vb.org Archive - New 'Security Section' Proposal

vb.org Archive (https://vborg.vbsupport.ru/index.php)

- vBulletin.org Site Feedback (https://vborg.vbsupport.ru/forumdisplay.php?f=7)

- - New 'Security Section' Proposal (https://vborg.vbsupport.ru/showthread.php?t=171853)

Quote:

Originally Posted by nexialys (Post 1457208)

thanks to not mention my name... lol

actually, the goal to have a "Quarantine" place where to put the mods with inserts or security issues is one of the reasons why hacking mods may not be discussed here... when you announce that the hack XYZ have an exploit ABC, that is the way to break all the securities... you just need one moron to ask "hey, i have that hack and that version on my site, what can i do to secure my site"... 30 seconds after that post, someone would exploit his site...

that's why the guys on vb.org are NEVER discussing exploits of any hack here... neither would Jelsoft on vb.com ... so why start a place for the opposite means ?!

Yes and no. I agree we shouldn't discuss what the exploits are and give any script-kiddies any information on exploits, but I think it's OK to discuss how to fix things when they are exploited. That would be valuable information to new Admins that haven't experienced that and for when and if he ever does run into that. Knowledge is never a bad thing.

no need for a specific place to discuss how to fix these exploits... when an exploit is found on vb.org, you receive a notation on email to tell you how to deactivate or replace the hack when something have to be done...

each time we will have a new element to add to the reasons why starting such a service, we will have an existing solution here on vb.org... this was debated already... and i don't know why this thread and the other are running over ...

Not all exploits are found on the org. And security covers more than just exploits, too. Put yourself in the shoes of a new Admin who has just been hit by a hacker or an exploit and not knowing what to do or where to go for help. The com sends you to the org and the org sends you to the com. Where does it all end?

Wanna know what happened to the forum in the first post?
The TEMPLATE got modified... nothing more.

I mean, some idiot got access to the AdminCP and emptied a few templates and wrote "Hacked by n00b".

That's all.

Quote:

Originally Posted by Magnumutz (Post 1457393)

That's is one of the problems that we can discuss on the new section, can you tell us how can be avoided?

Thanx for the mention here guys and yea, we got it again today wholly crap, what'd we do,
oh yea Blackhat.
We will definitely learn from this, and too many user mods can cause probs.

I'm all for a Security Section, I've gotten hacked once with vBulletin, and it defaced my forums a while ago... also a few of my users were hacked recently by the same team.

Well I think this goes well since I can see a change on Nexialys :)

Security Section

I don't think there's a need for a security section. (most problems with security are on the server end and not related to vbulletin software)

iogames, i would drop that page and all the things you copied from my username and avatar please... for your own sakes...

X vBulletin 3.8.12 by vBS Debug Information
Template Usage: (1)ad_footer_end (1)ad_footer_start (1)ad_header_end (1)ad_header_logo (1)ad_navbar_below (2)bbcode_quote_printable (1)footer (1)gobutton (1)header (1)headinclude (6)option (1)pagenav (1)pagenav_curpage (4)pagenav_pagelink (1)post_thanks_navbar_search (1)printthread (10)printthreadbit (1)spacer_close (1)spacer_open Phrase Groups Available: global postbit showthread	Included Files: ./printthread.php ./global.php ./includes/init.php ./includes/class_core.php ./includes/config.php ./includes/functions.php ./includes/class_hook.php ./includes/modsystem_functions.php ./includes/class_bbcode_alt.php ./includes/class_bbcode.php ./includes/functions_bigthree.php Hooks Called: init_startup init_startup_session_setup_start init_startup_session_setup_complete cache_permissions fetch_threadinfo_query fetch_threadinfo fetch_foruminfo style_fetch cache_templates global_start parse_templates global_setup_complete printthread_start pagenav_page pagenav_complete bbcode_fetch_tags bbcode_create bbcode_parse_start bbcode_parse_complete_precache bbcode_parse_complete printthread_post printthread_complete
Messages:

Phrase Groups Available:

X vBulletin 3.8.12 by vBS Debug Information
Page Generation 0.01090 seconds Memory Usage 1,734KB Queries Executed 10 (?)
More Information
Template Usage: (1)ad_footer_end (1)ad_footer_start (1)ad_header_end (1)ad_header_logo (1)ad_navbar_below (2)bbcode_quote_printable (1)footer (1)gobutton (1)header (1)headinclude (6)option (1)pagenav (1)pagenav_curpage (4)pagenav_pagelink (1)post_thanks_navbar_search (1)printthread (10)printthreadbit (1)spacer_close (1)spacer_open Phrase Groups Available: global postbit showthread	Included Files: ./printthread.php ./global.php ./includes/init.php ./includes/class_core.php ./includes/config.php ./includes/functions.php ./includes/class_hook.php ./includes/modsystem_functions.php ./includes/class_bbcode_alt.php ./includes/class_bbcode.php ./includes/functions_bigthree.php Hooks Called: init_startup init_startup_session_setup_start init_startup_session_setup_complete cache_permissions fetch_threadinfo_query fetch_threadinfo fetch_foruminfo style_fetch cache_templates global_start parse_templates global_setup_complete printthread_start pagenav_page pagenav_complete bbcode_fetch_tags bbcode_create bbcode_parse_start bbcode_parse_complete_precache bbcode_parse_complete printthread_post printthread_complete
Messages: