Board4all

[SockPuppet]

The admins of Board4all are not very transparent about the actual reasons.
On the 20th Of October, 2022 they put up an announcement notice. The body of that notice reads:

Quote:

"Unfortunately, last week our server was compromised due to a loophole in the VNC, this was detected by the team quite quickly and the server brought offline. During the offline period we analysed the server files and logs, and later notified the host of this vulnerability so it does not happen to any of their other customers moving forward. We changed all passwords, obtained a new IP address (previously exposed by the MX / TXT domain records), changed access ports and pretty much changed everything that could have been obtained for the short time they had access.

I would like to add that there is nothing on the host vnc logs or server side logs to suggest any data loss but as with anything internet, you cannot guarantee 100% it did or it did not. However, if it has happened then it is a sad day for the team but as with everything, we move on and learn from it. However, what I will add is the actual person responsible spoke to me and informed me of how he got in so that the vunerability could be resolved - this has to be a positive thing and maybe nothing malicious was attempted while he connected and he was merely pointing this out.

Emails
As mentioned above, we previously used our own internal mail servers that sadly required us to expose the actual servers IP address in the domain record. Moving forward we will using a trusted external provider for any forum mailing. However, for a short period you will not receive any emails from the forum while we set this up.

Anyway, it is what it is, nothing we can do about it now since it has already happened.. we learn from it and move on."

You can view that screenshot here: Downtime Announcement Screenshot
I have also attached the screenshot of that notice to this post.

This notice was viewed by nearly all the active members of the forum before it was silently taken down a couple of days later.

So according to the Board4All forum staff, there was a VNC server running on the hosting server which had vulnerabilities. This means that effectively, if anyone exploited that VNC server, they would have remote access to that hosting server!

Everyone thought it strange that the notice was silently taken down and then the staff pretended that everything was fine. After that, the forum went down for another 21 days without any updates from the forum staff.

Subsequently the Board4All staff deleted even their Discord server silently.

All this is known and confirmed by the regular visitors to the Board4All forum.

Anyway it appears to be rather clear that there have been several significant compromises to the forum security, that the forum needed to be offline for over 21 days.

Prior to the 21 days, the forum was also offline TWICE or a week each time the month prior, for which the forum staff cited DDos attacks as the reason.
That screenshot can be viewed here: Board4All DDos Attacks
I have also attached that screenshot as well to this post.

[BasePointer]

Quote:

Originally Posted by SockPuppet

So according to the Board4All forum staff, there was a VNC server running on the hosting server which had vulnerabilities. This means that effectively, if anyone exploited that VNC server, they would have remote access to that hosting server!

I hope that this is not correct. If so, that means they have whole database. And In this case let's hope it is fully encrypted.

[SockPuppet]

Quote:

Originally Posted by BasePointer

I hope that this is not correct. If so, that means they have whole database. And In this case let's hope it is fully encrypted.

One thing is clear so far. The Board4All staff have admitted that they do have some serious security crisis that they are dealing with, taking them weeks to sort out, and needing them to restore the forum from a 2 month old database every time they bring the site up...

See my post here with the screenshots. The Board4All admins did admit to a vunerable VNC server running on their hosting server...

Quote:

Originally Posted by uwutdafuk

They should atleast give some sort of update, silently deleting discord and keeping forum down for soo long is not a good look for them.

Silently deleting their Discord server without any explanation whatsoever is indeed making them look mighty fishy and I agree, not making their words even remotely believable!
Deleting the Discord server was totally unneeded!

[JMP-JECXZ]

Quote:

Originally Posted by SockPuppet

Silently deleting their Discord server without any explanation whatsoever is indeed making them look mighty fishy and I agree, not making their words even remotely believable!
Deleting the Discord server was totally unneeded!

both are a fraud and reversing clowns, tira and b4a.

[SockPuppet]

Board4All up again since the past 4 hours. Log off completely, clear your cookies, cache and log in again if needed with a different IP address from a VPN.

Some VPN IP addresses seem to be getting us the same offline message. Cache from cloudflare maybe?