You may have heard about the new <a href="http://news.bbc.co.uk/1/hi/technology/4 ... stm">phpbb worm</a> that's making the rounds. (Here's a more <a href="http://isc.sans.org/diary.php?date=2004 ... >technical writeup</a> if you're so inclined). We're running phpbb here on the forums, so there's good news and bad news.
The good news is that we aren't vulnerable to the bug that the worm exploits. The phpbb authors released a fix for that on November 18th, and I applied it the same day. The damage the rest of the 'net is seeing is from people who run phpbb but don't keep things up to date, and there are a <i>lot</i> of those.
The bad news is that that doesn't stop other infected hosts from <i>trying</i> to attack here. We've only had a couple of bad days of that. Yesterday (Dec 30) was one of them; where we usually only see 15-20 guests on the forum, we hit a high of 969 at some point yesterday, and where we usually only see from 600MB to 1GB of bandwidth usage per day, yesterday saw 12GB!
Our web hosting package at <a href="http://www.dreamhost.com/">Dreamhost</a> gives us 192GB/mo transfer so it's not an emergency, but there's still going to be an impact on the site's performance from that traffic, so I'm going to be seeing what I can do to reduce the impact. While I try to get things working you might find yourself receiving 403 Forbidden errors while trying to view threads. Those should be temporary.
Happy new year to all!
-Rich