Yay it's back! I missed this!

Thank goodness! I was in withdrawal!

Jeff

_________________
In 1988 my 65C02 got six new registers and 44 new full-speed instructions!
https://laughtonelectronics.com/Arcana/ ... mmary.html

I was in withdrawal too...

Do we still need to change passwords to the forum? I've changed them everywhere else, anyone that was similar anyway...

I actually read the title forum's back-up, as in back-up storage. Heh.

Anyway, thanks to Mike Naberezny for the work at getting the site back up and running. Not sure how much work was involved, but thanks!

_________________
65Org16:https://github.com/ElEctric-EyE/verilog-6502

Three cheers! (or maybe a hundred!)

_________________
http://WilsonMinesCo.com/ lots of 6502 resources
The "second front page" is http://wilsonminesco.com/links.html .
What's an additional VIA among friends, anyhow?

Yes, hurray.

Imagine - I post a "Introduction" message and next thing I know the site is dead.

"What have I done!!?"

But it's nice that it's back.

Hooray! Many thanks to Mike, not just for restoring but for keeping solid backups!

Thanks Mike for bringing the forum back up!

_________________
Author of the GeckOS multitasking operating system, the usb65 stack, designer of the Micro-PET and many more 6502 content: http://6502.org/users/andre/

Did you find out who the hacker was, and why he did it(what can be so tempting for hackers on this forum?)?

Withdrawals here as well, bigtime.

So if it is of any help, here is a picture of my Pinball Mind partially stuffed.

_________________
"My biggest dream in life? Building black plywood Habitrails"

It is estimated that half of computer users are hackers. I'm guessing the hacker saw this board from Hackaday.

A motive could be identity theft. They could be interested in stealing email addresses to spam us or setting up a bot net.

Your browsing habits are worth thousands of dollars to advertising agencies which is why Facebook and Google use cookies.

They could be interested in finding out who someone here is for political reasons.

Most hackers look for naked pictures if they break into your home computer.

Should the policy be changed on most boards to not store identifiable information like our email address and real name if the user database is not encrypted?

thank you for be back online and, in general, for supporting all of us!

i like this forum very much, reading it on daily and miss it a lot in these days.

if there is something that i can do for supporting this effort, please let me know.

grazie. (thanks)

The attacker somehow gained access to the phpBB admin panel. The admin panel allows the forum's templates to be customized. This feature was used to inject malicious PHP code to gain access to the server.

The attacker installed a large number of hidden web pages onto the server. Many of them advertised software for sale. They were probably intended to be used with spam to distribute malware.

Here are some of the things I have done about it:

- I completely wiped the server and reinstalled from the operating system up. Most of the files for 6502.org are stored in a Subversion repository and I used those files to rebuild the site. For files that were not in the repository, I inspected them manually before putting the online.

- I have tightened up the Apache and PHP configuration on the server. For PHP, I've set options to restrict filesystem access and running system commands.

- I've installed mod_security, a web application firewall. It will try to block known attacks and suspicious activity from reaching phpBB.

- phpBB stores its configuration in a MySQL database. I wrote a MySQL trigger that will not allow the "allow PHP code in templates" option to be enabled. If you try to enable this option in phpBB, the database will not allow it to be enabled.

- I've blocked an IP range in Russia containing the attacker's IP.

- The users with access to the admin panel now have much stronger passwords.

- I've modified the Apache configuration to only allow access to the admin panel from certain trusted IP addresses.

Regarding Chuck's question about encrypting the user data in the forum... phpBB does not store passwords in plain text. It does not offer encryption of real names or email addresses. However, it may not have helped in this case. Having them encrypted would mean that the forum would have to decrypt them on demand. An attacker with access to the server would have access to the decryption routines.

Some of the steps above could have helped prevent the attack and I'm sorry they were not already in place. Please understand that 6502.org is an old site and is a hobby project. This forum has been online in different versions for ten years.

I hope that it will now be significantly more difficult for another attack to succeed and that we can get back to discussing our projects. Thanks for your support and using the forum.

_________________
- Mike Naberezny (mike@naberezny.com) http://6502.org

You mean the "cracker?" We are hackers. A**holes who break into systems are crackers.

_________________
x86?  We ain't got no x86.  We don't NEED no stinking x86!

I had developed quite the case of DTs while 6502.org was belly-up. My wife was tempted to dial 911 until she realized it was only due to a lack of "bare metal" computer activity. Instead, she consulted with a shrink, who told her to be patient. It would pass.

Good work Mike in rebuilding the site and getting it back on its feet.

_________________
x86?  We ain't got no x86.  We don't NEED no stinking x86!

Lookin' gooood, as Freddie Prinze used to say.

I am a bit surprised that you are using the DIP40 version of the 65C816 instead of the PLCC44 package. The latter, in my humble opinion, is easier to work with—definitely takes less real estate. However, what will matter is when you put the juice to it and it works. Here's to hoping for a smoke-free launch.

_________________
x86?  We ain't got no x86.  We don't NEED no stinking x86!