Bay 12 Games Forum
Dwarf Fortress => DF Gameplay Questions => DF Wiki Discussion => Topic started by: Locriani on October 17, 2017, 07:03:34 pm
-
The primary database server for the wiki was hacked. The server has been completely rebuilt, and there was no evidence that the hackers exfiltrated any data.
The server is now running the latest version of Ubuntu LTS with all patches, and the latest PostgreSQL 9.6 series. (This particular server does not serve any web pages or images). We will be doing a full audit of our entire infrastructure soon (this weekend) using backups to ensure nothing else was breached, but as of this moment, it appears the only breach was on the database server itself.
Out of an abundance of caution, you should reset your dwarf fortress wiki passwords. IF YOU USE THE SAME PASSWORD ON THE WIKI AS ON ANY OTHER SITE ON THE INTERNET, YOU SHOULD GET A PASSWORD MANAGER, AND RESET YOUR PASSWORD IN ALL PLACES.
-
I assume the passwords are now hashed?
-
Passwords have always been hashed and salted.
-
Yeah, that's something MediaWiki (the wiki software) does by default (and most likely forces). From what I gather, the attackers weren't after passwords, but it's still a good idea to change your password(s) after an incident like this in any case.
-
Thanks for the heads up, changed my passwords just now.
-
Out of curiosity, what would anyone be going for on a DwarfFortress wiki of all things? Trying to steal some text the hard way, rather than copying it?
Or was this just a jerk "Imma shut you down" sort of move?
-
I've changed my password.
By the way, is the email system down? I'm getting a "Mailer returned: Unknown error in PHP's mail() function" error when I ask for a confirmation to be sent out. (Just realized I've been using a defunct undergrad address for the last two years)
-
Out of curiosity, what would anyone be going for on a DwarfFortress wiki of all things? Trying to steal some text the hard way, rather than copying it?
Or was this just a jerk "Imma shut you down" sort of move?
Neither:
Based on the profile of the hack, I doubt the wiki was an intended target. They just wanted more servers to run their botnet scripts on.
-
Yes, the email system is down and I need to fix it.
-
Out of curiosity, what would anyone be going for on a DwarfFortress wiki of all things? Trying to steal some text the hard way, rather than copying it?
Or was this just a jerk "Imma shut you down" sort of move?
Neither:
Based on the profile of the hack, I doubt the wiki was an intended target. They just wanted more servers to run their botnet scripts on.
This makes me hate them even more though. Its like one thing when someone mows down a line of people because they hate them or something, but if someone fires a weapon in a crowded place just to test if it fires, not trying to either hit or avoid hitting anyone that hypothetically would disturb me far more, just the sort of antipathy that could be mistaken for malice and still cause destruction and devastation makes my stomach summersault.
-
The wiki is down again, and has been for the past few days.
I hope the hacker ends up trapped in a shanty town without the internet for the rest of their life. (joking, I am not one to make threats or death wishes online.)
-
The wiki is down again, and has been for the past few days.
I hope the hacker ends up trapped in a shanty town without the internet for the rest of their life. (joking, I am not one to make threats or death wishes online.)
There is no indication, as far as I can tell, that this incident is related. The symptoms described in http://www.bay12forums.com/smf/index.php?topic=167826.0 (from last time) are different.
-
The wiki is down again, and has been for the past few days.
I hope the hacker ends up trapped in a shanty town without the internet for the rest of their life. (joking, I am not one to make threats or death wishes online.)
Speak for yourself. I'm planning my first-ever tavern, and before I started digging I wanted to read up on renting rooms & giving the tavern its' own food/booze supply. Looks like my meat shields visiting party goers will have to wait.
-
I would just like to remind everyone of how great google is sometimes:
FOR ARCHIVED WIKI:
google the topic you wish to learn about on the wiki
copy the link when you find the right page
enter the link in the google web cache ( http://cachedview.com/ )
(It's even up to date :D)
-
I would just like to remind everyone of how great google is sometimes:
FOR ARCHIVED WIKI:
google the topic you wish to learn about on the wiki
copy the link when you find the right page
enter the link in the google web cache ( http://cachedview.com/ )
(It's even up to date :D)
Thank you soooo much.
-
Thanks for working to bring it up. I dont need the wiki that often anymore, but when I do its literally impossible to google up information on what I want.
Obvious thanks to everyone working on it collectively as well.
-
I wouldn't broadcast what your system is running out for all the hackers to hear. After all, the less ANYONE knows about what the system is running (especially since updates often will break compatibility, thus making people less likely to keep updating.)
But then again, couldn't they have cleaned the logs and made it look like they were only after setting up a botnet, and lead people into false security of keeping their passwords.
I always find it funny how much we glorify hackers these days... until it affects us personally.
I'm bored and ended up on the wiki for some reason, seemed like a good reason to randomly say random crap
-
I would just like to remind everyone of how great google is sometimes:
FOR ARCHIVED WIKI:
google the topic you wish to learn about on the wiki
copy the link when you find the right page
enter the link in the google web cache ( http://cachedview.com/ )
(It's even up to date :D)
Thank you soooo much.
there is always https://web.archive.org