Core Decision site got hacked again
Posted: Tue Aug 23, 2005 6:36 pm
Can't access their forum threads.
They're supposed to be coming out with an update soon, too.
They're supposed to be coming out with an update soon, too.
Page 1 of 1
Posted: Tue Aug 23, 2005 6:56 pm
You can still access the site. But you'll need to hit the stop button before jumps to the next page.
Posted: Tue Aug 23, 2005 7:08 pm
Heh, again? Tell them to fire whoever is in charge of their internet security. 
Posted: Tue Aug 23, 2005 7:38 pm
It works for me with Firefox.
Posted: Tue Aug 23, 2005 8:37 pm
agreed......Krom wrote:Heh, again? Tell them to fire whoever is in charge of their internet security.
Posted: Tue Aug 23, 2005 11:53 pm
man that's crap.
I can have that fixed in about five minutes.
I can have that fixed in about five minutes.
Posted: Wed Aug 24, 2005 8:55 am
The thing about this that always gets me is that people want more features and more content on the Core Decision Portal but yet they hack the site and cost us time fixing it.
Either way that hack was weak.
Thank You,
Zachary Briggs, Executive Producer
HighOctane Software
(866)328-1886
Either way that hack was weak.
Thank You,
Zachary Briggs, Executive Producer
HighOctane Software
(866)328-1886
Posted: Wed Aug 24, 2005 9:13 am
There. Site should be back up. I just love waking up and walking and then having the first thing I hear be, Core Decision got hacked again.
We are also gonna do some upgrades to the site so bear with us on this.
Zach
We are also gonna do some upgrades to the site so bear with us on this.
Zach
Posted: Wed Aug 24, 2005 10:58 am
I don't think the people who want more content are the ones who did the hacking.zbriggs wrote:The thing about this that always gets me is that people want more features and more content on the Core Decision Portal but yet they hack the site and cost us time fixing it.
Hope the project is progressing well, Zach.
Posted: Wed Aug 24, 2005 11:35 am
Except for these minor delays not too bad.
Zach
Zach
Posted: Wed Aug 24, 2005 12:08 pm
OK. We are gonna go ahead and keep the main part of the site down for the next few hours while we make some changes.
If you have any questions or concerns please feel free to give us a call at (866)328-1886.
Thank You,
Zachary Briggs, Executive Producer
HighOctane Software
(866)328-1886
If you have any questions or concerns please feel free to give us a call at (866)328-1886.
Thank You,
Zachary Briggs, Executive Producer
HighOctane Software
(866)328-1886
Posted: Wed Aug 24, 2005 12:19 pm
Zbriggs, whats your prognostcation as to when we can start beta testing?
Posted: Wed Aug 24, 2005 12:23 pm
Hopefully Decemeber or January but don't hold me to that.
Zach
Zach
Posted: Wed Aug 24, 2005 3:49 pm
OK. The main site is back up but we are still working the forums over.
Zach
Zach
Posted: Thu Aug 25, 2005 4:46 pm
OK. We have something wierd going on here. When we upgraded the portal it lost the link between the forum's php code and the directories and databases. Anyone have any thoughts on this? They are still there.
Zach
Zach
Posted: Thu Aug 25, 2005 4:49 pm
You do have a backup don't you? Doesn't everyone backup their stuff?
RC
RC
Posted: Thu Aug 25, 2005 5:49 pm
Yeah. But that is a work around. The problem is that we are trying to upgrade the php code for security reasons.
Zach
Zach
Posted: Thu Aug 25, 2005 7:50 pm
What version did you have and what version are you going to?zbriggs wrote:Yeah. But that is a work around. The problem is that we are trying to upgrade the php code for security reasons.
Zach
RC
Posted: Thu Aug 25, 2005 11:45 pm
We were using v6.8, and we went to v7.6.
Posted: Fri Aug 26, 2005 8:28 am
We're getting closer. We got the forum theme back and for some people the threads are showing again.
Zach
Zach
Posted: Fri Aug 26, 2005 8:35 am
Forums now look normal to me.
Posted: Fri Aug 26, 2005 9:54 am
We have determined that the problem seems to occur with FireFox users.
Posted: Fri Aug 26, 2005 10:24 am
OK. We seem to have resolved the issue. If you use FireFox you may need to dump you cache.
Zach
Zach
Posted: Sat Aug 27, 2005 12:00 pm
You know there's a flavor of PHP Nuke that comes with all of the security enhancements and plugins. Just plop to your ftp and go.
Posted: Sat Aug 27, 2005 6:48 pm
Here's the link:
http://www.nukefixes.com/
Edit: Some disturbing stuff: Link.
If you dont want the site hacked again then get the Sentenel security add-on or revert to Postnuke (translation scripts avaiable to go PHPNUke to Postnuke). PHPNuke is prone to all sorts of security flaws unless you have a security add-on since the author does not bother to fix them.
http://www.nukefixes.com/
Edit: Some disturbing stuff: Link.
If you dont want the site hacked again then get the Sentenel security add-on or revert to Postnuke (translation scripts avaiable to go PHPNUke to Postnuke). PHPNuke is prone to all sorts of security flaws unless you have a security add-on since the author does not bother to fix them.
Posted: Sat Aug 27, 2005 9:32 pm
Actually we just added the sentinel. We don't keep anything on that server that we care about. We don't even keep the database on the server. All the user information is encrypted. I know what you are saying though. We have a custom system we are going to be uploading soon. As we get closer to launch people are going to be hacking the site more.
Zach
Zach
Posted: Sat Aug 27, 2005 10:54 pm
I didn't see the result of the hack, so I don't know... Most hacks are just bots that exploit a hole in some common software. Bots usually use search engines to find a site to hack, therefore removing software 'signatures' (like software name and version) is a good idea in addition to adding a no-index header to the html.
Posted: Sun Aug 28, 2005 8:59 am
They attached a hitchhiker in the footer is all they did. It was pretty weak.
Posted: Sun Aug 28, 2005 9:45 am
I had my forums hacked awhile back, and they did the exact same thing to me. I just updated my bb software and that fixed that particular hole.