vb.org Archive
Page 2 of 3 1 2 3
Show 40 post(s) from this thread on one page

vb.org Archive (https://vborg.vbsupport.ru/index.php)
-   Forum and Server Management (https://vborg.vbsupport.ru/forumdisplay.php?f=232)
-   -   Hacked, Again.. (https://vborg.vbsupport.ru/showthread.php?t=278346)

Max Taxable 02-10-2012 05:07 PM
Quote:
Originally Posted by L2Insomnia (Post 2298321)
It may increase performance in some cases I agree but it doesn't do squat for security if the hacker knows anything at all. That's what i am trying to get at :) People should not think "I'll just use CloudFlare and I'll be safe" as that is most likely going to lead to trouble at some point.

I'm not bashing CloudFlare just want to make it clear that using them does not by any means make you safe from getting hacked.
It makes it alot harder. Main reason is, the bad actors are quickly identified and dealt with. People generally have no idea what all CF really does do. But I have seen it in action.

Boofo 02-10-2012 05:11 PM
Well, you're one of the very few lucky ones then. I had more issues with it than non-issues.

Max Taxable 02-10-2012 06:27 PM
Quote:
Originally Posted by Boofo (Post 2298331)
Well, you're one of the very few lucky ones then. I had more issues with it than non-issues.
Yeah, v4 for some reason. There's a CF rep here, surprised he doesn't search up mentions and reply to stuff.

L2Insomnia 02-10-2012 06:43 PM
Quote:
It makes it alot harder. Main reason is, the bad actors are quickly identified and dealt with. People generally have no idea what all CF really does do. But I have seen it in action.
I know cloudflare well and am a paid member as I was curious about it. First ask yourself how these bad actors are identified IP? Cookie? Now how easy are both of those things to get around to even the worst script kiddie wannabe hacker? Extremely easy.
Now lets say it can identify a previously used perl script that was used to attack a previous site in CloudFlares "circle". Changing the script is also very easy. So in all as far as I can see it is a minor annoyance at most to people with bad intentions.

Max Taxable 02-10-2012 07:35 PM
Quote:
Originally Posted by L2Insomnia (Post 2298352)
I know cloudflare well and am a paid member as I was curious about it. First ask yourself how these bad actors are identified IP? Cookie? Now how easy are both of those things to get around to even the worst script kiddie wannabe hacker? Extremely easy.
Now lets say it can identify a previously used perl script that was used to attack a previous site in CloudFlares "circle". Changing the script is also very easy. So in all as far as I can see it is a minor annoyance at most to people with bad intentions.
Bypassing CF to get to my actual hosting. Love to see it.

L2Insomnia 02-11-2012 12:06 AM
Quote:
Originally Posted by Max Taxable (Post 2298374)
Bypassing CF to get to my actual hosting. Love to see it.
There is no bypassing there is just doing. Anyways not going to argue about it. If people want to take the easy way and just pay for CF and assume they are safe than that's their problem.

Max Taxable 02-11-2012 12:24 AM
Quote:
Originally Posted by L2Insomnia (Post 2298428)
There is no bypassing there is just doing. Anyways not going to argue about it. If people want to take the easy way and just pay for CF and assume they are safe than that's their problem.
I don't pay for it, I use the free version. And I don't assume anything.

I've been at this close to 15 years and never been hacked, cracked, defaced, anything. Except of course, DDoS attacks. Became quite expert on those. I used to disable entire botnets just for kicks.

I am not all that sure you understand CF at all.

L2Insomnia 02-11-2012 01:21 AM
There is not much to understand. The idea is great but it really cannot be effective against any attacker who has even a bit of knowledge. I think the idea is great and I hope it becomes what they claim it is now, but as of right now it does not offer much in the way of defense. A well configured server is much more effective.

Max Taxable 02-11-2012 01:33 AM
Quote:
Originally Posted by L2Insomnia (Post 2298444)
There is not much to understand. The idea is great but it really cannot be effective against any attacker who has even a bit of knowledge. I think the idea is great and I hope it becomes what they claim it is now, but as of right now it does not offer much in the way of defense. A well configured server is much more effective.
Multiple layers is key, you are correct. There's no magic bullet.

AGN03 02-11-2012 06:12 AM
Derailed


All times are GMT. The time now is 02:04 PM.
Page 2 of 3 1 2 3
Show 40 post(s) from this thread on one page

Powered by vBulletin® Version 3.8.12 by vBS
Copyright ©2000 - 2025, vBulletin Solutions Inc.

X vBulletin 3.8.12 by vBS Debug Information
  • Page Generation 0.01427 seconds
  • Memory Usage 1,740KB
  • Queries Executed 10 (?)
More Information
Template Usage:
  • (1)ad_footer_end
  • (1)ad_footer_start
  • (1)ad_header_end
  • (1)ad_header_logo
  • (1)ad_navbar_below
  • (7)bbcode_quote_printable
  • (1)footer
  • (1)gobutton
  • (1)header
  • (1)headinclude
  • (6)option
  • (1)pagenav
  • (1)pagenav_curpage
  • (2)pagenav_pagelink
  • (1)post_thanks_navbar_search
  • (1)printthread
  • (10)printthreadbit
  • (1)spacer_close
  • (1)spacer_open 
Phrase Groups Available:
  • global
  • postbit
  • showthread
Included Files:
  • ./printthread.php
  • ./global.php
  • ./includes/init.php
  • ./includes/class_core.php
  • ./includes/config.php
  • ./includes/functions.php
  • ./includes/class_hook.php
  • ./includes/modsystem_functions.php
  • ./includes/class_bbcode_alt.php
  • ./includes/class_bbcode.php
  • ./includes/functions_bigthree.php 
Hooks Called:
  • init_startup
  • init_startup_session_setup_start
  • init_startup_session_setup_complete
  • cache_permissions
  • fetch_threadinfo_query
  • fetch_threadinfo
  • fetch_foruminfo
  • style_fetch
  • cache_templates
  • global_start
  • parse_templates
  • global_setup_complete
  • printthread_start
  • pagenav_page
  • pagenav_complete
  • bbcode_fetch_tags
  • bbcode_create
  • bbcode_parse_start
  • bbcode_parse_complete_precache
  • bbcode_parse_complete
  • printthread_post
  • printthread_complete