Advertisement
If you have a new account but are having problems posting or verifying your account, please email us on hello@boards.ie for help. Thanks :)
Hello all! Please ensure that you are posting a new thread or question in the appropriate forum. The Feedback forum is overwhelmed with questions that are having to be moved elsewhere. If you need help to verify your account contact hello@boards.ie

Boards.ie Attack - What Happened? Please post all questions here.

2456721

Comments

  • Registered Users Posts: 51,342 ✭✭✭✭That_Guy


    Well done lads for keeping everybody informed. Fair play.


  • Moderators, Entertainment Moderators Posts: 17,978 Mod ✭✭✭✭ixoy


    I atually got the Metro Herald today 'coz I saw the boards story on the front cover - welcome back!

    Question though: Are you worried this will affect the site's perceived worth? Or that it might make advertisers wary?


  • Registered Users Posts: 26,061 ✭✭✭✭Terry


    Wait. I know what happened.
    This was all planned in the name of free publicity.

    Ooh, you're a crafty one, Darragh.


  • Closed Accounts Posts: 10,910 ✭✭✭✭RoundyMooney


    Fair play for the transparency, guys. Pats on the back all round for the hard work I'm sure was involved.


  • Registered Users Posts: 46 thejetset


    Thank you and a job well done here! Just one comment, The Last Word is on TodayFM and not Newstalk ;)! But besides that, openness was brilliant a sincere thanks!


  • Advertisement
  • Moderators, Regional East Moderators Posts: 23,195 Mod ✭✭✭✭GLaDOS


    Thanks to all the staff and good work with getting the passwords sorted so easily

    Cake, and grief counseling, will be available at the conclusion of the test



  • Posts: 5,589 ✭✭✭ Bradley Steep Motorcycle


    godtabh wrote: »
    So whats been done to prevent this from happening again>?

    I'm not worried of it happening again but others might and I think whats happened over the last 36 hours or so may have done alot of damage to boards rep.

    I've been getting emails as far a field as Iceland about this.

    Maybe an announcement on that would be helpful?

    Root password is now

    passwerd2 instead of password1. It will take another ten years of attempts for people to get at this...


  • Registered Users Posts: 11,340 ✭✭✭✭rossie1977


    Terry wrote: »
    Heh. I thought the same after seeing the 6.1 news. It was read as if they were begrudging the site and were happy that it was down. :)

    sharon was probably unhappy after reading some of the comments about her by some board members


  • Closed Accounts Posts: 3,305 ✭✭✭yoshytoshy


    When I seen it on BBC's website ,I thought it's great how far the site has come so far.

    Fair play to all !


  • Registered Users Posts: 17,727 ✭✭✭✭Sherifu


    Welcome back to the web. :)


  • Advertisement
  • Registered Users Posts: 3,135 ✭✭✭fifth


    Just another few days and Ireland would have worked it's way out of the recession!

    Haha, fair play lads. We're all behind you, you handled it well! Good to be back.


  • Closed Accounts Posts: 88,978 ✭✭✭✭mike65


    yoshytoshy wrote: »
    When I seen it on BBC's website ,I thought it's great how far the site has come so far.

    Fair play to all !

    Really, got a linky poo?


  • Registered Users Posts: 1,546 ✭✭✭thebiglad


    Its like an old friend coming home - seems like so much longer than 36 hours.

    Thanks for all your efforts to get back and safe so quick and for keeping us informed.


  • Registered Users Posts: 10,992 ✭✭✭✭partyatmygaff


    Well I know I shouldn't have re-regged but i'm too impatient! :p

    As you can guess, I'm partyatmygaff and to prove it I can get Terry to vouch for me (Well he better vouch for me anyways :D), I sold him an old computer back in june so maybe I could PM him some details that only I would know like the area we met up and some other details only I would know.

    Would that be alright to verify I am the real partyatmygaff? I can't even remember what email address I used for my account :eek:


  • Registered Users Posts: 21,264 ✭✭✭✭Hobbes


    Root password is now

    passwerd2 instead of password1.

    Thought it would be hunter2.

    Nice breakdown Dev and well thought out. Very CSI. :)

    Glad your all back.


  • Moderators, Technology & Internet Moderators, Regional South East Moderators Posts: 28,441 Mod ✭✭✭✭Cabaal


    Well done lads, you handled it as best as you could.

    Not ideal but this type of ****e happens....hell even to Microsoft :p


  • Closed Accounts Posts: 3,305 ✭✭✭yoshytoshy




  • Registered Users Posts: 18,503 ✭✭✭✭Also Starring LeVar Burton


    Well done to all the staff who got the site back up on running... It's obvious by the sheer amount of people who are back posting within a half hour of the site being back up, how many people were dying for a boards fix...


  • Registered Users Posts: 40,055 ✭✭✭✭Sparks


    funkyflea wrote: »
    Just another few days and Ireland would have worked it's way out of the recession!
    Damn, I hadn't heard the "Brian Cowen made them take boards.ie down" theory yet :D


  • Registered Users Posts: 661 ✭✭✭fend


    Well done! All those fire drills paid off I bet :P
    Good to see you guys back in action!


