BBS security

Posted by: Alan

BBS security - 11/09/2002 16:30

The mp3car.com board took a hit and has been down for over 4 days, I hope the board administrators have taken the necessary precautions to avoid a similiar thing from happening here.

Alan
Posted by: tfabris

Re: BBS security - 11/09/2002 17:34

Can you elaborate on the exploit that caused the problem at the other BBS? Was that BBS running the same software as this BBS does?
Posted by: tfabris

Re: BBS security - 11/09/2002 17:37

Hmm, seems as though their BBS was running a different BBS software, but it was based on PHP as this one is. It would be nice to know if it was a PHP exploit or an exploit in their vBulletin software.
Posted by: Alan

Re: BBS security - 11/09/2002 17:46

I'm not sure what bbs software they were using, I can only guess the hacker cracked an administrators password. Most likely they deleted files, they mass emailed the users before they left the server.
Posted by: tfabris

Re: BBS security - 12/09/2002 04:08

I'm not sure what bbs software they were using

It was vBulletin.

I can only guess the hacker cracked an administrators password.

Some exploits don't require password-cracking to gain root privileges. In fact, most hackers don't even bother cracking passwords until after they've already gotten root privileges via another exploit. After that, they grab all the password files on the system.