Reply
 
Thread Tools Search this Thread Display Modes
 
Old 11-20-2009, 12:18 AM   #1
Site Team
 
Janet H's Avatar

 
1964 26' Overlander
1964 19' Globetrotter
Eastern , Washington
Join Date: Aug 2003
Posts: 11,867
Images: 90
We're back - unexpected forums outage

An exploit in our software was taken advantage of by some hackers who linked to a malicious site. It appears there was a little over 4 hours between the time it happened and the time we took the servers offline Thursday.

In an effort to minimize damage to the board we opted to shut everything down while we investigated the issue and formulated a game plan. Our team (server admins, programmers, and software vendors) coordinated and developed a plan to remove the malicious files and secure the servers. We believe that forum members should not have any system issues associated with this so long they didn't visit the malicious site AND install anything.

While the service interruption was unfortunate, it was important to us to make sure this issue was fully addressed before returning to business as usual. Protecting our community from this kind of intrusion is paramount and we'll post more info here as it becomes available. It's possible that we may need to continue tweak the forum setup and if so, we may have another service interruption.

We thank you for understanding
__________________
1964 Overlander | '08 Touareg V6
Current Project: 1964 Globetrotter

.
Let's have a polishing party: I'll supply the trailer and buffing supplies. BYOB (bring your own buffer)

AirForums Custom Search
Janet H is offline   Reply With Quote
Old 11-20-2009, 12:30 AM   #2
4 Rivet Member
 
wolverine's Avatar
 
2005 31' Classic
Sunrise Beach , Missouri
Join Date: Jun 2007
Posts: 251
Congratulations on your quick response in dealing with this problem. Tried to log on earlier this evening and got your message on the alternate page of what had happened. We're glad you caught it in time before further problems were created. Thanks.
__________________
wolverine is offline   Reply With Quote
Old 11-20-2009, 01:18 AM   #3
2 Rivet Member
 
Currently Looking...
Hephzibah , Georgia
Join Date: Nov 2009
Posts: 43
This begs the question:

If a hacker is clubbed in the forest, will anybody care?
__________________
nti06 is offline   Reply With Quote
Old 11-20-2009, 01:40 AM   #4
2 Rivet Member
 
2007 27' Safari FB SE
redmond , Oregon
Join Date: Dec 2007
Posts: 68
club away!! no I don't care!
__________________
rashton is offline   Reply With Quote
Old 11-20-2009, 01:43 AM   #5
_
 
. , .
Join Date: Dec 2004
Posts: 8,812
and for now were back!

good job!

from scanning the issue...

apparently this has been happening to social network sites for several weeks...

and especially to communities using vbulletin, specifically IF using the search engine optimizer ???

looks like we are at version 3.3.0

and 3.3.2 was released recently to deal with some of these issues and venerability?

i have very little understanding of this but wonder if THIS thread is relevant???

vBSEO Security Bulletin - vBSEO 3.3.2 Released - vBulletin SEO Forums

and i found this quote on another forum related to the issue yesterday...

""One of the most popular plugins that tons of forums run (VBSEO) has been compromised, and many forums will be having errors about Centiyo, such as "Visiting This Site May Harm Your Computer". It's caused by VBSEO.

Disable, then update VBSEO. Then if you're a webmaster, go into your Vbulletin templates and remove any code about it from the HEADER part of your template, on ALL styles. Search your templates for "Centiyo".""



cheers
2air'
__________________
all of the true things that i am about to tell you are shameless lies. l.b.j.

we are here on earth to fart around. don't let anybody tell you any different. k.v.
2airishuman is offline   Reply With Quote
Old 11-20-2009, 02:32 AM   #6
Restorations done right
Commercial Member
 
Frank's Trailer Works's Avatar
 
1962 26' Overlander
1961 26' Overlander
Vintage Kin Owner
Currently Looking...
Baltimore , Maryland
Join Date: Aug 2007
Posts: 5,547
Images: 2
Stupid question... what is a "malicious site"?
Frank's Trailer Works is offline   Reply With Quote
Old 11-20-2009, 04:25 AM   #7
Rivet Master
 
65CV's Avatar
 
1959 26' Overlander
Western , Massachusetts
Join Date: Sep 2005
Posts: 1,352
Images: 6
a follow-up

... and a followup to Frank's question:

What effect, if any, did the security breach have on members who accessed the site during the time the malicious code was in place? Any links?

I read the thread provided by 2air, but it was aimed at board admins, not users. Hopefully that's the only compromise.
__________________
65CV is offline   Reply With Quote
Old 11-20-2009, 04:49 AM   #8
Silver Mist
 
LI Pets's Avatar
 
1977 31' Sovereign
Riverhead , New York
Join Date: Aug 2006
Posts: 3,008
Images: 28
Hey guys I run several forums with vBseo, they sent a notice out around Oct 27.

I guess you missed it!

