Is NSC at risk of being hacked?

[Robot Chicken]

Just received this email from the Peterborough United website LondonRoad.net :

The following is an email sent to you by an administrator of "posh.net". If this message is spam, contains abusive or other comments you find offensive please contact the webmaster of the board at the following address:

info@londonroad.net

Include this full email (particularly the headers).

Message sent to you follows:
~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Hi.

Those of you who are regular users of the messageboards will have noticed that today we have been hacked.

It wasn't the Russians or even the Poles as some wags have implied, but a Dutch youth under the name of sirh0t. Looking on google, I have found that this cheeky young scamp has caused havoc on the phpBB boards for some time and I now realise it was only a matter of time before we got hit by him.

Anyway, with special thanks to Canonmiller, we can still access the messageboards. Initially you have to use the links below and be a little wary how you navigate or you find yourself directed back to sirh0t's handiwork. Just click the back botton on your browser if this happens and hit F5 if necessary.

To access the London Road End messageboard, click on -

http://www.londonroad.net/phpBB2/viewforum.php?f=2

It might not be until next week before we resume normal service. Phil Keys, the moderators and myself will be even more grateful for your loyal support to posh.net in the meantime.

Regards


Paul Myland

No doubt MYOB will be able to show why, with diagrams, but is NSC safe from these hackers?

 

[Rangdo]

I fail to see how the demise of the Peterborough message board makes the world a worse place to live

 

[Crawley Boy]

Their message board is running on phpBB 2.0.6 so is vunerable to attack. The current version is 2.0.13 and if the Administrator is not going to keep the board up to date then he's only himself to blame.

I know, I can talk from experience. Mine got hit when I'd was using 2.0.11

I beleive the issue is related to php code within the phpBB message board so vBulletin one's, such as this, should be ok.

 

[Safeway]

NSC has already been hacked by 3,500 GOONS.

 

[Mr Fridge]

Their message board is running on phpBB 2.0.6 so is vunerable to attack. The current version is 2.0.13 and if the Administrator is not going to keep the board up to date then he's only himself to blame.

I know, I can talk from experience. Mine got hit when I'd was using 2.0.11

I beleive the issue is related to php code within the phpBB message board so vBulletin one's, such as this, should be ok.

I disagree the fault does not lie with the board admin it lies with the vermin who have nothing better to do than to interfere with other peoples property.

To do so should be a criminal offence, if the came along and spray painted your living room you'd want the bastards prosecuted, this is no dif.

 

[Crawley Boy]

Had the Admin kept the forum up to date with current releases then the board would not have been hacked.

There are security issues with the forum version currently being used so they should accept (some) responsibility (at least).

If you left your front door open and someone spray painted your living room, would you not be partly at fault for leaving your front door open.

Using an old version of phpBB is like leaving the door open.

 

[Mr Fridge]

Had the Admin kept the forum up to date with current releases then the board would not have been hacked.

There are security issues with the forum version currently being used so they should accept (some) responsibility (at least).

If you left your front door open and someone spray painted your living room, would you not be partly at fault for leaving your front door open.

Using an old version of phpBB is like leaving the door open.

No again I disagree if I leave my front door open it is not an invitation for someone to walk in and spray paint the living room.

We live behind locked doors and barred windows because those with no self control are alowed to get away with it.

I have 2 use 2 locks on my bike because I have to lock the front wheel and the back wheel and the frame cos if I don't one bit or other of it will be gone when I get back if I don't.

Too many excuses for the criminals its all their fault not anyone elses.

 

[Cian]

vBulletin is far, far more secure than phpBB, both by design and by virtue of being far less commonly used.

phpBB 2.0.6, which they were using, was about as secure as leaving the keys outside the door with a note detailing where all your cash was, and where the TV/DVD/laptop boxes and manuals were. Hundreds of automated worms would find phpBB 2.0.6 sites through Google and take them offline.

2.0.13 is out now, marked as 'critical update'. 2.0.7 through 2.0.12 were all critical also...

We're safe. Ish. VB3 would be safer but it'd take down the server even more often as its more CPU intensive.