Bay 12 Games Forum

Please login or register.

Login with username, password and session length
Advanced search  
Pages: [1] 2

Author Topic: Wiki Downtime Postmortem  (Read 32527 times)

Locriani

  • Bay Watcher
  • Locriani == Briess
    • View Profile
    • dwarf fortress wiki
Wiki Downtime Postmortem
« on: October 17, 2017, 07:03:34 pm »

The primary database server for the wiki was hacked. The server has been completely rebuilt, and there was no evidence that the hackers exfiltrated any data.

The server is now running the latest version of Ubuntu LTS with all patches, and the latest PostgreSQL 9.6 series. (This particular server does not serve any web pages or images). We will be doing a full audit of our entire infrastructure soon (this weekend) using backups to ensure nothing else was breached, but as of this moment, it appears the only breach was on the database server itself.

Out of an abundance of caution, you should reset your dwarf fortress wiki passwords. IF YOU USE THE SAME PASSWORD ON THE WIKI AS ON ANY OTHER SITE ON THE INTERNET, YOU SHOULD GET A PASSWORD MANAGER, AND RESET YOUR PASSWORD IN ALL PLACES.
« Last Edit: March 26, 2018, 11:58:51 am by Locriani »
Logged
I am one of many administrators of the wiki.  Please use my user page (http://dwarffortresswiki.org/index.php/User_talk:Briess) on the wiki to contact me, as I check that more often than these forums.

Fleeting Frames

  • Bay Watcher
  • Spooky cart at distance
    • View Profile
Re: Wiki Downtime Postmortem
« Reply #1 on: October 17, 2017, 08:12:39 pm »

I assume the passwords are now hashed?

Locriani

  • Bay Watcher
  • Locriani == Briess
    • View Profile
    • dwarf fortress wiki
Re: Wiki Downtime Postmortem
« Reply #2 on: October 17, 2017, 08:20:22 pm »

Passwords have always been hashed and salted.
Logged
I am one of many administrators of the wiki.  Please use my user page (http://dwarffortresswiki.org/index.php/User_talk:Briess) on the wiki to contact me, as I check that more often than these forums.

lethosor

  • Bay Watcher
    • View Profile
Re: Wiki Downtime Postmortem
« Reply #3 on: October 18, 2017, 12:48:46 am »

Yeah, that's something MediaWiki (the wiki software) does by default (and most likely forces). From what I gather, the attackers weren't after passwords, but it's still a good idea to change your password(s) after an incident like this in any case.
Logged
DFHack - Dwarf Manipulator (Lua) - DF Wiki talk

There was a typo in the siegers' campfire code. When the fires went out, so did the game.

Doorkeeper

  • Bay Watcher
    • View Profile
Re: Wiki Downtime Postmortem
« Reply #4 on: October 18, 2017, 02:27:51 am »

Thanks for the heads up, changed my passwords just now.
Logged

StarWars1981

  • Bay Watcher
    • View Profile
Re: Wiki Downtime Postmortem
« Reply #5 on: October 19, 2017, 06:21:56 pm »

Out of curiosity, what would anyone be going for on a DwarfFortress wiki of all things? Trying to steal some text the hard way, rather than copying it?

Or was this just a jerk "Imma shut you down" sort of move?
Logged

Brightgalrs

  • Bay Watcher
    • View Profile
Re: Wiki Downtime Postmortem
« Reply #6 on: October 19, 2017, 11:45:24 pm »

I've changed my password.
By the way, is the email system down? I'm getting a "Mailer returned: Unknown error in PHP's mail() function" error when I ask for a confirmation to be sent out. (Just realized I've been using a defunct undergrad address for the last two years)
Logged

lethosor

  • Bay Watcher
    • View Profile
Re: Wiki Downtime Postmortem
« Reply #7 on: October 21, 2017, 04:17:52 pm »

Out of curiosity, what would anyone be going for on a DwarfFortress wiki of all things? Trying to steal some text the hard way, rather than copying it?