  • Advertisement
  • Registered Users Posts: 26,061 ✭✭✭✭Terry


    Well I know I shouldn't have re-regged but i'm too impatient! :p

    As you can guess, I'm partyatmygaff and to prove it I can get Terry to vouch for me (Well he better vouch for me anyways :D), I sold him an old computer back in june so maybe I could PM him some details that only I would know like the area we met up and some other details only I would know.

    Would that be alright to verify I am the real partyatmygaff? I can't even remember what email address I used for my account :eek:
    I'm not verifying anything. That computer sucked.

    Seriously though, if that will work for the Admins, then I'll vouch for you. I'm fairly sure I still have the PMs exchanged between us on that sale, so they should be able to get info from the IP addresses.


  • Subscribers Posts: 16,550 ✭✭✭✭copacetic


    DeVore wrote: »
    • 11:22 – Administrative account compromised

    • 11:22 -> 11:34 – Administrative account used to insert malicious code into our software

    • 11:34 – User table dumped to public directory and downloaded

    • 11:36 – Unauthorized access spotted by technical team

    • 11:37 – Unauthorized files quarantined

    • 11:38 -> 11:50 – Investigating nature of access

    • 11:50 – Web servers shut down, shifted to maintenance mode to prevent further access

    • 12 noon – Team met to discuss our responses; as part of that we contacted IT Security specialist Brian Honan and communications specialist Damien Mulley. We took the following actions as our process specified and taking expert advice on board also.

    • Extended investigation of breach, it's cause, and planning of solution.

    • Initiated communications with the Garda Computer Crime Unit

    • Contacted the Data Protection Commissioner to make them aware of events.

    • Composed a Press Release and released it to relevant media.

    • Contacted the Press Office of RTE.ie to organise/facilitate 6.1 News report to broaden the reach of our notice.

    • Composed email to members and message for homepage to ensure facts were communicated clearly and openly

    • 16:00 Published homepage message and started sending approximately 300,000 emails.

    • Communicated with members via twitter and emailed queries

    • Responded to media queries including RTE news, The Last Word on Newstalk, KCLR FM, Techcentral.ie, Sunday Business Post, Irish Daily Mail, Metro Herald.

    • Communicated to member queries via Twitter and Email throughout the evening and all of today.

    Firstly, well done to all for getting boards back up and running. I understand that passwords being compromised is unlikely, and the request to change is a safety measure.

    However, was there consideration to warning people to change them a bit earlier in the day yesterday? If at 11.34 the files were compromised should we have put a short message that there was a security breach and people should change their passwords up? Rather than wait until 4pm to do it?

    I realise that a lot of sites might not even have done that, but if you assume there was a chance peoples passwords and email addresses were compromised then 4.5 hours is a fair bit of time.

    Although presumably compromising md5 and salted passwords even if possible would take a while, is this why we waited?

    i.e we didn't believe they could possibly be broken and even if they could, not in that timeframe?


    (Also, my stepping down as mod a couple of hours before it all went funny is purely a coincidence; honest, guv! )


  • Registered Users Posts: 2,029 ✭✭✭Extrasupervery


    Well done guys, you handled the whole thing amazingly. Props! Keeping us all up to date and everything....and responding to emails and Tweets. You're all heroes. Really.

    Have a FAB weekend :D


  • Closed Accounts Posts: 14,144 ✭✭✭✭Cicero


    Well done everyone......I had great craic on twitter also.....:)


    129086569212745066.jpg


  • Closed Accounts Posts: 27,944 ✭✭✭✭ Gatlin Bewildered Bat


    I followed the boards Twitter account for a good while yesterday and today and I really have to commend Darragh and Dav's upbeat attitude throughout. Bravo etc.


  • Closed Accounts Posts: 36,634 ✭✭✭✭Ruu_Old


    Good job on getting everything up and running again, chums. I really appreciate the communication to the boards.ie populace. Again, sterling work. It all happened very fast.


  • Registered Users Posts: 10,992 ✭✭✭✭partyatmygaff


    Terry wrote: »
    I'm not verifying anything. That computer sucked.
    A scam is a scam A deal is a deal :P

    Seriously though, if that will work for the Admins, then I'll vouch for you. I'm fairly sure I still have the PMs exchanged between us on that sale, so they should be able to get info from the IP addresses.
    Thanks man, I sent you a pm with a few more details.


  • Closed Accounts Posts: 74 ✭✭Algernon


    I can't access my other (main, 5,000+ posts) username as I signed up using an email address for which I can't remember the password.


  • Registered Users Posts: 404 ✭✭seanwhite20


    great to have boards back :) thanks for all your hard work and for the updates on the situation


  • Advertisement
  • Closed Accounts Posts: 7,645 ✭✭✭Daemos


    Hi DeV, what do you think the ETA for adverts.ie will be, roughly?


Advertisement