Ravens PHP Scripts: Forums
 

 

View next topic
View previous topic
Post new topic   Reply to topic    Ravens PHP Scripts And Web Hosting Forum Index -> Security - PHP Nuke
Author Message
DaveW
New Member
New Member


Joined: Aug 27, 2004
Posts: 4

PostPosted: Fri Aug 27, 2004 9:36 pm Reply with quote

LunarPages webhosting has banned me from using PHP-Nuke.
I was using 7.4 with patches, along with Admin Secure, Protector, and Fortress, and they claimed I caused a DOS attack on their other servers. They have shown no proof of this and have denied acces to my site, files, folders, for over 36 hours now.
Has anyone else had this problem with their webhost(s)?
 
View user's profile Send private message
GeekyGuy
Client


Joined: Jun 03, 2004
Posts: 302
Location: Huber Heights Ohio

PostPosted: Fri Aug 27, 2004 10:11 pm Reply with quote

I was not at all happy with LunarPages, but not over anything like you're talking about. I moved my site to Raven's Webhosting, and have been very happy since.

Although I am still not happy that LunarPages didn't refund any of my money

_________________
"The Daytona 500 is ours! We won it, we won it, we won it!", Dale Earnhardt, February 15th, 1998, Daytona 500 
View user's profile Send private message Send e-mail Visit poster's website Yahoo Messenger MSN Messenger ICQ Number
DaveW
PostPosted: Mon Aug 30, 2004 10:28 am Reply with quote

OK. finally got my files and log from LP.
These are the scripts in question getty, apache, sh, and dig.
They beat and got around Admin Secure, Protector, and Fortress.
I also checked my logs and index.php was defaced, but that was the only file to be disturbed, based on date/time stamp. It was apparently done by using unic.htm and hack.htm and a Coppermine theme named coppercop.
Coppermine was latest version and patched.
Maybe Admin Secure, Protector, and Fortress couldn't have stopped it afterall? Ideas? Something I did or didn't do?
 
Raven
Site Admin/Owner


Joined: Aug 27, 2002
Posts: 17077

PostPosted: Mon Aug 30, 2004 11:31 am Reply with quote

Have you read this news item?
Only registered users can see links on this board! Get registered or login!
 
View user's profile Send private message
GeekyGuy
PostPosted: Mon Aug 30, 2004 11:32 am Reply with quote

*edit* Raven beat me to the punch Smile
DaveW,

Coppermine has had a lot of exploits used against it, see this article Only registered users can see links on this board! Get registered or login!. Raven recommends NOT using Coppermine until it is fixed

From what I understand, none of those protection scripts could have stopped an attack using the un-secured code in Coppermine.
 
DaveW
PostPosted: Mon Aug 30, 2004 3:04 pm Reply with quote

Raven wrote:
Have you read this news item?
Only registered users can see links on this board! Get registered or login!

Missed it and paid the price. Thanks for the info.. Now that Coppermine is gone from my site and eGallery is a no no too, What are the other options when it comes to secure galleries? Suggestions Wink
 
sixonetonoffun
Spouse Contemplates Divorce


Joined: Jan 02, 2003
Posts: 2496

PostPosted: Mon Aug 30, 2004 9:00 pm Reply with quote

I don't want to give them (CPG team) a bad rap here if they have actually fixed this and people who are updating are not completely following the install instructions regarding which files need to be removed.

But I do think it would have be nice if they would put a big advisory in the install text saying remove these or your site is at a high risk to exploitation or something. Clearly we all need some clarification on this.

Even a visit to Only registered users can see links on this board! Get registered or login! doesn't seem to be very enlightening. We can't be the only place hearing about these attacks can we?

_________________
[b][size=5]openSUSE 11.4-x86 | Linux 2.6.37.1-1.2desktop i686 | KDE: 4.6.41>=4.7 | XFCE 4.8 | AMD Athlon(tm) XP 3000+ | MSI K7N2 Delta-L | 3GB Black Diamond DDR
| GeForce 6200@433Mhz 512MB | Xorg 1.9.3 | NVIDIA 270.30[/size:2b8 
View user's profile Send private message
DaveW
PostPosted: Sun Sep 05, 2004 7:19 pm Reply with quote

sixonetonoffun wrote:
I don't want to give them (CPG team) a bad rap here if they have actually fixed this and people who are updating are not completely following the install instructions regarding which files need to be removed.

But I do think it would have be nice if they would put a big advisory in the install text saying remove these or your site is at a high risk to exploitation or something. Clearly we all need some clarification on this.

Even a visit to Only registered users can see links on this board! Get registered or login! doesn't seem to be very enlightening. We can't be the only place hearing about these attacks can we?

Doesn't really matter at this point - LunarPages blames PHP-Nuke along with Admin Secure, Protector, and Fortress of being "script kiddy" software and Coppermine for being the major problem, in regards to their servers being involved in DOS attacks (I think they meant DDOS - duh!) because I used them all on my site.
LunarPages webhosting is the one blaming Coppermine for the DOS attack and suspended my account over. I suspect they purely don't like users of IPB and PHP-Nuke, but can't prove it. They cancel accounts, because they can, I guess Twisted Evil
Anyway, I have switched hosts and don't use PHP-Nuke or Coppermine.
I have switched to Xoops.
 
Panthera
Hangin' Around


Joined: May 16, 2004
Posts: 28
Location: Northern California, USA

PostPosted: Sat Sep 18, 2004 11:35 pm Reply with quote

sixonetonoffun wrote:
Even a visit to Only registered users can see links on this board! Get registered or login! doesn't seem to be very enlightening. We can't be the only place hearing about these attacks can we?


I, too, had my LunarPages account suspended twice due to hacks. LP is not known for good support. But, since I am keeping my Sentinal and PHPNuke current, I'm not having trouble with LP any more.

However, the Only registered users can see links on this board! Get registered or login! site is gone. And, Coppermine as a module is NO LONGER being supported. They are focusing strictly on the stand alone version. They blame it on the "buggy phpnuke" platform.

So, here we are, up the stream without a paddle,
Panthera
 
View user's profile Send private message Yahoo Messenger
Display posts from previous:       
Post new topic   Reply to topic    Ravens PHP Scripts And Web Hosting Forum Index -> Security - PHP Nuke

View next topic
View previous topic
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
You can attach files in this forum
You can download files in this forum


Powered by phpBB © 2001-2007 phpBB Group
All times are GMT - 6 Hours
 
Forums ©