Printable Version of Topic

Click here to view this topic in its original format

914World.com _ 914World Garage _ admin help request

Posted by: r_towle Dec 14 2004, 07:54 PM

we have a forum run by kids running php.
We have been having a problem with several email scammers loading up the email server and these guys have no time to monitor it every day...

What are the simple solutions, we have already turned off email, simple enough.

Thanx in advance
Rich
site is www.first.comclub.org

Posted by: McMark Dec 14 2004, 07:56 PM

I'm not sure I understand the problem? Are people getting email spam or are people posting spam in the forum?

Posted by: Brando Dec 14 2004, 07:58 PM

more details.

is this a website your company hosts? If you are hosting a client and they have fraudulent or illegal activity, you can shut them down. disable mod_php and tell them to get rid of any form-mailers or vulnerable PHP scripts.

This includes upgrading their forum software.

Posted by: r_towle Dec 14 2004, 08:50 PM

apparently the kids got an emailfrom someone stating that they were receiving bulk email from this forum.

the email did not originate from that forum, it was just used as a hop, or a forwarding remailer.

Please take a look at the site.

Rich

Posted by: McMark Dec 14 2004, 09:00 PM

Who's got control of the server? Do they know what they're doing? If there's a mail server running, does there need to be? What OS is the server running? What web server?

There's no easy answer.

Posted by: Brando Dec 14 2004, 09:13 PM

ERRARZ!!@!@12OneonEOn!@!1
"www.first.comclub.org could not be reached..."

ping says:
Ping request could not find host www.first.comclub.org....

Posted by: McMark Dec 14 2004, 09:17 PM

take off the www

Posted by: Brando Dec 14 2004, 09:26 PM

also denied.

Posted by: McMark Dec 14 2004, 09:28 PM

[Sisal:~] markd% ping first.comclub.org
PING first.comclub.org (67.18.133.226): 56 data bytes
64 bytes from 67.18.133.226: icmp_seq=0 ttl=52 time=75.835 ms
64 bytes from 67.18.133.226: icmp_seq=1 ttl=52 time=75.426 ms
64 bytes from 67.18.133.226: icmp_seq=2 ttl=52 time=73.153 ms
64 bytes from 67.18.133.226: icmp_seq=3 ttl=52 time=75.367 ms

Posted by: Brando Dec 14 2004, 09:37 PM

figures. it's a website for a bunch of COUNTER-STRIKE players.

EDIT: Nevermind. Not a CS clan. they're using PHP Nuke. I believe forums are integrated into that CMS and they should disable the forum on it until they upgrade to the latest version.

I'm not familiar with PHP nuke, but I have heard it's one of the most flexible PHP CMS's available and there are a ton of plugins to add features, as well as hacks to exploit it's holes.

Powered by Invision Power Board (http://www.invisionboard.com)
© Invision Power Services (http://www.invisionpower.com)