Page 1 of 2 12 LastLast
Results 1 to 15 of 20

Thread: HBA hit hard, but bouncing back

  1. #1
    Site Developer Jman's Avatar
    Join Date
    Oct 2002
    Location
    Pacific NW, USA!
    Posts
    2,411
    Likes (Given)
    21
    Likes (Received)
    59

    HBA hit hard, but bouncing back

    Some of you may have noticed HBA was down for the last 24 hours. It was attacked by a hacker or hackers who wanted to use the HBAs server resources to attack another website to bring it down. Our server company noticed the problem and pulled HBA offline so it could not be used in this way. Fortunately our hosting company is very familiar with the forum software we use here in HBA so I have been able to hire their experts to help investigate and remedy the situation. They are now working to close whatever security loophole in the forum software allowed it to happen.

    I'm very sorry for the inconvenience.

  2. #2
    Site Developer Jman's Avatar
    Join Date
    Oct 2002
    Location
    Pacific NW, USA!
    Posts
    2,411
    Likes (Given)
    21
    Likes (Received)
    59

    Re: HBA hit hard, but bouncing back

    Oh, by the way - If anyone has been meaning to become an HBA Supporter but just hasn't gotten around to it, now would be a good time. When things like this attack pop up, the expert (not me) knowledge needed to fix these kinds of problems runs about $95 an hour. It's a scary proposition to authorize the work when there is no real way to know how long it will take to repair the damage. All of your contributions go toward the upkeep of the site and rainy days like today.

    Anyway, thanks for your patience and understanding.

    Jake

  3. #3
    Registered User fly2kads's Avatar
    Join Date
    Jan 2010
    Location
    Justin, TX
    Posts
    1,040
    Likes (Given)
    555
    Likes (Received)
    305

    Re: HBA hit hard, but bouncing back

    Quote Originally Posted by Jman View Post
    Oh, by the way - If anyone has been meaning to become an HBA Supporter but just hasn't gotten around to it, now would be a good time.
    Done! I wish I could do more. Thanks for all you do on behalf of this community!

  4. #4
    Site Developer Jman's Avatar
    Join Date
    Oct 2002
    Location
    Pacific NW, USA!
    Posts
    2,411
    Likes (Given)
    21
    Likes (Received)
    59

    Re: HBA hit hard, but bouncing back

    Thanks Fly2kads. It's very much appreciated.

  5. #5
    Banned
    Join Date
    May 2009
    Location
    Oulu/Finland
    Posts
    4,116
    Likes (Given)
    178
    Likes (Received)
    63

    Re: HBA hit hard, but bouncing back

    Well I was already wondering what took place. Happy that you are back.

  6. #6
    Registered User
    Join Date
    Nov 2011
    Location
    Holland
    Posts
    81
    Likes (Given)
    0
    Likes (Received)
    0

    Re: HBA hit hard, but bouncing back

    I already got a feeling like that, there were more sites yesterday that got attacked.

    Was database security compromised ? In this case make sure to change passwords (if you use it anywhere else in conjunction with email etc.).

    Jman, Don't worry about it too much, even the websites of govt. and intelligence services get hacked. The strange thing is, why HBA ? Seems like the last place to get hacked to me.

  7. #7
    Registered User stol's Avatar
    Join Date
    Feb 2008
    Location
    Jackson Hole Wyoming
    Posts
    509
    Likes (Given)
    21
    Likes (Received)
    149

    Re: HBA hit hard, but bouncing back

    Quote Originally Posted by Jman View Post
    Oh, by the way - If anyone has been meaning to become an HBA Supporter but just hasn't gotten around to it, now would be a good time. When things like this attack pop up, the expert (not me) knowledge needed to fix these kinds of problems runs about $95 an hour. It's a scary proposition to authorize the work when there is no real way to know how long it will take to repair the damage. All of your contributions go toward the upkeep of the site and rainy days like today.

    Anyway, thanks for your patience and understanding.

    Jake
    Jake.............. Thanks a ton for this site... you are the MAN !!! I am sending you a check to the Ky address... I don't trust paypal...

    Ben
    www.haaspowerair.com

  8. #8
    Site Developer Jman's Avatar
    Join Date
    Oct 2002
    Location
    Pacific NW, USA!
    Posts
    2,411
    Likes (Given)
    21
    Likes (Received)
    59

    Re: HBA hit hard, but bouncing back

    Jman, Don't worry about it too much, even the websites of govt. and intelligence services get hacked. The strange thing is, why HBA ? Seems like the last place to get hacked to me.
    it's pretty common for a site like ours to get hacked just so it can be defaced. The lowest class of hackers are called "script kitties". When a vulnerability is found in a piece of software like what we use to run our forum, the real hackers post instructions on how to exploit it. These script kitties go around using that knowledge to pull pranks. That wasn't the case here. HBA was used by a real hacker to try to overload the server of another website, which was his real target. Pretty frustrating and pricey to diagnose how it was done. Everything possible is being done to lock HBA down so it doesn't happen again. Unfortunately, it's a never ending tug-o-war.

    Jake.............. Thanks a ton for this site... you are the MAN !!! I am sending you a check to the Ky address... I don't trust paypal...
    Ben - that's very kind of you to say. Thanks for the support.

  9. #9
    Registered User jjbaker's Avatar
    Join Date
    Jun 2010
    Location
    Bangor, Maine
    Posts
    79
    Likes (Given)
    0
    Likes (Received)
    1

    Re: HBA hit hard, but bouncing back

    The tricks used change constantly, which makes the whole shebang expensive and extra frustrating in trying to investigate what causes it. I've found no reliable solution to dummy profiles short of verifying each one by personal email. The end user never gets to see the trouble. This was a long outage, but you're lucky with a knowledgeable host that can help in diag. Developers/ Guru's are charging well for their services. Sometimes you wonder if the guys who fix it are related to the hackers, as that's a perfect way to make money in the future. Like being a doctor and owning a funeral home...
    Jason J. Baker
    Maine (KBGR)
    http://www.seaplaneforum.com

  10. #10
    Registered User Lucrum's Avatar
    Join Date
    Jun 2008
    Location
    Canton, GA
    Posts
    769
    Likes (Given)
    187
    Likes (Received)
    124

    Re: HBA hit hard, but bouncing back

    Hackers are human garbage.

    I don't suppose you have the addresses of the hacker(s)?
    ...If you forget this, you will be subjected to a four phase aeronautical process that dates back to the early 1900ís. Stall, spin, crash and burn. Phase 4 requires some amount of fuel on board at time of impact.

  11. #11
    Moderator Dana's Avatar
    Join Date
    Apr 2007
    Posts
    7,733
    Likes (Given)
    333
    Likes (Received)
    2190

    Re: HBA hit hard, but bouncing back

    Quote Originally Posted by Jman View Post
    it's pretty common for a site like ours to get hacked just so it can be defaced. The lowest class of hackers are called "script kitties"...
    Script kiddies. As in, kids, usually high school age, little twerps who have just enough knowledge to bend somebody else's script to do something different. You see them on the programming forums, where they look for help and then get banned as soon as a moderator figures out what they're about.

    I don't know about website hackers, but there are rumors about connections between virus writers and virus removal software companies...

    -Dana

    Everything that can be counted does not necessarily count; everything that counts cannot necessarily be counted. -Albert Einstein
    Starduster SA-100 (waiting to be flown home)
    Fisher FP-404 (for sale)
    ParaFan PPG (dormant)
    Kolb Ultrastar (sold)

  12. #12
    Registered User PTAirco's Avatar
    Join Date
    Sep 2003
    Location
    Corona CA
    Posts
    3,333
    Likes (Given)
    164
    Likes (Received)
    907

    Re: HBA hit hard, but bouncing back

    Quote Originally Posted by Dana View Post

    I don't know about website hackers, but there are rumors about connections between virus writers and virus removal software companies...

    n
    Wouldn't surprise me one bit - a vast amount of anti spyware software out there exists to install spywater on your computer.
    "Aeronautical engineering is highly educated guessing, worked out to five decimal places. Fred Lindsley, Airspeed."

  13. #13
    Registered User jjbaker's Avatar
    Join Date
    Jun 2010
    Location
    Bangor, Maine
    Posts
    79
    Likes (Given)
    0
    Likes (Received)
    1

    Re: HBA hit hard, but bouncing back

    Reminds me of the doctors son, who ran his fathers practice during a two week vacation...

    "Dad, the 90 year old with the bronchitis is healed. Took me a week to figure it out. Whatcha say?"

    "Son, that Bronchitis put you through medical school, and was about to pay for my boat!"

    The site is definitely bugged down by something. Took me ~ 2 minutes to log in and be able to post.

    Still thinking it has something to do with the incredible number of visitors on it. At every time of day, never less than 300 visitors.
    Jason J. Baker
    Maine (KBGR)
    http://www.seaplaneforum.com

  14. #14
    Registered User Matt G.'s Avatar
    Join Date
    Nov 2011
    Location
    Kansas, USA
    Posts
    1,250
    Likes (Given)
    985
    Likes (Received)
    464

    Re: HBA hit hard, but bouncing back

    Speaking of odd things happening, I've noticed that clicking on my username in a post links me to someone else's profile. I'm Matt G. but it sends me to MattG's profile instead of mine. All is normal when accessing it from my user CP.

  15. #15
    Registered User jjbaker's Avatar
    Join Date
    Jun 2010
    Location
    Bangor, Maine
    Posts
    79
    Likes (Given)
    0
    Likes (Received)
    1

    Re: HBA hit hard, but bouncing back

    MattG is a dummy account... and somehow attached to Matt G.

    Should be possible to find forum's which get spammed by a MattG, using this board as a host. This means if you trace the spammer back to it's source, you'll land here, on an inactive poster. I've seen the phenomenon before, but can't remember where.

    (10 years around forums, and this is the first time I see it)...

    Edit: Jake, look for accounts activated, online once, never posted, never online again. Wonder if the server will unload after you delete all of those and pretty sure you'll get a flood of new registrations. Love to know where the IP's ping to, my guess is China and the glorious Ivory Coast. Of course, I am far from an expert on this, but that's my thumb sucking guess...
    Last edited by jjbaker; December 4th, 2011 at 10:44 PM.
    Jason J. Baker
    Maine (KBGR)
    http://www.seaplaneforum.com

Similar Threads

  1. So how hard is it to make your own engine?
    By HumanPoweredDesigner in forum General Auto Conversion Discussion
    Replies: 13
    Last Post: April 13th, 2011, 10:58 AM
  2. Hit the 1000th Active Member
    By Rom in forum Hangar Flying
    Replies: 1
    Last Post: September 15th, 2010, 10:20 AM
  3. Composites are Hard
    By addaon in forum Aircraft Design / Aerodynamics / New Technology
    Replies: 14
    Last Post: August 4th, 2009, 05:45 PM

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •