Jump to content

You're browsing the 2004-2023 VATSIM Forums archive. All content is preserved in a read-only fashion.
For the latest forum posts, please visit https://forum.vatsim.net.

Need to find something? Use the Google search below.

VATUSA Website


Andrew Podner 994055
 Share

Recommended Posts

Andrew Podner 994055
Posted
Posted

Hello All,

 

Magically, the VATUSA website has been shut down within the last 30 minutes. Why this happened when there is not an account issue is anyone's guess. We are working quickly to get the issue resolved, and find out who or what caused the issue to begin with.

 

I will post details as to the status of this issue regularly in this thread.

 

Thanks

Andrew Podner

Division Director

VATUSA

Link to comment
Share on other sites

Andrew Podner 994055
Posted
Posted

According to the webhost:

 

"It appears a phishing site has been placed into your site files."

 

So we know that the reason the site is down is malicious. We are continuing to work toward resolution. More to follow

Andrew Podner

Division Director

VATUSA

Link to comment
Share on other sites

Colin Zhang 1103737
Posted
Posted

Could this be linked to this problem on the QualityWings site?

viewtopic.php?f=6&t=40538

 

speculation on that thread says widespread attack either together with or from information gathered from the avsim hack I'm quite skeptical but anything's possible...

VATUSA ZSE Staff Mentor, S3

1798.png

Link to comment
Share on other sites

Andrew Podner 994055
Posted
Posted

No it is not, I have been informed as to the root cause and we are working closely with the webhost to restore services

Andrew Podner

Division Director

VATUSA

Link to comment
Share on other sites

Colin Zhang 1103737
Posted
Posted

Great, nice job with the swift responses and action!

VATUSA ZSE Staff Mentor, S3

1798.png

Link to comment
Share on other sites

Andrew Podner 994055
Posted
Posted

Just an update:

 

We are isolating the potential vulnerabilities in the website that have been in there for quite some time. The site is then going to be backed up and then all installed software will be updated. This means that there is a chance that some or all of the existing site will be in disrepair once we have a restoration of service.

 

I am actually anticipating that the site will be non-functional after restoration of service due to the fact that several of the systems in use are outdated and with the security holes closed, they simply won't work. As such I am concurrently writing a new CSS based portal type site based on a site that I wrote earlier this year. One way or another, VATUSA will have a functioning public website online very soon, and we will perform a damage [Mod - Happy Thoughts]essment to figure out what remains to be repaired.

 

Thank you for your patience

Andrew Podner

Division Director

VATUSA

Link to comment
Share on other sites

Andrew Podner 994055
Posted
Posted

12:30pm CDT update:

 

The backup and update process for all VATUSA related items is complete. There are a couple of other systems not under our control that are being worked out, and that will hopefully not take too long. Once this is complete, we will have a restoration of service and can begin [Mod - Happy Thoughts]essing the damage.

 

Development of a replacement site in the event that our public site in non function is continuing.

 

Contingency plans for post restoration failures of the Cert Center, Staff, Instructor, Forums, and other systems are in process and ongoing.

 

 

Thanks for your continued patience

Andrew Podner

Division Director

VATUSA

Link to comment
Share on other sites

Tyler Walton 1055592
Posted
Posted

Lovely first day on the job for you eh andrew. Grats on the new job btw. Just so you guys know if the new site is what I think it's going to be, it'll rock. We've seen his work out here at ZME and he's done a fantastic job on our website.

 

_________

Tyler Walton (C1)

-Facility Manager vZME

Tyler Walton - (C1)

-vZKC Facility Engineer

Link to comment
Share on other sites

Tyler Walton 1055592
Posted
Posted
According to the webhost:

 

"It appears a phishing site has been placed into your site files."

 

So we know that the reason the site is down is malicious. We are continuing to work toward resolution. More to follow

 

Slight concern here, has any of our p[Mod - Happy Thoughts]words or information been comprimised by the phishing site?

 

____________________

Tyler Walton (C1)

-Facility Manager vZME

Tyler Walton - (C1)

-vZKC Facility Engineer

Link to comment
Share on other sites

Andrew Podner 994055
Posted
Posted

I cannot say with any certainty until service is restored. At this time, we do not have any evidence that database information was compromised.