Or was this just a jerk "Imma shut you down" sort of move?
Neither:
Based on the profile of the hack, I doubt the wiki was an intended target. They just wanted more servers to run their botnet scripts on.
Logged
DFHack - Dwarf Manipulator (Lua) - DF Wiki talk

There was a typo in the siegers' campfire code. When the fires went out, so did the game.

Locriani

  • Bay Watcher
  • Locriani == Briess
    • View Profile
    • dwarf fortress wiki
Re: Wiki Downtime Postmortem
« Reply #8 on: October 27, 2017, 12:47:45 am »

Yes, the email system is down and I need to fix it.
Logged
I am one of many administrators of the wiki.  Please use my user page (http://dwarffortresswiki.org/index.php/User_talk:Briess) on the wiki to contact me, as I check that more often than these forums.

Paxiecrunchle

  • Bay Watcher
  • I'm just here, because actually I don't know*shrug
    • View Profile
Re: Wiki Downtime Postmortem
« Reply #9 on: October 27, 2017, 01:26:05 am »

Out of curiosity, what would anyone be going for on a DwarfFortress wiki of all things? Trying to steal some text the hard way, rather than copying it?

Or was this just a jerk "Imma shut you down" sort of move?
Neither:
Based on the profile of the hack, I doubt the wiki was an intended target. They just wanted more servers to run their botnet scripts on.

This makes me hate them even more though. Its like one thing when someone mows down a line of people because they hate them or something, but if someone fires a weapon in a crowded place just to test if it fires, not trying to either hit or avoid hitting anyone that hypothetically would disturb me far more, just the sort of antipathy that could be mistaken for malice and still cause destruction and devastation makes my stomach summersault.

Zavvnao

  • Bay Watcher
    • View Profile
Re: Wiki Downtime Postmortem
« Reply #10 on: November 19, 2017, 02:23:16 pm »

The wiki is down again, and has been for the past few days.

I hope the hacker ends up trapped in a shanty town without the internet for the rest of their life. (joking, I am not one to make threats or death wishes online.)
Logged

lethosor

  • Bay Watcher
    • View Profile
Re: Wiki Downtime Postmortem
« Reply #11 on: November 19, 2017, 02:25:25 pm »

The wiki is down again, and has been for the past few days.

I hope the hacker ends up trapped in a shanty town without the internet for the rest of their life. (joking, I am not one to make threats or death wishes online.)
There is no indication, as far as I can tell, that this incident is related. The symptoms described in http://www.bay12forums.com/smf/index.php?topic=167826.0 (from last time) are different.
Logged
DFHack - Dwarf Manipulator (Lua) - DF Wiki talk

There was a typo in the siegers' campfire code. When the fires went out, so did the game.

Immortal-D

  • Bay Watcher
  • [Not_A_Tree]
    • View Profile
Re: Wiki Downtime Postmortem
« Reply #12 on: November 19, 2017, 06:08:22 pm »

The wiki is down again, and has been for the past few days.

I hope the hacker ends up trapped in a shanty town without the internet for the rest of their life. (joking, I am not one to make threats or death wishes online.)
Speak for yourself.  I'm planning my first-ever tavern, and before I started digging I wanted to read up on renting rooms & giving the tavern its' own food/booze supply.  Looks like my meat shields visiting party goers will have to wait.

Vindcara

  • Bay Watcher
    • View Profile
Re: Wiki Downtime Postmortem
« Reply #13 on: November 19, 2017, 06:54:15 pm »

I would just like to remind everyone of how great google is sometimes:

FOR ARCHIVED WIKI:
google the topic you wish to learn about on the wiki
copy the link when you find the right page
enter the link in the google web cache ( http://cachedview.com/ )

(It's even up to date  :D)
Logged

Paxiecrunchle

  • Bay Watcher
  • I'm just here, because actually I don't know*shrug
    • View Profile
Re: Wiki Downtime Postmortem
« Reply #14 on: November 19, 2017, 08:42:57 pm »

I would just like to remind everyone of how great google is sometimes:

FOR ARCHIVED WIKI:
google the topic you wish to learn about on the wiki
copy the link when you find the right page
enter the link in the google web cache ( http://cachedview.com/ )

(It's even up to date  :D)

Thank you soooo much.
Pages: [1] 2