I assume you do daily backups correct
__________________
Bob
'77 Sovereign Intl 31' CB
WBCCI R2 Rep VAC 11411 Metro NY VP

LI Pets is offline   Reply With Quote
Old 11-20-2009, 04:53 AM   #9
Rivet Master
 
Gene's Avatar
 
2008 25' Safari FB SE
Grand Junction , Colorado
Join Date: Sep 2007
Posts: 10,814
Thanks for acting quickly. This stuff goes on all the time across the internet

My knowledge of this stuff is purposely minimal. but I think a malicious site would be one that downloads a program or application on your computer to get personal and/or financial info and exploit it. It enables them to take over your computer remotely. It is similar in intent to those phony e-mails that claim your bank needs to update your personal info. Very few people take the bait on those e-mails,k but the cost to the bad guy is so low, it's a money maker. I think a malicious site would be more technically complicated and more of a challenge for the bad guy techie, but could pay off pretty well because you may not know it's happening. Another kind use if they can take oivere your computer is to link many computers to send spam using your address book, or to spread the malicious program thru using your address book. Some bad guys use this to spread just do it for their version of fun to take down websites, screw up computers and cause general havoc.

Gene
__________________
Gene is offline   Reply With Quote
Old 11-20-2009, 05:13 AM   #10
3 Rivet Member

 
1963 24' Tradewind
Cape Coral , Florida
Join Date: Dec 2008
Posts: 197
A hearty thank-you to the forum administrators. I'm sure it involved a lot of work in a stressful circumstance.
__________________
dieseleagle is offline   Reply With Quote
Old 11-20-2009, 05:22 AM   #11
Rivet Master
 
Wayne&Sam's Avatar
 
2014 25' Flying Cloud
Cuddebackville , New York
Join Date: May 2007
Posts: 2,636
Images: 21
Yup, thanks folks. It's good to have the forum back.
__________________
Wayne&Sam is offline   Reply With Quote
Old 11-20-2009, 05:32 AM   #12
Out in left field......
 
Jim & Susan's Avatar

 
1973 27' Overlander
Solidarite , Georgia
Join Date: Oct 2004
Posts: 5,234
Images: 39
Quote:
Originally Posted by nti06 View Post
This begs the question:

If a hacker is clubbed in the forest, will anybody care?
A large caliber device would be more efficient.

Good job Andy, Janet, et al. Thanks for getting us back on line quickly.

Jim
__________________
www.nesa.org

Air No. 6427
Jim & Susan is offline   Reply With Quote
Old 11-20-2009, 05:39 AM   #13
Site Team
 
Lily&Me's Avatar

 
2006 22' Interstate
Normal , Illinois
Join Date: Jan 2009
Posts: 10,431
Good job! Comforting to know you're on it when these kinds of things happen.
__________________
🏡 🚐 Cherish and appreciate those you love. This moment could be your last.🌹🐚❤️
Lily&Me is offline   Reply With Quote
Old 11-20-2009, 05:53 AM   #14
Rivet Master
 
richinny's Avatar
 
2011 34' Classic
Westchester Cty.NY , / Miami FL
Join Date: Jul 2007
Posts: 3,122
bravo to the staff. i did get to bed early last night due to the outage, lol.
__________________
Ricky
2012 F150 Super Crew 5-1/2' bed Ecoboost 4x4 3.73 elec. lock diff. Propride hitch
give life. kidney & pancreas transplant 9/9/06
Ingrid-my unofficial '"World's Oldest Streamer" 1909-2008 R.I.P.
richinny is offline   Reply With Quote
Reply


Currently Active Users Viewing This Thread: 1 (0 members and 1 guests)
 
Thread Tools Search this Thread
Search this Thread:

Advanced Search
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Trackbacks are Off
Pingbacks are Off
Refbacks are Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
Unexpected opportunity? Hawkeye5 All Argosy Trailers 17 04-06-2008 07:55 PM
AIR is back from unexpected holiday break! Janet H Forum Admin, News and Member Account Info 11 12-26-2007 08:18 PM
Odd back-to-back eBay auctions .... summerkid Trailer Values 5 09-12-2005 12:34 PM
MH Sub-Forums? ViewRVs Airstream Motorhome Forums 10 09-27-2003 08:30 AM
Too many forums?? darkStar Our Community 9 08-17-2003 11:37 AM


Virginia Campgrounds

Reviews provided by



Our Communities

Our communities encompass many different hobbies and interests, but each one is built on friendly, intelligent membership.

» More about our Communities

Automotive Communities

Our Automotive communities encompass many different makes and models. From U.S. domestics to European Saloons.

» More about our Automotive Communities

Marine Communities

Our Marine websites focus on Cruising and Sailing Vessels, including forums and the largest cruising Wiki project on the web today.

» More about our Marine Communities


Copyright 2002-2015 Social Knowledge, LLC All Rights Reserved.

All times are GMT -6. The time now is 08:02 PM.


Powered by vBulletin® Version 3.8.8 Beta 1
Copyright ©2000 - 2016, Jelsoft Enterprises Ltd.

Airstream is a registered trademark of Airstream Inc. All rights reserved. Airstream trademark used under license to Social Knowledge LLC.