Working Dog Forums banner

1 - 7 of 7 Posts

·
Premium Member
Joined
·
4,983 Posts
Discussion Starter #1
OK this is absolutely impossible.

The way this boards search feature works is that every word you type into a post adds an entry into a special search table that references which post that particular word was entered in, its supposed to make searcing more efficient, but it tends to take up alotta space since every word in a post is seperately indexed. However, this table is the one that keeps running full and it's abnormal. At first I wasn't noticing it to be a huge problem, but 2 days ago the database hit the 150MB mark... that's 150MB since the board first started... then today, only 2 days later, that same table ran full again hitting 250MB!!!!!!!. That's absolutely impossible, there is no way there's been enough posts here in 2 days to increase the space by 100MB, which is almost as much as all the posts combined since the board first opened!

I was looking around the table to see what data was being entered and it all looked way too chronological compared to the "legitimate" entries from a month ago that were somewhat randomly numbered.

So it's become very apparent to me that someone malicious (and obviously bored) asshole has decided to sabotage this forum, which explains why it's been so slow, because the database is running full steam ahead to process their exploit rather than processing board posts.

I'm assuming it is in fact a malicious 3rd party, I could be wrong, but I doubt it. I cleared the table in the database that deals with searches, so the search feature will not work for anything posted from day 1 till today... :( I may have to disable the search feature entirely.
 

·
Premium Member
Joined
·
20,210 Posts
Mike Schoonbrood said:
OK this is absolutely impossible.

The way this boards search feature works is that every word you type into a post adds an entry into a special search table that references which post that particular word was entered in, its supposed to make searcing more efficient, but it tends to take up alotta space since every word in a post is seperately indexed. However, this table is the one that keeps running full and it's abnormal. At first I wasn't noticing it to be a huge problem, but 2 days ago the database hit the 150MB mark... that's 150MB since the board first started... then today, only 2 days later, that same table ran full again hitting 250MB!!!!!!!. That's absolutely impossible, there is no way there's been enough posts here in 2 days to increase the space by 100MB, which is almost as much as all the posts combined since the board first opened!

I was looking around the table to see what data was being entered and it all looked way too chronological compared to the "legitimate" entries from a month ago that were somewhat randomly numbered.

So it's become very apparent to me that someone malicious (and obviously bored) asshole has decided to sabotage this forum, which explains why it's been so slow, because the database is running full steam ahead to process their exploit rather than processing board posts.

I'm assuming it is in fact a malicious 3rd party, I could be wrong, but I doubt it. I cleared the table in the database that deals with searches, so the search feature will not work for anything posted from day 1 till today... :( I may have to disable the search feature entirely.
We'll live, Mike! Thanks for the tedious work, BTW.
 

·
Premium Member
Joined
·
3,751 Posts
I hope we can find out who´s responsible...

*idioten, klootzakken, driedubbelomgedraaidelullen*

calling names in dutch :wink:
 

·
Premium Member
Joined
·
1,588 Posts
mike,

i read somewhere that the was a phbb exploit with regard to a certain username. i'll research to try and find it....
 

·
Premium Member
Joined
·
1,588 Posts
i found it...

Bot Herders Ready Attack Against Message Forums
http://www.informationweek.com/news/showArticle.jhtml?articleID=1
83701152&subSection=Breaking+News

The SANS Institute's Internet Storm Center noted that a bot going by the name "FuntKlakow" has registered on thousands of phpBB forums.

Botnet controllers may be planning a large-scale attack against message forums, TechWeb has learned.

The SANS Institute's Internet Storm Center (ISC) noted that a bot going by the name "FuntKlakow" has registered on thousands of phpBB forums. Speculating, ISC analyst Marcus Sachs noted that the bot's owner(s) may be preparing to exploit a zero-day vulnerability against the popular php bulletin board software.

"We might be chasing a ghost here but it's always good to be on the lookout for something like this," wrote Sachs in an alert on the ISC site Sunday.

Sachs linked to the original posting about the attack possibility. That posting added that on most boards the FuntKlakow bot had only registered, but that it was capable of posting messages.

A Google search for "FuntKlakow" suggested that the bot may have created accounts on more than 36,000 forums. Some of the forums show messages such as "Oh, how nice" and "Wow, I didn't think of that."

"Next time the phpBB announces a critical vulnerability, the bot would have everything ready (just a post click away) from attacking thousands of sites/forums," the original post read.

U.K.-based security and Web measurement company Netcraft added in a Monday alert that the phpBB software has been hit with several security problems, including a January hack of Advanced Micro Devices' (AMD) php-driven support forums that planted malicious code on visitors' machines.

**********************************

don't know if that helps or not...
 

·
Premium Member
Joined
·
21,869 Posts
It always amazes me when anyone can do more then just turn on these new fangled typewriters.
 
1 - 7 of 7 Posts
Top