Andrew Podner

Division Director

VATUSA

Link to comment
Share on other sites

Andrew Podner 994055
Posted
Posted

1:30pm CDT Update:

 

I have regained access to the files on the web server and found a malicious file impersonating a credit card company in an unused directory of the website. It DOES NOT connect to the VATUSA database, and there is no reason at this time to believe that our data has been compromised. Restoration efforts are ongoing.

 

More to Follow

Andrew Podner

Division Director

VATUSA

Link to comment
Share on other sites

Philippe Hewett 1008468
Posted
Posted

The LUA is still going to take place... right?

Link to comment
Share on other sites

Andrew Podner 994055
Posted
Posted

Absolutely, VATSIM network operations for LUA will continue as planned

Andrew Podner

Division Director

VATUSA

Link to comment
Share on other sites

Philippe Hewett 1008468
Posted
Posted
Absolutely, VATSIM network operations for LUA will continue as planned

 

Good to hear, can't wait! To bad I can't access my route anymore though.. oh well.

Link to comment
Share on other sites

Andrew Podner 994055
Posted
Posted

2:30pm CDT update

 

We believe that all problem code has been cleared up. Our web server contained an old Drupal installation that was vulnerable and it was exploited. The hacker placed files impersonating a site that collects personal data and emailed it to him/her. We have isolated and removed both the problem files and the old Drupal installation. We are working with the webhost for them to check it over and clear the server for reactivation

 

Replacement site development and other contingency planning are ongoing.

 

More to follow

Andrew Podner

Division Director

VATUSA

Link to comment
Share on other sites

Philippe Hewett 1008468
Posted
Posted

Any chance the LUA page is back up by 23:00Z? I would need to check my callsign and route...

Link to comment
Share on other sites

Andrew Podner 994055
Posted
Posted

We are doing everything possible to make that happen. I expect that we will know something in an hour or so.

Andrew Podner

Division Director

VATUSA

Link to comment
Share on other sites

Philippe Hewett 1008468
Posted
Posted

Good job, seems back up!!

Link to comment
Share on other sites

Andrew Podner 994055
Posted
Posted

4:00pm Final Update in this Forum

 

Web services are restored, we are [Mod - Happy Thoughts]essing each system individually. Further updates will be posted in the VATUSA.net forums

 

 

Thanks to everyone for your patience and especially to Kyle Ramsey and Dave Klain for their [Mod - Happy Thoughts]istance today.

Andrew Podner

Division Director

VATUSA

Link to comment
Share on other sites

Alex Bailey 969331
Posted
Posted

Those of you who had email addresses with us (CTP staff, etc.), you may have lost those accounts. We will be working to fill those gaps and make sure everything is returned to normal as soon as possible.

Alex Bailey

ZMA I-1

Link to comment
Share on other sites

Harold Rutila 974112
Posted
Posted

You have got to be kidding me... I really hope all that work didn't go to waste.

 

SUSPENDED

Link to comment
Share on other sites

Kyle Steever 810905
Posted
Posted

The situation is being resolved at this time. We'll have things fixed shortly...

vZME Air Traffic Manager

userbar474384ny4.gif

... --- ... ... --- ...

Link to comment
Share on other sites

Ricardo Sosa 979914
Posted
Posted

The website continues to display the "Account Suspended" message, even though I know the website works now. I've cleared my cookies and cache and it still doesn't display. I can only open it if I use a proxy. Any suggestions? I've tried it on both IE and FireFox.

vZTL Events Director

Link to comment
Share on other sites

Ryan Flynn 939022
Posted
Posted

It's probably a DNS problem on your ISP's end. They usually resolve within a few days. In the mean time, try this http://67.220.195.100/~vatusai/www/public.php?mod=phome

 

That's the VATUSA's server IP. I just did a "ping" for it. My host is setup the same way.

 

http://www.ualva.org can be accessed at:

 

http://web48.justhost.com/~ualvaor1/

http://65.60.9.26/~ualvaor1/

Ryan Flynn

Southwest Virtual Airlines

www.swavirtual.com

Link to comment
Share on other sites

Ricardo Sosa 979914
Posted
Posted

That opens the main page. I click on anything on it without getting the "Account Suspended" message again.

 

It's been about a week now. How many is a few days?

 

On the VATUSA forums (got in with a proxy) they suggested a DNS flush. Did that and it worked the first time, by only opening the main page. After clicking on anything, it would go to the same message again. Ran it the second time, and now I'm back to square one. Not even the main page opens. Any other ideas?

vZTL Events Director

Link to comment
Share on other sites

 Share