What happened to the forums?

[CalculusWarrior]

It's nice to see everything back up and running!!!! ...and not in the middle of being hacked...

Hold on... at the top of the post box... could it be... BUTTONS!!!They're back!'

now all we need is spoiler tags...

I missed you dearly, my sweet buttons! Now I can actually reply without having to click through to a whole new page!

[loknar]

I missed you dearly, my sweet buttons! Now I can actually reply without having to click through to a whole new page!

And reply with quote works again (for me it didn't for a long time).

[DisarmingBaton5]

Do they realize who they were messing with? You can bomb them from orbit!!

Provided you make it in orbit of course.

Pfft. Struts+the color orange=Orbit.

[maackey]

The hack was through the forum software I believe (vBulletin). It happened to Xenonauts as well (guess which forum software they use!) It was religious propaganda, spreading information about Muslim religion and the like. Really counterproductive if you ask me...

Edited September 24, 2013 by maackey

[Apollo13]

I can't guess what a "hacktivist" group could have against this forum. Anyways, I'm glad it's all solved happily

Well, you know Syrians from Security Lions Hackers, specifically Security Dragon...they just don't like the freedoms that all Kerbals enjoy.

[Virtualgenius]

Alot of the posts which had links to other posts no longer work is this a feature or a bug also i had some saved shortcuts which no longer work and trying to find those posts is a nightmare

[Lazro]

Boyo. They didn't know who they were messing with, because as fanatical they are about war, we're as fanatical about KSP! Love how this seems to have rolled off our backs.

[Geschosskopf]

We're terribly sorry for the inconvenience, but also happy to report no data was compromised whatsoever.

Thanks for all the hard work.

[Simplicity]

Alot of the posts which had links to other posts no longer work is this a feature or a bug also i had some saved shortcuts which no longer work and trying to find those posts is a nightmare

yea me too, I had been saving all my notifications so I could just click on them and continue, but all I get clicking on them now is a "file not found" - this could be a nightmare waiting to happen for a lot of people methinks..

[Specialist290]

For those who are trying to access old links: Change the "showthread.php/" bit of the URL to "threads/". The link should work as normal.

[Simplicity]

For those who are trying to access old links: Change the "showthread.php/" bit of the URL to "threads/". The link should work as normal.

Yup, many thanks, that works perfectly, did a copy and paste in all the old links in my email program and it loaded all the pages

[Jean Deaux]

I'd wager those Hacktivists are based in China, I had so many illegal attempts on my website from that country I literally blocked the entire country from accessing. Anyways, glad to see you guys back up and running.

[Virtualgenius]

Legend absolute legend Thankyou so much

[AlamoVampire]

I'm curious what makes you so curious.

and I am curious as to why YOU are curious as to what makes HIM so curious.

to the OP, its been said already: but, squad moved the forums to new servers, I am thrilled they are back too!

[pxi]

Really in an age of proxies, TOR and whatnot, it's nigh-on impossible to say where someone is based on the IP address alone.

I had a popup asking for my authorization shortly after the forums came back up, I assume this is what we're talking about?

Anyone that uses the same username/password combinations on other sites might want to change their passwords if they happened to fill in that form.

Oh, and congrats on getting the forums back up btw, was much missed in these parts.

Edited September 24, 2013 by pxi
Posting at 5.30am is not conducive to sense-making.

[Sapphire]

I am completely baffled by why any 'hacktivists' would want to screw around with KSP's forums...

Maybe they're upset with our space program's safety records?

[OdinYggd]

I had a popup asking for my authorization shortly after the forums came back up, I assume this is what we're talking about?

Anyone that uses the same username/password combinations on other sites might want to change their passwords if they happened to fill in that form.

I was asked my username and password right after I've seen the server message that it got hacked, so I haven't entered anything. o_o

The login box that appeared after the hacked pages were removed was SQUAD's doing. At that point N3X15 and the rest of the tech team put the entire forum behind a stand alone login system so that they could work on it without exposing anyone else to the malware carried by the defaced site.

Although it would be a good idea to do a full antimalware scan if you saw the defaced site especially if you clicked links on it. Subsequent analysis of the hacked version showed that it was packed with malware.

Changing your passwords probably wouldn't hurt, but if you had only put them into the authentication box that appeared after the defaced site dissappeared you should be okay. By that point the relevant admins were on top of things and had already begun repairs.

[Virtualgenius]

I think everyone is interested in the extended time it took to migrate things as some of us do that stuff for a living and are interested in the nitty gritty details

[Whackjob]

I was F5'ing quite a bit, and never saw the hacked site. In retrospect, I'm glad.

/was at work at the time

[Mick2]

I would just like to take this opportunity to Thank Squad for their efforts.

They have told us that the problem was caused by external entities. They have told us the action they took (if a little sparse on detail for some) upon realising the problem existed.

I think they have done quite a professional job with resolving the issue.

I will admit that I was at a loss at to why the forums were not up during the issue, but that fact in itself eluded to problems and all I need do is wait for a resolution to be implemented.

I can understand that people have questions like Why? and How was it fixed ? or possibly even How can this be avoided in the future ?

I think that hackers motivations will be lost on most of us and really I don't think it matters who (as that will never really be know unless some admits to it) or even why they did it. In some cases simply discussing the motives may only end in the result they wanted.(propagation of propaganda)

For those after a more detailed after action report on the hack or server migration (from a professional standpoint) may be appeased by such a report in the Dev Blog Entries on the right side of the main forum. (I have seen mention in there of web server work in the past)

Once again Squad, Thank You for your diligent work and I am sure if it is pertinent to us you will detail what you can without compromising security when it is appropriate.

Rest easy for now team, you've done a good job.

[Comrade Jenkens]

I did a spyware and antivirus scan and nothing came up after i'd been on the hacked site. I didn't click on any of the links on it though.

The Syrians are probrably trying to get better rockets.

[The14th]

I'm so glad the forum's back!

Well done for all the hard work.

I've only had the game for a few weeks and I hadn't realised how much visiting the forum had become part of my daily routine.

[Mishkin_007]

The login box that appeared after the hacked pages were removed was SQUAD's doing. At that point N3X15 and the rest of the tech team put the entire forum behind a stand alone login system so that they could work on it without exposing anyone else to the malware carried by the defaced site.

They password protected the directory root of the server because someone else had access most likely.

Edited September 24, 2013 by Mishkin_007

[KasperVld]

They never had access to the root of the server. Please stop spreading rumours and stick to the facts that are provided.

[MalfunctionM1Ke]

They never had access to the root of the server. Please stop spreading rumours and stick to the facts that are provided.

Kasper, you guys should write that down in the KSP weekly so this statement will be seen and not drown in the forum again.