Printable Version of Topic

Click here to view this topic in its original format

F-Body Road Racing and Autocross Forums _ General Discussion _ Hosting and board issues/problems/upgrades

Posted by: trackbird Nov 26 2019, 02:09 PM

Are there any computer programmers or message board guys in the house? I’m getting notifications from the hosting provider saying they are seeing potentially malicious script files on the server. They appear to be standard board files. I don’t know if they have moved away from the design of this board, or if there are other issues. However, they are threatening to shut the board down for “safety”.

I checked with IPS about getting the latest update done (it used to cost like $25 and they would do the update). They advised me that I’d have to upgrade to a version in the 3.x.x range and then upgrade to the new “community” version. The license is $200 and the labor is $625. I don’t believe I’m good enough to do this upgrade without possibly losing the database. I also don’t want the board shut down. So, I’m looking for options.

One other option would be to change to different software. I discussed that ten years ago but I don’t know if there’s anything out there that will migrate from this old version of the software and it has to be stable and worth using.

So, I’m open to ideas (or possibly donations).

Any thoughts?

Posted by: CrashTestDummy Nov 26 2019, 06:28 PM

Can they provide examples of their 'malicious' files? Are they going by contents, or just file names? We see that a lot in output from customer pen testing by 3rd parties. They'll say file-name-version-3 has some vulnerability, whereas they found version 3, where their pen testing software was looking for version 4 and the vendor says version 2 onward does not have that vulnerability. Specifics help.

I can't offer much else, but if you need donations to update to a more-robust version, count me IN!

Posted by: trackbird Nov 26 2019, 07:34 PM

They sent me a list of files. They look like board files to me. Just .php script files. I’m thinking the new versions must work differently and now those look like a problem. I replied to my ticket with incision (IPS) to get their input.

Posted by: GCrites80s Nov 27 2019, 02:17 AM

Oh that's like when the credit card companies make us scan our computers at work to make sure we aren't keeping people's credit card numbers on file unencrypted. There will be URLs stored on them with 16+ digits in them and they'll be like "See, you're storing credit card info!" No.

Also, I was like "Huh, IPS is back in business?" without realizing it was the wrong IPS.

Posted by: trackbird Nov 27 2019, 03:22 AM

Yea. I'm a little torn. I've planned to keep this running for years. I'm not sure how to deal with the upgrade and I'm not totally in love with the $825 upgrade cost. I keep thinking there has to be another option. I'm just not sure what.

Posted by: trackbird Dec 1 2019, 02:36 PM

I'm working on cleaning up the files from the server today. This may be an all day job, there's a lot of stuff that was flagged. if we go offline, I'll do my best to get it back up ASAP.

Thanks!

Posted by: trackbird Dec 1 2019, 03:18 PM

Also, if you find anything not working, send me an email at trackbird (at) gmail dot com.

Some of these files are buried in the old monthly post archives and I don't want to find out we lost all the posts from july of 2007 or something.

Posted by: trackbird Dec 1 2019, 06:24 PM

I think I'm done for now. It looks like the compromised files were from October of 2010. So, they've been here a while. But I think I have it all cleaned up for now. Let me know if you have any board issues.

Posted by: ar52kortlang Dec 1 2019, 10:58 PM

Great work! Thank you

Posted by: GCrites80s Dec 2 2019, 01:24 AM

Awesome! Thank you!

Posted by: CrashTestDummy Dec 2 2019, 01:59 PM

2010, wow!

Thank you for the housekeeping so the list stays on line!!

Posted by: Hardrvin Dec 3 2019, 09:24 PM

Thanks!!!

Posted by: trackbird Dec 4 2019, 12:30 AM

QUOTE (CrashTestDummy @ Dec 2 2019, 08:59 AM) *
2010, wow!

Thank you for the housekeeping so the list stays on line!!


Yea. I didn't know that anything was added and it took this long for a scan to turn it up. Once we go a week or so and see that things are working and all the old thread history is there, I'll go delete all the files I renamed (I changed the extension to keep them from running). I don't really want to see this place shut down now, we've made it this far. wink.gif

Posted by: Shortcutsleeping Dec 16 2019, 05:00 PM

Thanks Kevin!!!

Costas
cars and such...

Powered by Invision Power Board (http://www.invisionboard.com)
© Invision Power Services (http://www.invisionpower.com)