Hosting and board issues/problems/upgrades |
|
Hosting and board issues/problems/upgrades |
Nov 26 2019, 02:09 PM
Post
#1
|
|
FRRAX Owner/Admin Group: Admin Posts: 15,428 Joined: 13-February 04 From: Ohio Member No.: 196 |
Are there any computer programmers or message board guys in the house? I’m getting notifications from the hosting provider saying they are seeing potentially malicious script files on the server. They appear to be standard board files. I don’t know if they have moved away from the design of this board, or if there are other issues. However, they are threatening to shut the board down for “safety”.
I checked with IPS about getting the latest update done (it used to cost like $25 and they would do the update). They advised me that I’d have to upgrade to a version in the 3.x.x range and then upgrade to the new “community” version. The license is $200 and the labor is $625. I don’t believe I’m good enough to do this upgrade without possibly losing the database. I also don’t want the board shut down. So, I’m looking for options. One other option would be to change to different software. I discussed that ten years ago but I don’t know if there’s anything out there that will migrate from this old version of the software and it has to be stable and worth using. So, I’m open to ideas (or possibly donations). Any thoughts? |
|
|
Nov 26 2019, 06:28 PM
Post
#2
|
|
Veteran Member Group: Advanced Members Posts: 3,840 Joined: 3-July 04 From: Pearland, Texas Member No.: 385 |
Can they provide examples of their 'malicious' files? Are they going by contents, or just file names? We see that a lot in output from customer pen testing by 3rd parties. They'll say file-name-version-3 has some vulnerability, whereas they found version 3, where their pen testing software was looking for version 4 and the vendor says version 2 onward does not have that vulnerability. Specifics help.
I can't offer much else, but if you need donations to update to a more-robust version, count me IN! |
|
|
Nov 26 2019, 07:34 PM
Post
#3
|
|
FRRAX Owner/Admin Group: Admin Posts: 15,428 Joined: 13-February 04 From: Ohio Member No.: 196 |
They sent me a list of files. They look like board files to me. Just .php script files. I’m thinking the new versions must work differently and now those look like a problem. I replied to my ticket with incision (IPS) to get their input.
|
|
|
Nov 27 2019, 02:17 AM
Post
#4
|
|
Advanced Member Group: Advanced Members Posts: 664 Joined: 30-January 15 From: Columbus, OH Member No.: 223,855 |
Oh that's like when the credit card companies make us scan our computers at work to make sure we aren't keeping people's credit card numbers on file unencrypted. There will be URLs stored on them with 16+ digits in them and they'll be like "See, you're storing credit card info!" No.
Also, I was like "Huh, IPS is back in business?" without realizing it was the wrong IPS. This post has been edited by GCrites80s: Nov 27 2019, 02:18 AM |
|
|
Nov 27 2019, 03:22 AM
Post
#5
|
|
FRRAX Owner/Admin Group: Admin Posts: 15,428 Joined: 13-February 04 From: Ohio Member No.: 196 |
Yea. I'm a little torn. I've planned to keep this running for years. I'm not sure how to deal with the upgrade and I'm not totally in love with the $825 upgrade cost. I keep thinking there has to be another option. I'm just not sure what.
|
|
|
Dec 1 2019, 02:36 PM
Post
#6
|
|
FRRAX Owner/Admin Group: Admin Posts: 15,428 Joined: 13-February 04 From: Ohio Member No.: 196 |
I'm working on cleaning up the files from the server today. This may be an all day job, there's a lot of stuff that was flagged. if we go offline, I'll do my best to get it back up ASAP.
Thanks! |
|
|
Dec 1 2019, 03:18 PM
Post
#7
|
|
FRRAX Owner/Admin Group: Admin Posts: 15,428 Joined: 13-February 04 From: Ohio Member No.: 196 |
Also, if you find anything not working, send me an email at trackbird (at) gmail dot com.
Some of these files are buried in the old monthly post archives and I don't want to find out we lost all the posts from july of 2007 or something. |
|
|
Dec 1 2019, 06:24 PM
Post
#8
|
|
FRRAX Owner/Admin Group: Admin Posts: 15,428 Joined: 13-February 04 From: Ohio Member No.: 196 |
I think I'm done for now. It looks like the compromised files were from October of 2010. So, they've been here a while. But I think I have it all cleaned up for now. Let me know if you have any board issues.
|
|
|
Dec 1 2019, 10:58 PM
Post
#9
|
|
Member Group: Advanced Members Posts: 154 Joined: 19-January 15 From: The Woodlands Member No.: 223,854 |
Great work! Thank you
|
|
|
Dec 2 2019, 01:24 AM
Post
#10
|
|
Advanced Member Group: Advanced Members Posts: 664 Joined: 30-January 15 From: Columbus, OH Member No.: 223,855 |
Awesome! Thank you!
|
|
|
Dec 2 2019, 01:59 PM
Post
#11
|
|
Veteran Member Group: Advanced Members Posts: 3,840 Joined: 3-July 04 From: Pearland, Texas Member No.: 385 |
2010, wow!
Thank you for the housekeeping so the list stays on line!! |
|
|
Dec 3 2019, 09:24 PM
Post
#12
|
|
newbie Group: Members Posts: 24 Joined: 27-February 17 From: Evansville, IN Member No.: 223,944 |
Thanks!!!
|
|
|
Dec 4 2019, 12:30 AM
Post
#13
|
|
FRRAX Owner/Admin Group: Admin Posts: 15,428 Joined: 13-February 04 From: Ohio Member No.: 196 |
2010, wow! Thank you for the housekeeping so the list stays on line!! Yea. I didn't know that anything was added and it took this long for a scan to turn it up. Once we go a week or so and see that things are working and all the old thread history is there, I'll go delete all the files I renamed (I changed the extension to keep them from running). I don't really want to see this place shut down now, we've made it this far. (IMG:http://www.frrax.com/rrforum/style_emoticons/default/wink.gif) |
|
|
Dec 16 2019, 05:00 PM
Post
#14
|
|
Experienced Member Group: Advanced Members Posts: 1,038 Joined: 29-December 03 From: Texas, USA Member No.: 62 |
Thanks Kevin!!!
Costas cars and such... |
|
|
Lo-Fi Version | Time is now: 20th November 2024 - 04:23 AM |