[Beds] Forum outage

[Neil Darlow]

Hi,

Some of you have already noticed that attempts to access the Beds LUG forums 
are met with an error. This has transpired following a recent compromise of 
the lug.org.uk server.

A restore of files from a backup, supposedly, preceeding the compromise has 
failed to recover all files and I am trying to convince the administrators 
that the compromise may have occurred earlier than they thought. This could 
entail further searches through earlier backups for the missing files.

In the meantime, we will have to do without forums and if the situation can't 
be resolved soon, I will be looking for volunteers to construct a new web 
site and forums system.

For your interest, the system was compromised through a combination of a 
vulnerable phpBB version and a world-writable PHP application configuration 
file. I won't comment further on how the former should have permitted shell 
access nor why the latter was present.

Regards,
Neil Darlow
-- 
Anti-virus scanned by ClamAV-0.80 - http://www.clamav.net