منتدى استراحات زايد

منتدى استراحات زايد (http://vb.ma7room.com/index.php)
-   منتدى أخبار المواقع والمنتديات العربية والأجنبية (http://vb.ma7room.com/forumdisplay.php?f=183)
-   -   Spammer/Hacker Problems (http://vb.ma7room.com/showthread.php?t=212199)

محروم.كوم 08-20-2009 09:29 AM
Spammer/Hacker Problems
 
I'm running vBulletin 3.8.1 as a support forum on a new site and on a dedicated server. The forum, although open, has not yet become active.

A number of weeks ago, we received a call in the late hours that our server had been hacked and that it now had a PayPal phishing site on it. A number of steps were taken to remove it, change all our passwords and add some additional security to the server's setup. We found out a couple of days later that a fired employee of a programmer we had used had either setup the phishing site or had sold our password to some hackers.

There is no evidence of anyone gaining access to our server since making these changes.

What we are experiencing, however, are constant and regular registrations from an individual or group of individuals who would appear to be spammers. Our forum is setup to moderate registrations which requires the registrant to fill in half a dozen fields to be able to submit it. Our response to these totally obvious registrations has been to delete or reject them without notification and to add the IP to the list in Banning Options. This has only served to increase the number of bad registrations we are receiving. We had expected that at some point they would move on to greener pastures. We've even tried closing the forum for a few days and as quickly as I reopen the forum, the bad registrations start coming in again.

My first question, considering the hacking that occurred, is whether or not the act of registering could put these miscreants in a position to cause some other harm or to gain any access to our server? The persistence of their efforts causes me to suspect it is more than just an effort to make a post extolling the virtues of Viagra. Are there any known files that may have been left behind during the hack that may be providing some access or exploit that I should be searching for?

My second question is what other measures should I consider to dissuade them from registering again? Tachy Goes to Coventry comes to mind but then I would have elevated them to an accepted registration status which doesn't seem a good idea to me.

Thanks for any feedback or help you may have to offer.


الساعة الآن 05:57 AM

Powered by vBulletin® Copyright ©2000 - 2025, Jelsoft Enterprises Ltd.
Content Relevant URLs by vBSEO 3.5.2 TranZ By Almuhajir


1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131 132 133 134 135 136 137 138 139 140 141 142 143 144 145 146 147 148 149 150 151 152 153 154 155 156 157 158 159 160 161 162 163 164 165 166 167 168 169 170 171 172 173 174 175 176 177 178 179 180 181 182 183 184 185 186 187 188 189 190 191 192 193 194 195 196 197 198 199 200 201 202 203 204 205 206 207 208 209 210 211 212 213 214 215 216 217 218 219 220 221 222 223 224 225 226 227