Steel Soldiers emails and site issues

[135gmc]

Thanks for all your hard work - we appreciate it. Without you, Steelsoldiers wouldn't exist

 

[danbrew]

meh, it happens. great advice in the thread about not using your forum password for any financial sites, though. without starting a political discussion, "free speech" does not exist on a forum. the only entity that must not infringe upon free speech is the government.

 

[danbrew]

I look at this as a sign of things to come. Please deactivate my membership and delete my user name and e-mail address from your files immediately!

lol. really?

 

[Tennessee Colonel]

Yes, Really! and it is NO laughing matter!

 

[jasted75]

You can delete my account as well. I agree with most of what the hackers said.

 

[052]

Thanks for taking care of the issue as quickly as you did. Good advise from all ref passwords for other accounts.
Thanks for all of the hard work that you and others do to make this the great site that it is.

 

[kastein]

Sorry the hacking caused you the grief. I was amused by the emails and the redirect, you should be flattered SS.com was interesting enough to outsiders to be a target.

I really doubt they found us manually. An awful lot of hackers, especially ones looking to make money or spread their thoughts, will find a vulnerable software package (like the add-on module that was exploited in this case) and then search the web using automated tools to find as many installations of that software as they can, then try to exploit them all.

As for their message... I somewhat agree on the free speech thing, but this forum is not run the government, it is run by the owners. Therefore it is private property and the law of the land is "we run this how we want, if you don't like it, leave." I don't feel strongly enough about having to make political statements here that I will simply stay around and do my political yapping elsewhere.

I already deleted the emails (oops, was running low on space in my email account) otherwise I'd go back and read them again, but I knew it was a hack within a few seconds and didn't really read the rest very carefully as a result.

Patracy, if you haven't done so already, now would be a really good time to take a close look at all the other modules and packages installed on the server and make sure everything is up to date... along with running a full backup. I know I would be doing that if I was in this position. Also of course check to see if they left behind a backdoor or added any new admin accounts or anything.

 

[sandcobra164]

If they allowed political views expressed freely on here, we'd dissolve into different factions pretty quickly rather than simply discussing trucks of many makes and models. The site is geared towards old military trucks, nothing more, nothing less. What happened today, just turn a blind eye towards it as it will probably happen again with all the tech savvy hackers that like to start mess. For us folks that don't know any better about computer code and what not, let's just hope the site admin's stay on top of that mess and keep the hackers out. I want my account to stay just like it is. For those that want their account deleted, more power to ya, I learned alot on this site as a "lurker" while registration was disabled a few years ago. I even bought my first Deuce during that time period and learned alot about it while waiting to go recover it.

 

[ARYankee]

No big deal. I was so busy today that I couldn't get my fix until now. This stuff happens because there are some really dedicated folks out there with nothing else better to do than hack. At least we are back up and running. You are doing a great job!!!!

 

[Beerslayer]

Also of course check to see if they left behind a backdoor or added any new admin accounts or anything.

Or added a few fake noobs with backdated join dates. Just for fun of course.

 

[pwrwagonfire]

Thank you for the time you spent correcting the problem!

 

[Westex]

I wish my government IT guy was this fast.

 

[kastein]

Or added a few fake noobs with backdated join dates. Just for fun of course.

This is a pretty good idea.

the easiest way to find these would be to do something like this (I don't know the db schema for the users table, so bear with me):
SELECT username FROM userslist ORDER BY userid DESC;
SELECT username FROM userslist ORDER BY joindate DESC;

dump each to a text file. Compare results using 'diff', if any users appear in different spots in each list, scrutinize their account permissions and other information carefully. Almost all "regular" users should be in the same order in each record produced, any user that is in a different spot in each list has probably had their join date or userid set manually. This assumes that joindate includes the exact time they joined, obviously... iirc it is a timestamp formatted column in the db so it will probably include that info.

 

[Robertcdf]

I'm a noob here (not to forums) and I was like "What the heck? I though these guys were level headed, I guess I need to change the email account they have access to." Glad to see you guys are as level headed as I thought, and good job getting it back up quickly.

 

[Neophyte]

Thanks for getting the site back up. When I read the "coward" bit e-mail, I immediately realized this is a hack.....for no one in here fits that bill (for who else would get a 20,000 Lb piece of iron up to 50 MPH....smiling ear to ear)

Bob

 

[storeman]

Drew,
Great recovery! Thanks.
Jerry

 

[Tinwoodsman]

Thank you!

 

[wired1000]

Wait... so we're NOT occupying the House of Parliament in November?? SH*T, I bought non-refundable tickets!!!

 

[ramcatdoc]

Great site, and great job getting back up so quickly! We must be in the "Big Boy Club" for a bunch of jerks like Anonymous to make the effort to hack us! Keep on trucking....

 

[jaymcb]

Drew...anyone who gave YOU crap should take a pill. It's not like this is a full time gig for you.

Thank you for your recovery work, and thanks for bringing the forum back up.

This has also gotten me off my butt to go and patch the VB forum I am an admin on, because I don't want to see this repeated!