[Forum] Security Compromised

[ThePhoenixBird]

Today our forum was attacked by a turkish team of hackers and they vandalized our forum index page, recently we have been fighting against DDoS attacks to both our webserver and svn box, eventually they managed to do more damage like this, so much hate, but anyways lets man it up and keep going, we are going to take new measures to prevent more damage hardening our security (again), we suspect a vuln in php 5.3 so we gotta upgrade to 5.4 and everything else...

We apologize for any inconvenient caused to our users due this incident, even though we're not sure if any sensitive data was compromised during this attack, we are enforcing a password reset for everyone.

An attacker with enought time, skills and horsepower can crack password hashes with rainbow tables, passwords with less than 6 characters can be cracked in just a couple of minutes, we suggest to all our users to use a secure password with more than 8 characters and use UPPERCASE, lowercase, Numb3rs and $pecial Characters to increase your password security.

In order to ensure everyone safety we have issued a FORCED PASSWORD UPDATE for everyone, so once you login to the forums you will be asked to change your password, if you dont, you cant keep browing the forum with your account.

Again we ask for apologizes for any trouble caused.

[DreamStage]

You did your best and im glad you guys are back.

Code: Select all

 import com.l2jserver.gameserver.Mitimport com.l2jserver.gameserver.model.actor.instance.L2PcInstance private int agent = 007private int hackerId = 1337private L2PcInstance player; removeHacker(hackerId); private void removeHacker (int hackerId){    L2PcInstance playerAgent = player.getPlayerId(agent);    If (hackerId != null)    {         playerAgent.activeChar.shoot(hackerId);         MIT.jail(hackerId);         playerAgent.sendMessage("Leave our base Hacker! Visiting hours are over! HF at jail...");    }}

[Aikimaniac]

Now i personally have one more reason to say NO for Turkey in EU

[Konstantinos]

i have to many reason to say no for them (greek guy)

[Gladicek]

It look as that trolls wanted to show us, that they know how to use sql inject...xDDD

[jurchiks]

I don't like the fact that you're REQUIRING lower+upper+digits in the password. Requesting changing it is OK, but don't require specific characters, only suggest them. This is the single most annoying thing in all registration forms that require a password.

[muneeb302]

oday our forum was attacked by a turkish team of hackers and they vandalized our forum index page, recently we have been fighting against DDoS attacks to both our webserver and svn box, eventually they managed to do more damage like this, so much hate, but anyways lets man it up and keep going, we are going to take new measures to prevent more damage hard