Page 3 of 7

Re: E-sangha news

Posted: Thu Nov 05, 2009 10:27 pm
by LauraJ
Oye, there was such an enormous amount of information compiled there. I'm still hoping it can be retrieved...

:anjali:

Re: E-sangha news

Posted: Sat Nov 07, 2009 6:27 am
by christopher:::
David N. Snyder wrote:
poto wrote: I'll try to break it down for peeps that aren't familiar with how this works. Some hosting companies provide daily backups as part of their service. What that means is the server your website is hosted on (in this case E-Sangha) is backed up once a day. Now, every day at the same time the previous day's backup is overwritten with the current day's backup. The problem here is that once your website is corrupted (or hacked) for more than 24 hours the old backup gets automatically overwritten with the fresh corrupted backup.
We have that solved by doing the following back-up process:

We have the hosting company back it up for us (about once a month) and then they send us an e-mail with an attachment with the entire data base. Then we download it to the pc. That way, even if the site got hacked and the hosting server got hacked, the data base is still on the pc, which the hackers could only get to by literally breaking into my house, which virtually no hacker would go to the trouble to do.

:jedi:
Might it even be wise to keep at least 2 versions for 2 different months, with one on an external HD as backup for the backup? I'm really surprised E-sangha's host didn't do that.
retrofuturist wrote:Greetings heybai,
heybai wrote:Hmmm. I get that this forum's administrators and moderators don't want Dhamma Wheel to be drawn into intra- or inter-communal squabbles, but Christopher's message does pertain to problems related to communication, doesn't it?
Yes it does... and that why we left it there, despite Chris:::'s question on whether it ought to be deleted.

Metta,
Retro. :)
:bow: :juggling: :thanks: :spy: :bow:
poto wrote:
Glad to hear.

Although, once your websites grow larger you may need a more robust backup solution. It simply isn't possible to e-mail and download a ton of data on a regular basis. Even if you have a fast connection, downloading +100GB backups regularly really isn't feasible. If you're only dealing with text and images, you should be good for a while, but if you start getting into video or any user generated content with a large user base, it adds up quickly.
Good points. I wonder how large E-sangha's data was? It probably reached a size where Leo couldn't store it very easily on his own, for the reasons you've stated.

In this case, unfortunately, size becomes a hindrance.

:computerproblem:

Re: E-sangha news

Posted: Sat Nov 07, 2009 6:32 am
by Paññāsikhara
christopher::: wrote: Might it even be wise to keep at least 2 versions for 2 different months, with one on an external HD as backup for the backup? I'm really surprised E-sangha's host didn't do that.
They basically did. Then the host copied over the backup with a corrupt version. So my reliable sources say.

Re: E-sangha news

Posted: Wed Nov 18, 2009 7:38 pm
by DNS
E-sangha is still down. Their sister site, Buddhist Community appears to be down too? I get a warning message not to enter and then this message:
Safe Browsing
Diagnostic page for buddhist-community.com

What is the current listing status for buddhist-community.com?

Site is listed as suspicious - visiting this web site may harm your computer.

Part of this site was listed for suspicious activity 1 time(s) over the past 90 days.

What happened when Google visited this site?

Of the 46 pages we tested on the site over the past 90 days, 3 page(s) resulted in malicious software being downloaded and installed without user consent. The last time Google visited this site was on 2009-11-18, and the last time suspicious content was found on this site was on 2009-11-18.

Malicious software includes 4 scripting exploit(s).

Malicious software is hosted on 2 domain(s), including mobydickrock.ru/, vanilla-resort.jp/.

1 domain(s) appear to be functioning as intermediaries for distributing malware to visitors of this site, including mobydickrock.ru/.

This site was hosted on 1 network(s) including AS25653 (FORTRESSITX).

Has this site acted as an intermediary resulting in further distribution of malware?

Over the past 90 days, buddhist-community.com did not appear to function as an intermediary for the infection of any sites.

Has this site hosted malware?

No, this site has not hosted malicious software over the past 90 days.

How did this happen?

In some cases, third parties can add malicious code to legitimate sites, which would cause us to show the warning message.

Next steps:

* Return to the previous page.
* If you are the owner of this web site, you can request a review of your site using Google Webmaster Tools. More information about the review process is available in Google's Webmaster Help Center.
But I have been still getting a few e-mails from the site telling me I have received a message from someone. Are any of you getting into that site? Is anyone else also not getting in?

Perhaps it is just as well, with Dhamma Wheel, Dharma Wheel, and facebook, I'm probably online too much anyway. :tongue:

Re: E-sangha news

Posted: Wed Nov 18, 2009 8:41 pm
by poto
David N. Snyder wrote:E-sangha is still down. Their sister site, Buddhist Community appears to be down too? I get a warning message not to enter and then this message:
Safe Browsing
Diagnostic page for buddhist-community.com

What is the current listing status for buddhist-community.com?

Site is listed as suspicious - visiting this web site may harm your computer.

Part of this site was listed for suspicious activity 1 time(s) over the past 90 days.

What happened when Google visited this site?

Of the 46 pages we tested on the site over the past 90 days, 3 page(s) resulted in malicious software being downloaded and installed without user consent. The last time Google visited this site was on 2009-11-18, and the last time suspicious content was found on this site was on 2009-11-18.

Malicious software includes 4 scripting exploit(s).

Malicious software is hosted on 2 domain(s), including mobydickrock.ru/, vanilla-resort.jp/.

1 domain(s) appear to be functioning as intermediaries for distributing malware to visitors of this site, including mobydickrock.ru/.

This site was hosted on 1 network(s) including AS25653 (FORTRESSITX).

