We understand the flaws in md5 hashes, however everyone I've personally discussed this with has verified that the vBulletin hashing method is sufficiently secure.

While we haven't restored the files from backup, hourly snapshots were diff'ed and we have ensured that the system is secure. This was a script kiddie script that exploited a vulnerability right after it was announced and before we had an attempt to patch.

If it uses MD5, it must be considered broken. This has nothing to do with vB, it is the algorithm that is at fault.

Good to learn that you verified the system's integrity to be uncompromised (which the check against the backups did). ^

I assume that you did additional checks to verify the confidentiality of the password data?

MD5 is so secure :rolleyes:
http://milw0rm.com/cracker/insert.php

http://www.hashchecker.com/

sure salt adds a minor bit of complexity, but a little computer 'pepper' and it fades away.

these sites are HARDLY an effective way, just an example.
This is especially true if someone had a level of server access at any point.

Of course. As I said before, there is no way that password data was compromised.

While I would like to say thanks, right now I am at the point of throwing my hands in the air. For SOME unknown reason to me, I am at 50% functionality on FT and have been since the FIRST attack (on 13 Nov I believe). I cant search, I cant PM or reply to PMs, I struggle to quote anyone's threads and doing a simple post on this thread so far has taken me 3 tries and 10 minutes. I keep getting redirected to the Internet Explorer page.....IE cannot display this webpage! So I am feeling much less thankful :td:.

My messages sent to FT HELP have gone unanswered :(. I wont even start about how the FT Chat room has been broken for me and others for nearly 2 weeks since the first attack :td:.

I have a trade thread in CC which I cant access/search to bump. It sure is a BUZZ KILL :(

Luckily Twitter has been keeping me mildly amused, but how much longer until FT IT gets these issues under control?????

I am in the camp of feeling relieved that I DIDNT subscribe and PAY money for this. Sorry but for me, its just gone on way TOO long.

We have been working around the clock to combat this ongoing cyber attack. While service has not yet been restored to normal, progress is being made. The site is most dramatically effected by those overseas in Asia, Australia, and NZ.

We once again apologize for the inconvenience.

Thank you for replying and letting us know of the situation ^.

What has made Asia, Australia and NZ be more dramatically effected?

P.S I only got redirected twice before being able to post this post :D.

One part of the cyber attack was mostly coming from that area, I believe. I'm not sure though.

IB-Dick - thank you for responding.

Could you or your colleagues PLEASE help me ? I am STILL getting REDIRECT to Internet explorer issues each time I try to post and I am still LOCKED out of FT Chat and getting that java exception error :(.

This is really starting to drag on (since 13 November for me) and frankly I have just stopped hanging out here on FT daily. All my friends can now get back into CHAT, but I cant :td:.

What is going on?

:(

I guess it is impossible to tell what is happening on your machine, but have you considered a local problem, like a malware infection of your system? Things you might try if you have just a little computer knowledge - or some friend who has:

try to install an alternative browser and see if the problem persists:

www.opera.com
www.firefox.com

Both browsers are "one click" downloads and a second click to install. If these browsers run fine, make sure to do a full malware check of your computer with a good up to date Antivirus product. Kaspersky would be a good choice and runs for free for at least 30 days.

If the problem persists, go to www.sun.com and download the current Java package. Do a re-install.

If the problem still persists, try the following:

www.knoppix.org

At that site, you can download a "Live Linux" DVD image, which needs to be burned to a DVD, of course. Your computer must be able to boot from a DVD. Boot Knoppix, which will take you all the way to a running, graphical desktop with many applications, including Firefox. If this brings back your flyertalk completely, your Windows installation is infected by something. Knoppix includes tools to eradicate Windows malware, but you should only try this with at least mid-level computer knowledge.

The reason I recommend the Live Session DVD/CD approach is that this is the only way to make sure that you boot a clean, infection-free system.

For starters, eveything that colonius has said is right on. I'd first start off by trying a different browser. That can really help diagnose problems.

FT chat is broken for almost everybody, and we're working on getting that sorted out asap.

If you continue to have problems, can you possible paste a traceroute in here? To do this, please follow these instructions:
1.) Got to Start > Run...
2.) Type in "cmd" (no quotes) and hit OK.
3.) On the line, type in "tracert www.flyertalk.com" (no quotes) and hit enter.
4.) Copy the output and paste it in here.

There is a more detailed explaination on running a traceroute here: http://support.verio.com/documents/v...fm?doc_id=3743 but instead of pasting that into notepad, you can just paste it into a reply window.

how would that equate to those of us using a mac? ;)

Since Mac OS is based on BSD Unix, it will have a traceroute utility somewhere. (Windows is the only OS that names it differently). Since I am not intimate with Mac OS: Google is your friend. ;)

Applications>Utilities>Terminal

At the prompt ([yourname]$), type (without quotes) "traceroute www.flyertalk.com" and hit return. It'll look something like this:

thank you ^