|
|
Joined: Dec 2006
Posts: 7
stranger
|
stranger
Joined: Dec 2006
Posts: 7 |
Hi - wonder if someone can perhaps clear up how it was most likely someone managed to create a directory and subsequent URL etc on our messageboard.
It appeared in the directory /cron/ directory.
HTML markup was enabled and I am assuming this is the most likely way they acheived this malicous posting. Would this be correct as the easiest/only way in for them via UBB Threads?
Is their anything else I can do to protect the board and run checks to look for malicious content?
Any help is much appreciated.
thanks
|
|
|
|
Joined: Jun 2006
Posts: 9,242 Likes: 1
Former Developer
|
Former Developer
Joined: Jun 2006
Posts: 9,242 Likes: 1 |
What version are you currently running? HTML enabled for users is generally a bad idea as it allows them to post things like javascript, however if you are running an earlier version it could have been one of the security issues that were patched up.
Running checks for malicious content, you'd probably want to look through each directory, if you go in by FTP you can order the file list by modification date so you can see what has been recently uploaded or changed.
|
|
|
|
Joined: Dec 2006
Posts: 7
stranger
|
stranger
Joined: Dec 2006
Posts: 7 |
Hello Rick - I am running 6.5.2
I now realise that HTML is a bad idea - I have to wonder if it is such a security risk why it was allowed at all as an option?
I have disabled html and will check directories regularly.
thanks for your help
Jeff
|
|
|
|
Joined: Jun 2006
Posts: 9,242 Likes: 1
Former Developer
|
Former Developer
Joined: Jun 2006
Posts: 9,242 Likes: 1 |
If you can't upgrade to version 7 at the moment, I would recommend upgrading to 6.5.5 at the very least. 6.5.2 had a few exploits available that may have been used.
As for the HTML option. Since you can enable it on a per forum basis, some will do this for their admin/mod forums or on an intranet type site where all users are trusted.
|
|
|
|
Joined: Dec 2006
Posts: 7
stranger
|
stranger
Joined: Dec 2006
Posts: 7 |
Hi Rick
How can I tell if I am eligible for a free upgrade?
|
|
|
|
Joined: Jun 2006
Posts: 9,242 Likes: 1
Former Developer
|
Former Developer
Joined: Jun 2006
Posts: 9,242 Likes: 1 |
If your members area access is current, then you'll be able to download the latest version. Basically if you have your license # and password then you can try logging into the members area
|
|
|
|
Joined: Dec 2006
Posts: 7
stranger
|
stranger
Joined: Dec 2006
Posts: 7 |
Thanks - I can download the new version 7.02
Question, if I may? What will happen to all the posts in my current version (6.5.2)?
Do I need to download the importer "From UBB.threads 6.5.x" and will this do the job well?
Their seems to be a note beneath that says:
Older Versions: 6.5.5 Note: Support for this version is limited, with the release of version 7.0. We provide this for upgrade purposes only.
|
|
|
|
Joined: Jun 2006
Posts: 9,242 Likes: 1
Former Developer
|
Former Developer
Joined: Jun 2006
Posts: 9,242 Likes: 1 |
You'll want to follow these instructions. Basically, you'd need to install version 7, and then you download the importer and you import all of your data into version 7. So all of your posts, users, etc. will be imported into the new version.
|
|
|
|
Joined: Dec 2006
Posts: 7
stranger
|
stranger
Joined: Dec 2006
Posts: 7 |
Hi again
I have found these files in my cron/ directory - I am assuming these are not part of the regular install of UBB Threads? Can anyone confirm this please?
bot.txt jz.php mx.zip coco.php
|
|
|
|
Joined: Jun 2006
Posts: 9,242 Likes: 1
Former Developer
|
Former Developer
Joined: Jun 2006
Posts: 9,242 Likes: 1 |
No, those are definitely not part of the threads installation.
|
|
|
|
Joined: Dec 2003
Posts: 1,796
Pooh-Bah
|
Pooh-Bah
Joined: Dec 2003
Posts: 1,796 |
Which means you'll need to check the other folders in your install for files that shouldn't be there.
If it were me I'd make a backup copy of my includes folder and delete the whole set of folders in your forum install (your data in your database will be safe). Those files could be anywhere in your site's folders.
|
|
|
|
Joined: Dec 2006
Posts: 7
stranger
|
stranger
Joined: Dec 2006
Posts: 7 |
Deleted already - as soon as my tech guy appears it will be an install of 7.0.2.
Is this good in terms of security? I seem to attract attacks to our boards :-(
|
|
|
|
Joined: Dec 2003
Posts: 1,796
Pooh-Bah
|
Pooh-Bah
Joined: Dec 2003
Posts: 1,796 |
There are no known security exploits in threads 7.0.2
|
|
|
|
Joined: Dec 2006
Posts: 7
stranger
|
stranger
Joined: Dec 2006
Posts: 7 |
|
|
|
Bots
by Outdoorking - 04/13/2024 5:08 PM
|
|
|
|
|
|
1 members (Geoff),
1,018
guests, and
215
robots. |
Key:
Admin,
Global Mod,
Mod
|
|
|
|
|