Jump to content

Home

Mojo, what they have done to you: a short story.


Jake
 Share

Recommended Posts

As you might have noticed, we finally have an active server again as www.mixnmojo.com is working again with a placeholder page [if the site doesn't load for you now, try it tomorrow. DNS is still rolling over]. We do not, however, have any of our files at the moment. The hard drive that Mojo and almost all of LFNetwork resided on (that includes WorldofMI, Scummbar, Samandmax.net and every Mojo hosted site) is in the mail to ZeroXcape to take a look at it.

 

"Why should he need to take a look at it," you ask? Well, it all started last week, on a day not unlike today, on a server not unlike this one...

 

 

One of our hosted sites was running the "YABBse" forum script for their site's web board (Why they weren't using LucasForums is beyond me, of course :)). The problem with this, is that just a couple of weeks ago an exploit was found in YABBse, that when exploited would allow the user to gain root access to the server. Yes, so some Brazilian ankle-biter Googled around for sites running YABBse, found our server, and made himself a home.

 

Fortunately, as far as we know, he wasn't malicious. He wasnt interested in altering any of our sites, or deleting our files. He just wanted free space and thought that he could get it somehow just by getting himself root.

 

This was why the site was up and down for a couple days last week. We were shutting down web services, rebooting and shutting down the server to generally keep him off. That isn't why we're down right now though.

 

It was finally realized that we'd need to reinstall the operating system on our server with a couple of patches to beef up its security to keep him off for good. At this point things started to go wrong.

 

The logical way to reinstall an OS on a server, you'd think, would be to back up all of the files, format the drive, do a completely clean install, and then copy the files back over from the backup drive. That sounds logical, right? That way you have a fresh server, and if things go wrong, you have a clean duplicate of the server from before the changes on the backup drive.

 

Well, the guy who runs our server at the colocation facility had other plans apparently. I don't know exactly what he did, but when he was done with the fixes, the server came back online without significant security fixes, and without a backup drive made. He also told us that in addition to there being no backup, there might be some data loss on the drive, but we're not sure yet. How did this happen? We don't know. Regardless, the hacker got back in within 40 minutes, and we shut the server down again.

 

At this point we've generally decided that it's time to move to a new location entirely. A totally new server at a totally new facility with a totally new admin. That is why the server has been down for days and days, and why the hard drive is on a plane or in a truck somewhere heading back to ZeroXcape.

 

We'll keep you updated on what happens with the files and the new server in this thread, and at www.mixnmojo.com itself.

 

Sorry for the massive delay.

Link to comment
Share on other sites

  • Replies 110
  • Created
  • Last Reply

Top Posters In This Topic

Well, the guy who runs our server at the colocation facility had other plans apparently. I don't know exactly what he did, but when he was done with the fixes, the server came back online without significant security fixes, and without a backup drive made. He also told us that in addition to there being no backup, there might be some data loss on the drive, but we're not sure yet.

 

I would have freaked out. :firemad:

 

Good to see you're still alive, though. Good luck with the transfer.

Link to comment
Share on other sites

I hope there was some compensation involved? I hate the way server companies seem to shun ANY responsibilty for their actions... it must be the only service in the world where people go 'you destroyed all my irreplacable data? oh, well, thanks anyway'. If a hacker did it, it would be a different story, but because we PAY these people they're not accountable... argh!?!

 

And one more thing: Who was the guilty YaBB user? :)

 

~ John

 

[bg edit, posts merged and it doesnt really matter who it was¬]

Link to comment
Share on other sites

plasmaskins.jediknightii.net I think was running YABB. Anyway, it's not like the webmaster wanted anything like this to happen. :(

 

 

So, in the meantime, why not take a walk down memory lane and read these awesome mixnmojo archives, grabbed periodically over the last few years;

 

http://web.archive.org/web/*/http://www.mixnmojo.com

 

Good times, good times... :c3po:

Link to comment
Share on other sites

It was MILegend's copy of YABB that was hacked, but it's in no way their fault. There were other YABBse's running on LFN to my knowledge, and the guy picked us at random.

 

TP, I entirely agree that we should be compensated in some way. I'm not sure but I think this is being looked into. Though the initial trouble was caused by the hacker, blame for the numerous screwups after that definitely lie in the hands of our colocation administrator (who incidentally kept saying "that dang hacker"to everything :)).

 

And yes, agreed that it doesn't matter if we're offline until the end of time, as long as we can come back online in one piece.

Link to comment
Share on other sites

You know good can come from all of this. I registered a year ago, and haven't been back here till now. Downtime might draw people into the forums.

 

Thank god for the forums. That total blackout that Mojo had a year or so ago was horrible.

 

I hope Mojo gets up again soon. I'm hanging out for that interview with Dan Petit!!!!!!!!!

 

Good luck Xero.

Link to comment
Share on other sites

Yeah. I think one thing most of you are missing and one thing the people in charge of LFNetwork aren't saying is that:

 

1) They had to ship a drive out to someone to see if he can recover data since there was no backup made.

2) Recovering data off of a hard drive is black magic.

3) All of their content might be gone or would have to be rebuilt from the various local backups the content authors have.

 

:(

Link to comment
Share on other sites

This is just idiocy at it's best. you know, a big time compnay like microsoft could have it's entire server go down and all it's backups and stuff gone and it still wouldn't matter as much as this does.

 

Well, okay, it probably would.

 

But seriously, Jake, if ZeroXcape can't do anything, what will happen?

Link to comment
Share on other sites

Sorry, I didn't mean to imply that the worst case scenario was that nothing would ever come back online, if we can't recover all the data it will just take a long time to have everything be identical to how it was before the crash, or "back to normal."

Link to comment
Share on other sites

It wasn't the Church of Tim Moos, that's just wistful thinking on your part... There was a brief window in which I managed to log on to the FTP while the site was for the bigger part still down and I deleted the messageboard thoroughly. There still might be some junk in the mySQL left over. I am not proficient with mySQL nor am I quite sure where those tables are stored exactly...

Link to comment
Share on other sites

Originally posted by Kingzjester

It wasn't the Church of Tim Moos, that's just wistful thinking on your part... There was a brief window in which I managed to log on to the FTP while the site was for the bigger part still down and I deleted the messageboard thoroughly. There still might be some junk in the mySQL left over. I am not proficient with mySQL nor am I quite sure where those tables are stored exactly...

 

What was it that it used then? It wasn't like the rest of the message boards.

Link to comment
Share on other sites

Guest
This topic is now closed to further replies.
 Share


×
×
  • Create New...