Jump to content

geocacheuk.com


itchy-feet

Recommended Posts

Well, I didn't expect it to stay up for long, but less than 24hrs - that must be a record :laughing:

 

Hopefully, this time they won't have had time to attack any other servers, so I might even keep control of my server for long enough to look at the log files to see how they're getting in, before 1and1 kick me off the server (again) and send more threatening legal messages (again).

Link to comment
Well, I didn't expect it to stay up for long, but less than 24hrs - that must be a record :laughing:

 

Hopefully, this time they won't have had time to attack any other servers, so I might even keep control of my server for long enough to look at the log files to see how they're getting in, before 1and1 kick me off the server (again) and send more threatening legal messages (again).

I hope you manage to find the backdoor that they are using to get into the server every time. Hopefully the logs will give you an idea as to where they are getting in to the system from and how.

Ian

Edited by studlyone
Link to comment

Aha, the threatening legal letter from 1and1 has just arrived (what took them so long?!) :) But this time I've managed to take a backup of the site, including the server logs, so I may be able to work out how the hackers got in. By the looks of things, they're well and truly in (I believe the phrase is that I'm "0wn3d d00d"), as I've found new copies of apache, process hiders (suggesting they've got root privileges - eeep!), various back doors and filesharing sites. Wow, these guys move fast! First signs are that it's the Wiki which might have been the initial hole through which they got in, but if they have root, I don't know how much I can trust the logs! Still, hopefully they'll tell me something...

Link to comment

Aha, the threatening legal letter from 1and1 has just arrived (what took them so long?!) :D But this time I've managed to take a backup of the site, including the server logs, so I may be able to work out how the hackers got in. By the looks of things, they're well and truly in (I believe the phrase is that I'm "0wn3d d00d"), as I've found new copies of apache, process hiders (suggesting they've got root privileges - eeep!), various back doors and filesharing sites. Wow, these guys move fast! First signs are that it's the Wiki which might have been the initial hole through which they got in, but if they have root, I don't know how much I can trust the logs! Still, hopefully they'll tell me something...

 

Best of luck mate , just what you don`t need

 

question ? is trigpointing clear of their influence ?

Link to comment

Worrying news Teasel.

Can you assure us our passwords couldn't be worked out if they do indeed have root access?

 

I understand where Jaz666 is coming from with this BUT, I know there are billions of websites that require passwords. For fun, not important websites (as great as geocacheuk is, I'd class it as this) I suggest a standard password that is completely different to your e-mail, bank account, gas/electric etc etc. At least you won't have Jaz666's concerns here.

 

Best practice says that you should have a different password for each website, but I also know about living in the real world and that you can not possibly remember ever single password for every single personalised website you access.

 

Sorry to hear about the hackers though! :ph34r::rolleyes:

Link to comment

 

question ? is trigpointing clear of their influence ?

 

Yes. The trigpoint site is on a different server at the moment. This server is smaller and wont handle the G:UK side. This is why we have been able to reinstate T:UK and not G:UK.

 

I am sure Ian will sort the problems out :rolleyes::ph34r:

Link to comment

Have we now lost it completely?

No, it's just 1and1 throwing a paddy because I've canceled my server account with them. The domain itself is safely hosted with 123-reg. (Note to anyone who's setting up a website... never, and I mean never host your domain name with the same company who provide your web server. It's a lesson I learned the hard way a long time ago!)

 

As for the passwords, even if they didn't gain root, the level of access the hackers did attain was sufficient for them to get a list of usernames, email addresses, IP addresses and encrypted passwords. I have no evidence either way as to whether anyone did actually locate and download this information, but it would be imprudent to assume that they didn't. The passwords were all encrypted and therefore difficult, but not impossible to obtain. So anyone who used the same password on G:UK / T:UK as they did on a more important site (eg a bank account!) is advised to change the password on the other site(s) immediately. This is particularly important if your password was based on a dictionary word, or if your identity can be guessed from your username or password. The risk is low (eg if you knew that "Teasel" (geocache@teasel.org) had a password of "tuesday", exactly what good would it do you? Other than maybe being able to log onto Geocaching.com using the same details and logging caches in my name!), but even so, we're not dealing with particularly nice people here!

 

On a more positive note, things are looking promising for an early return of G:UK. I've received a very generous offer of hosting from a fellow geocacher. Full details once everything's sorted, but suffice to say that I'm bowled over by this person's generosity!

