the ultimatebb.cgi with backups, the original and some modified with no luck. If someone did change the settings it would only be my friend or myself. I didn't do it and I know my friend won't either. The site is down but just the events are suspicious: 1. First UBB. But my testing UBB boards and site were functional. 2. After several hours the site is now completely down and all 3 domains (.com, .net and .org) are not working. The server however pings as I was told. Anyway I really appreciate your help lok. I'll try (remaining) suggestions when I get the chance.
|
|
|
|
Joined: Nov 2001
Posts: 1,080
Member
|
Member
Joined: Nov 2001
Posts: 1,080 |
Well we rebooted the server and DSL line and it is now up. We still not sure but checking things now. Anyway, thks lok again for your help.
|
|
|
Donate to UBBDev today to help aid in Operational, Server and Script Maintenance, and Development costs.
Please also see our parent organization VNC Web Services if you're in the need of a new UBB.threads Install or Upgrade, Site/Server Migrations, or Security and Coding Services.
|
|
Posts: 70
Joined: January 2007
|
|
Forums63
Topics37,573
Posts293,925
Members13,849
|
Most Online5,166 Sep 15th, 2019
|
|
Currently Online
Topics Created
Posts Made
Users Online
Birthdays
|
|
|
|