[plug] Website re-open

skribe skribe at amber.com.au
Sun Oct 7 16:39:34 WST 2001


The website is now back online.  A few features are missing (eventcal and 
user themes) but will be restored shortly.

The story:

At around 7am on October 4th crackers accessed spark through a hole in 
PHPNuke.  They then preceded to deface the site and run a series of attacks 
against spark (perhaps Matt will provide more details).

I had been aware of the bug for several days, but due to sickness had been 
unable to fix the hole - which essentially required a major upgrade.  In 
fact, I had scheduled time to do it today.  Unfortunately, the bastards beat 
me.  Essentially, it is my fault (me and the bugger that gave me the flu) and 
I accept full responsibility.  I offer my sincerest apologies.

As a result I've moved the site to Postnuke, which has a better record and 
for security and a much better development model.

Due to the intrusion, I recommend that all users change their passwords. 
Avatars will also have to be changed due to the move to postnuke.

skribe
-- 
Public key information available at:
http://www.amber.com.au/~skribe/publickey.html
Key fingerprint = A855 9CA3 953B 5195 C518  12F2 0E05 DCCD 5A88 E8A4 

Houston, Tranquillity Base here.  The Eagle has landed.
		-- Neil Armstrong



More information about the plug mailing list