Hi Magellan,
PhpBB issued a fix for this security hole that the worm exploited back in mid november.
http://www.phpbb.com/phpBB/viewtopic.php?f=14&t=240513
They "strongly, and I mean strongly!" urged all users/customers/host providers to take action on this fix. Canaca uses Ensim (automated type of admin tool for host providers to supply application services such as PhpBB to their customers). So Canaca uses Ensim to apply security patches/fixes when needed to these controlled services.
I'm not sure if it's Ensim or Canaca that "sat" on this until someone finally released a worm to exploit this hole. But phpBB warned all host providers of the hole back on November 18th, and it's really only a 1 line code change to fix.
Canaca could have prevented the worm by applying phpBB's fix to their servers anytime between Nov 18th and Dec 20th. Also once the worm hit, and we realized in under 3 hours what the problem was, it took them 2 days to restore from backup & make the 1 line code change. They said it took this long because they have a LOT of servers to apply it to, and they wanted to do careful testing before hand.
I've made my own backup now of the phpBB/html files offline. Cause I can't trust that I'll have access to Canaca's backup system in the future. I thought if the files got lost, Canaca would simply give me access to the backup if I needed/wanted it. But sounds like they felt they had to turn their entire backup system off during the worm, and that meant they also couldn't restore/give me any of my backed up files while their backup system is turned off.
Login
Register
FAQ
Search