Link to comment

OK, let's have a go and see what happens...!

 

With massive thanks to the generosity of Jellicacheers and Positive Internet for providing us with a new home, I think the G:UK stats pages are ready to be switched back on again! :unsure: Please be gentle with them! :D

 

There have been quite a few changes to the code, in an attempt to keep the hackers at bay, so it's likely that much will have broken. Please let me know if you come across anything which isn't working... I've not dared switch the forum back on, until I can do a bit more to keep the hackers out, and the site is currently closed to new registrations, until I can get T:UK and G:UK talking to each other properly. But the basic functionality should be there.

 

Sorry it's been so long, and thanks for your patience!

 

Cheers,

Ian

Link to comment
:) hope you had a good holiday.lots of us talk about the web site and how good it is and like others i have sorely missed it,hope you can sort out these hacking techie problems,meanwhile we will all wait patiently untill the day we can crack open a celebratory bottle of champers,jeff=bones1.
Link to comment

Hi Ian,...well done

 

 

One wee glitch which might clear up,..my stats page looks ok, and it shows the recent caches I've found waiting to be rated etc.

 

 

But when I run a search from my home co-ords, it seems to think I'm someone called TEASEL :) none of the caches I've found are shown as found .... same with the owned ... opened up the search by 500 miles and lo and behold I "own" 3 caches...... yours.... and I ve found caches in places I've never been to...

Link to comment

Hi Ian,...well done

 

 

One wee glitch which might clear up,..my stats page looks ok, and it shows the recent caches I've found waiting to be rated etc.

 

 

But when I run a search from my home co-ords, it seems to think I'm someone called TEASEL :) none of the caches I've found are shown as found .... same with the owned ... opened up the search by 500 miles and lo and behold I "own" 3 caches...... yours.... and I ve found caches in places I've never been to...

 

Same here, I'm Teasel too :)

 

Thanks Ian it's great to have the site back :)

Link to comment

Thanks for getting it up and running again Ian.

 

A couple of points -

 

Firstly, I assume the 'caches to be rated' stats will sort themselves out over the next few days, as I am a dozen or so outstanding (about half from mid Feb).

 

Secondly, I think the graphs on the Cacher stats profiles may need looking at. I'm sure I'm not finding caches at the rate of 40,000 a month :) . If I am, it explains why I've been feeling a bit tired recently :)

Link to comment

I'm sure I'm not finding caches at the rate of 40,000 a month :) . If I am, it explains why I've been feeling a bit tired recently :)

 

...and I'm placing 3,000 new caches out a month :)

 

Thank-you very much for all the hard work you have done to get this fabulous web-site back up and running once again - lets hope it never gets hacked again.

 

...ooooh, I have really been missing those red spots... :)

Link to comment

OK, the graphs on the cacher stats pages should now be OK. Could someone who's searches are coming up as Teasel please tell me exactly what they're doing. When I logged in as "The Peak Plodders", I got their finds, not Teasel's, so it looks like the problem isn't affecting everyone in the same way...

 

Thanks,

Ian

Link to comment

OK, the graphs on the cacher stats pages should now be OK. Could someone who's searches are coming up as Teasel please tell me exactly what they're doing. When I logged in as "The Peak Plodders", I got their finds, not Teasel's, so it looks like the problem isn't affecting everyone in the same way...

 

Thanks,

Ian

 

Its doing it for us too...

 

Going from the home page clicking "My Stats" and then clicking on one of my previous searches (one from home) The page which opens has all UK caches in order of date not in order of distance from home. I can adjust this by clicking the distance column header but all the caches found/hidden are by Teasel.

 

PS Great to have the site back!

Link to comment

Thank You! :)

 

GIS map not working... something pointing to the wrong (old) web page address?

 

2008.03.09 09:58:51 v0.99b.

09:58:51 Applet parameter layout = null.

09:58:52 Applet parameter tms = .

09:58:52 Applet parameter pid = gis_xml.php?c=0&gis.xml.

09:58:52 Applet parameter servlet = null.

09:58:52 Applet parameter external = null.

09:58:52 Applet parameter pid = gis_xml.php?c=0&gis.xml.

09:58:52 Applet parameter zoomtooneresult = null.

09:58:52 Applet parameter maxsidsize = null.

09:58:52 Applet parameter encoding = .

09:58:52 Applet parameter target = infoWindow.

09:58:52 Applet parameter prepage = no.

09:58:52 Load Project: http://www.geocacheuk.org/caches/gis_xml.php?c=0&gis.xml.

09:58:52 Parse. CoastLow.

09:58:52 Parse. CoastHigh.

09:58:52 Parse. Relief.

09:58:52 Parse. Motorways.

09:58:52 Parse. Roads.

09:58:52 Parse. Urban Areas.

09:58:52 Parse. Towns - Major.

09:58:52 Parse. Towns - Mid.

09:58:52 Parse. Towns - Small.

09:58:52 Parse. Geocaches.

09:58:52 end parse 10.

09:58:53 Download image. CoastLow.

09:58:54 Download image. Relief.

09:58:55 Download 1107 records. Towns - Major.

09:58:55 WARNING#307. Towns - Major.

 

09:59:28 *** ERROR#308 *** Geocaches. Can't load file http://stats.geocacheuk.com/caches/gis_cac.../gis_caches.zip.

Link to comment

Fantastic to have this back - thanks for your hard work.

 

I think that the problem with searches may only be with saved searches. I was having it but when I set up a new search (with the same criteria) it went.

 

Thanks again

 

Thanks - Working perfectly now using a new search :)

Link to comment

Fantastic to have this back - thanks for your hard work.

 

I think that the problem with searches may only be with saved searches. I was having it but when I set up a new search (with the same criteria) it went.

 

Thanks again

 

Thanks - Working perfectly now using a new search :D

 

:unsure::blink::huh::) Fantastic to have it back. A big thank you to all involved.

Link to comment
OK, the graphs on the cacher stats pages should now be OK. Could someone who's searches are coming up as Teasel please tell me exactly what they're doing. When I logged in as "The Peak Plodders", I got their finds, not Teasel's, so it looks like the problem isn't affecting everyone in the same way...

 

Thanks,

Ian

 

 

Hi Ian,

 

 

Ive logged in as flyfishermanbob .. and ran a new search from my home co-ords.....

 

 

All the nearest caches show up.... but appear as unfounds.... / not mine ..

 

 

i.e if I use the buttons for remove found or remove hidden nothing changes...

 

 

 

the "My Stats" page shows a map of my finds though....

 

 

hope this helps

Link to comment

Hi Ian,

 

Back on the stats problem. My stats page says I have rated all 722 caches I have found, but clicking on my geocacheuk profile shows I have found 738 (which is correct for unique caches - my gc.com figure is higher due to YOSM finds). That gives a difference of 16 (missing) caches, but according to my list, I have only got 13 left to rate. Odd.

 

Is this a teething problem which will sort itself out when it's all bedded down on the new server, or does it need another tweak.

 

Thanks again for all the work you're putting in on this.

Edited by JustAlan
Link to comment

It's really good to have this back up and running again. Great work. :unsure:

 

I would guess that it won't be high on your priorities at the moment, but does the url address for the Cache Rating Icons need changing?

 

HH, with a bit of trial and error, I managed to get mine working. The URL does need changing - its currently stats.geocacheuk.com/mystats..., and I've changed it to www.geocacheuk.org/mystats...

 

Seems to work - check out the code on one of my older caches if it helps!

 

Dave

Link to comment

It's really good to have this back up and running again. Great work. :unsure:

 

I would guess that it won't be high on your priorities at the moment, but does the url address for the Cache Rating Icons need changing?

 

HH, with a bit of trial and error, I managed to get mine working. The URL does need changing - its currently stats.geocacheuk.com/mystats..., and I've changed it to www.geocacheuk.org/mystats...

 

Seems to work - check out the code on one of my older caches if it helps!

 

Dave

That has worked a treat thanks, I'll change the resat of my caches later. Just as a note to anyone else you also need to change the address for the /pics/rating..... as well.

Link to comment

Soooo good to have this back!!!! Thanks for all your efforts. :blink::huh::unsure:

 

Just to feedback some seen "issues"

 

1. Under the search criteria if you select and enter an "after date" and run this, you get an error.

 

2. Seem to be getting some odd results on a search result page in that you select the "remove found" button while does seem to alter the number of total items at the top right of the page (although not the number I would expect), but if does not remove found items in the listings below.

 

Cheers

 

Happy Ferreters

Link to comment

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.
Note: Your post will require moderator approval before it will be visible.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

Loading...
×
×
  • Create New...