Has this site acted as an intermediary resulting in further distribution of malware?

Over the past 90 days, buddhist-community.com did not appear to function as an intermediary for the infection of any sites.

Has this site hosted malware?

No, this site has not hosted malicious software over the past 90 days.

How did this happen?

In some cases, third parties can add malicious code to legitimate sites, which would cause us to show the warning message.

Next steps:

* Return to the previous page.
* If you are the owner of this web site, you can request a review of your site using Google Webmaster Tools. More information about the review process is available in Google's Webmaster Help Center.
But I have been still getting a few e-mails from the site telling me I have received a message from someone. Are any of you getting into that site? Is anyone else also not getting in?

Perhaps it is just as well, with Dhamma Wheel, Dharma Wheel, and facebook, I'm probably online too much anyway. :tongue:
Looks like they still haven't fixed the hack.

I wouldn't recommend trying to login while the hack is still present. However, if you really need to get in there, you could setup a virtual machine on your computer, or run linux off of a live disk. That way if your virtual machine gets infected with malware, it won't be able to infect your main OS.

Also, there is the NoScript addon for Firefox, that will allow you to block certain malicious code and scripts. Though, a virtual machine would be safer.

Re: E-sangha news

Posted: Thu Nov 19, 2009 7:37 am
by dharmagoat
Hello David,

Recently I found that I was unable to log into BuddhistCommunity using FireFox because of the warning that you describe. I am now successfully logging in using Internet Explorer with no signs of malware... yet.

Re: E-sangha news

Posted: Thu Nov 19, 2009 8:36 am
by Annapurna
I think they should start again from the scratch as soon as possible.

Re: E-sangha news

Posted: Thu Nov 19, 2009 1:25 pm
by meindzai
Annabel wrote:I think they should start again from the scratch as soon as possible.
I was thinking the same thing. I understand why we don't have the forum but I don't undertand why we don't have a forum. I suppose the biggest problem there is that the user database will have to be built from scratch.

-M

Re: E-sangha news

Posted: Thu Nov 19, 2009 2:10 pm
by Annapurna
the user database?

Re: E-sangha news

Posted: Thu Nov 19, 2009 10:21 pm
by meindzai
Meaning we'd probably all have to re-register, and we would no posts associated with our names. And there are a great deal of moderators with different permissions to different parts of the forum. And people might not register with the same names as before, so if there was a restore, it'd be hard to know who was who. There's also the banned users and IPs. Gives me a headache to think about it!

-M

Re: E-sangha news

Posted: Thu Nov 19, 2009 11:19 pm
by christopher:::
meindzai wrote:Meaning we'd probably all have to re-register, and we would no posts associated with our names. And there are a great deal of moderators with different permissions to different parts of the forum. And people might not register with the same names as before, so if there was a restore, it'd be hard to know who was who. There's also the banned users and IPs. Gives me a headache to think about it!

-M
It's only a headache if one feels compelled to recreate the past, perfectly...

Re: E-sangha news

Posted: Thu Nov 19, 2009 11:56 pm
by tiltbillings
christopher::: wrote:
meindzai wrote:Meaning we'd probably all have to re-register, and we would no posts associated with our names. And there are a great deal of moderators with different permissions to different parts of the forum. And people might not register with the same names as before, so if there was a restore, it'd be hard to know who was who. There's also the banned users and IPs. Gives me a headache to think about it!

-M
It's only a headache if one feels compelled to recreate the past, perfectly...
It is silly not to restart the forum, if needs be from scratch. A new beginning and maybe a chance to undo some of the very serious mistakes of the past.

Re: E-sangha news

Posted: Fri Nov 20, 2009 2:21 am
by Paññāsikhara
From what I've heard, the membership database is still fine and intact.
It was only the posts database that has the problem.

Maybe I'll try to get in contact with Leo today, and Todd too, and see what's up.

:)

Re: E-sangha news

Posted: Fri Nov 20, 2009 3:21 am
by Karunika
They are still working on the problem, which also involves the web host.

Re: E-sangha news

Posted: Wed Nov 25, 2009 9:53 am
by Su Dongpo
dharmagoat wrote:Hello David,

Recently I found that I was unable to log into BuddhistCommunity using FireFox because of the warning that you describe. I am now successfully logging in using Internet Explorer with no signs of malware... yet.
I just alerted my buddy Goat to a related concern, so this is a general announcement for anyone else attempting to use the Buddhist-Community site. It has almost certainly been hacked, perhaps by the same person(s) who've messed up e-sangha, or perhaps through a malware spread from e-sangha to B-C. Either way, if you get the warning I just got while using FireFox to check in on Buddhist-Community -- the same, or similar, to that quoted above warning of malicious downloads, etc. -- I highly recommend you do NOT attempt to gain entry to the site with IE. IE is notorious for its vulnerability to malware. Remember, most hackers are aiming at Microsoft products, or at least that is the word I have gotten from my techie friends. If you think you MUST visit a site you know has problems, a Linux OS is probably the safest route.

I am not saying you will automatically foul up your OS if you visit Buddhist-Community, but until the kinks get worked out and security is restored, I believe it is better to stay away and not to try to circumvent security warnings with alternate browsers. If you do, you're asking for trouble, and we all know what happens when you go asking for trouble....

Stay safe and be well.
heybai

And now for the real reason I came here: :popcorn: :alien: :stirthepot: :juggling: :group: :toast: :jedi: :rofl: :soap: :cry: :heart: :hug: :buddha2: :anjali: :toilet: :rules: :yingyang: :computerproblem: :oops: :coffee: :guns: :clap: :soap: :popcorn: :buddha1:

cheerios --
:anjali: