- This topic has 4 replies, 3 voices, and was last updated 19 years, 11 months ago by
Lingster.
-
AuthorPosts
-
December 29, 2004 at 12:06 am #2216
Lingster
KeymasterA few months ago someone managed to insert a line of code into a page at Transvigor. It made me really paranoid about security, andn so I’ve been very good at installing new updates for both WordPress and phpBB. She Grew! runs on the latter.
Then this morning:
The newest version of the Santy Worm, Santy.e, is threatening more web sites which use PHP scripting to produce dynamically database generated pages. The Santy Worm first surfaced last week, targeting sites which use the phpBB bulletin board/forum service. Santy was using Google as its springboard to identify such phpBB powered sites. The Perl/Santy-A worm (also known as Santy) exploited a vulnerability in a piece of software often used to provide discussion forums and bulletin boards on the web, phpBB.
I think we’re OK.
December 31, 2004 at 2:53 am #2217Anonymous
GuestIs this something similar to what appears to have happened to Wreck’s message board?
The NeverEverSanity WebWorm Generation 13 (or something?) seems to have done something evil to it.
Anyone know anything about this at all?
December 31, 2004 at 3:12 am #2218KeymasterIs this something similar to what appears to have happened to Wreck’s message board?
The NeverEverSanity WebWorm Generation 13 (or something?) seems to have done something evil to it.
Anyone know anything about this at all?
Well, if it’s a worm then it’s similar to what I’ve been cautious about. What BB is he running? Sometimes one coder will take an existing worm, trojan script or virus and then simply alter it a bit, change the name and set it loose again.
The way these things work is that they cross-script themselves onto the server, and then they use the server to do web searches for other servers running the same application suite that the worm used to get onto the first one. In my case it’s phpBB v2. The phpBB people put out a fix in August or so, and then another in October and another a few weeks ago. The first fix was sufficient, really, but they’ve made the code pretty much airtight since then.
January 1, 2005 at 7:43 am #2219David C. Matthews
ParticipantHackers and virus coders must die.
Slowly and painfully.
And I’m not joking.
Hate to have my first post on this board be such a downer, but there are few people I hate more in this world than these bastards who have no conscience whatsoever, whose idea of "fun" is to randomly and capriciously destroy someone else’s hard work, just because they can.
January 1, 2005 at 8:42 am #2220KeymasterHackers and virus coders must die.
Slowly and painfully.
And I’m not joking.
Hate to have my first post on this board be such a downer, but there are few people I hate more in this world than these bastards who have no conscience whatsoever, whose idea of "fun" is to randomly and capriciously destroy someone else’s hard work, just because they can.
They’re the evolutionary process, Dave. Without these kinds of challenges, OS security and industry standards and practices wouldn’t improve, and would be vulnerable to a person with truly malicious and criminal motives.
If you run a site, part of the responsiblity of that is making sure you follow and install updates. And updating server code isn’t always that easy – it assumes a much higher level of competence than updating run of the mill consumer software.
-
AuthorPosts
- You must be logged in to reply to this topic.