RPGWatch - We Are Back

Good to see all of you guys and gals again. I've missed you! And thanks for your efforts Myrthos.

Interestingly enough, like Rune, when Watch vanished I was kinda wondering it wasn't DDoSed… Not because of SotA though but because we were nasty to No Man's Sky

damn only 45 days lost

Originally Posted by Myrthos
There is no way to know for sure if we were hacked or not. All the log files are gone.

From what you've told us, it sounds pretty suspicious. I think we have to proceed on the worst assumption. It'd probably be a good idea to put up a notice to inform people, in case they ever exchanged sensitive or financial stuff in PMs. Also we should change passwords.

Glad that RPGWatch is back up and functional.

Welcome back everyone! I missed you all!

Seems the site is on an on-off basis atm, still, better than nothing.

@HiddenX
Do you have entries of the database since July 17th?

Originally Posted by Eye
@HiddenX
Do you have entries of the database since July 17th?

No - I have to enter them again.

The interesting thing is that I just got a spam report from my e-mail provider - containing an e-mail address of mine I have *never* seen used for spam for the very first time now …

I suspect that whoever hacked this server might also have gotten e-mail addresses.

I do wonder now whether we all should change our passwords of RPGWatch again ?

Originally Posted by Ripper
From what you've told us, it sounds pretty suspicious. I think we have to proceed on the worst assumption. It'd probably be a good idea to put up a notice to inform people, in case they ever exchanged sensitive or financial stuff in PMs. Also we should change passwords.

I have once read of a very serious Trojan, which deletes the MBR and something more if the Trojan suspects analysis of the infected PC.

But what REALLY astonishes me is the inability to give the customer - Myrthos - the wanted back-up - and even replace everything with an new OS etc. , thus overriding everything. One could think that this was done to erase any traces of something that happened within the fim itself.
It also reminds me of the NSA and their hacking / "reworking" of routers and of other network devices …

Originally Posted by Caddy
Welcome back!! How can we help? Do you need us to start pulling cached pages to restore content?

This is perhaps a good idea. Or maybe googlecache will work at least to restore articles from Gamescom.

@HiddenX
I have links to some of the pages of the News Comments forum. Maybe that is helpful?:

Page 1, dating 3 sept
http://tinylink.in/6AWIJ

Page 2, dating 22 Aug:
http://tinylink.in/6AWID

Page 3, dating 11 Aug:
http://tinylink.in/6AWI7

As you can see the pages have different dates. So some news is missing…

And the e-mails of Silver might be helpful as well, of course.

Glad to see it back. I was starting to worry that it was gone for good.

Thanks for all your work Myrthos.

Originally Posted by Alrik Fassbauer
I have once read of a very serious Trojan, which deletes the MBR and something more if the Trojan suspects analysis of the infected PC.

But what REALLY astonishes me is the inability to give the customer - Myrthos - the wanted back-up - and even replace everything with an new OS etc. , thus overriding everything. One could think that this was done to erase any traces of something that happened within the fim itself.
It also reminds me of the NSA and their hacking / "reworking" of routers and of other network devices …

I doubt the NSA are after us, but it could be the Russians.

If it was a hack, I very much doubt it was accomplished by Windows trojans. Most likely a vulnerability in Vbulletin, sql injection, etc. The hosting company sounds pretty crap, but the backup situation is probably not their fault. If you run backups from within your webserver, then the passwords to the backup location are available when someone hacks it. They can then destroy your backups too.

I felt lost without this place

Thank you Myrthos for your effort! Glad to see the Watch back up and people contributing.

Great to have RPGWatch back. I start my day here everyday. I watched too much porn the last week because I was so damn bored You guys are getting a donation from me because you don't realize how much you miss something until it is gone.

The sender e-mail address can be spoofed. What you need to look at are the header files of your mail. Depending on the email reader you use, you should check how to you can get to them. They tell you where the email originated from.
You could use a service like this: http://mxtoolbox.com/EmailHeaders.aspx
to make them a bit more readable.

In the meantime the server is absent at times. This is because PHP decides to relax and goes of doing something else. On a manual restart it recovers immediately, automatically it takes about 5 minutes or so. I have to dive into this to figure out why it is doing that.

I will echo the rest and say I am very relieved to see the Watch back up.
Like Hastar said, you don't know how much you miss something until it's gone.

Heh, at first I thought they finally found out how frequently I visit this website at work and decided to block it. But then I found the twitter account (which I didn't know existed) and was somewhat reassured that that wasn't the case.
But look, we're back, so let's try to keep it that way, hm?

Welcome back!!!!!

Another site also went down very recently because of a vbulleting exploit, a big site, don't remember which, so probably that was the culprit.

I check my spam folders and I haven't seen a single RPGWatch email there. For whatever it is worth.

It's not something I do that often, but man spammers and scammers aren't what they used to be. I'm receiving untitled emails from them lol.