The Mana World is offline [FIXED]
Posted: 30 Dec 2018, 01:04
The legacy game server suffered an attack and we put it offline while we work on fixing security vulnerabilities. Don't worry about data loss: we have snapshots for every hour of the last 180 days so we can do rollbacks if needed.
Please understand that we don't know when the server will be back online.
In the meantime, feel free to join us on IRC: #themanaworld on Freenode
Updates will be posted here
---------------------------------------------------------------------
Please understand that we don't know when the server will be back online.
In the meantime, feel free to join us on IRC: #themanaworld on Freenode
Updates will be posted here
---------------------------------------------------------------------
- 2018-12-29 @ 02:19: attack begins
- 2018-12-29 @ 19:25: a GM account is compromised
- 2018-12-29 @ 19:47: the compromised account starts using GM commands
- 2018-12-29 @ 21:56: attack reported to staff
- 2018-12-29 @ 22:03: server taken offline
- 2018-12-29 @ 22:03: admins are notified
- 2018-12-29 @ 22:07: website and forums taken offline
- 2018-12-29 @ 23:20: requesting backups (encrypted) from Amazon Glacier
- 2018-12-29 @ 23:41: looking through logs
- 2018-12-30 @ 01:02: forums back online, still locked
- 2018-12-30 @ 01:20: auditing source code
- 2018-12-30 @ 01:59: auditing source code, testing locally
- 2018-12-30 @ 02:04: one vulnerability found, discussing about best way to tackle it
- 2018-12-30 @ 02:16: found a second vulnerability, working on a patch
- 2018-12-30 @ 02:44: found a third vulnerability, pondering about rewriting the auth flow entirely
- 2018-12-30 @ 03:55: investigation still ongoing; attack successfully reproduced locally
- 2018-12-30 @ 04:06: digging through logs
- 2018-12-30 @ 04:33: uploading backups
- 2018-12-30 @ 04:39: merging backups with latest data, analyzing side-effects
- 2018-12-30 @ 04:46: data fully restored to snapshot 2018-12-29T00:07+00:00: all data beyond this point is lost
- 2018-12-30 @ 06:10: backporting from upstream, making security patches
- 2018-12-30 @ 09:07: reviewing patches
- 2018-12-30 @ 15:10: making further improvements to the auth flow
- 2018-12-30 @ 15:25: more hardening
- 2018-12-30 @ 18:39: testing done with char server, now on to map server
- 2018-12-30 @ 21:07: testing done with map server
- 2018-12-30 @ 21:22: test server back online, main server still offline
- 2018-12-30 @ 23:29: main server back online