Thanks - I've also sent you some info, K-G. See also http://www.phpbbstyles.com/viewtopic.php?t=1904&postdays=0&postorder=asc&start=0 for additional info.
Minstrel, did you guys get everything straightened out? Is there a final solution to keeping phpBB forums online other than having a full time coder on staff 24/7?
Not sure yet. We're putting up blocks as we find and become aware of them. We have someone currently working on a base-level solution that may make the others redundant. We've managed to slow them way down at least and so far today we haven't lost access -- that's a huge improvement over the 24th and 25th.
What is the problem, them using the search engines to find targets and continuing the bot traffic? Will you have to switch to the vB product?
No. This isn't a problem with the versions of PHP or phpBB we have installed. It's a dumb worm that can't recognize it hasn't found a secured version.
By now it should be obvious that the ONLY software not likely to be attacked is OBSCURE software that hardly anyone knows or cares about. Guys like this don't want to annoy a dozen people. They want to annoy at least a few hundred thousand and if possible several million people with one exploit. So from now on, if anyone offers you any software that you've ever heard of, JUST SAY NO!
There are apparently at least five (5!) versions of Santy now circulating. See http://www.zone-h.org/en/news/read/id=4440/
Looks like a smart developer behind that platform ST, thanks for providing the link to members. Minstrel, is it not the hosting providers problem to stop these 5 flavors of this worm from hitting your servers? There is going to be a need for greater security within the hosting community itself, seems that most of these hosts don't have a clue as to how to stop this crap and ISP's need to invest in new technology also. Is it not time to find a host that can prevent these attacks?
You will find hosts that can stop this down the road, I was reading an article that ISP's are resisting investments in security technology. Down the road you will find hosts that can stop these attacks and they will market into this need. I would bet if IBM were hosting your site they could stop it today.
Thanks, ST. But do you mean the Band of Gonzos site? or the Tainted Shade site? Tainted Shade is my son's band, actually -- the site was designed by Daren Turner at http://webpageturner.com -- an ex-rocker himself (well still playing but no longer full time, now designing all sorts of sites for rock bands and others using quite extraordinary flash effects). http://www.taintedshade.com
Is digitalpoint having problems again? (DoS) I have been having problems with the site loading and just now received an email from the forum dated 12/16/2004 alerting me of a long ago read private message! Caryl