|
New 'Security Section' Proposal
1 Attachment(s)
Wow! a fallen comrade, we may know the causes later, but I Propose a SECURITY SECTION on the board... anyone second the motion?
|
I'm all for it, but them my opinion is not really worth a whole lot these days.
|
there is nothing really needed for hackers discussions, there is a millions sites discussing hacking, and the more we talk about it, the more interest we bring around these guys... that is their goal...
|
Quote:
|
I proposed a SECURITY SECTION, where guidelines for safe management are discussed.
I think is the "It's Not Gonna Happen to Me" mentality |
See? I told you my opinion was worthless. ;)
|
Quote:
Quote:
|
You totally lost me on that one. What does that sad and unfortunate event have to do with a hacking discussion forum?
|
Quote:
I think a security section would be a great idea. |
Quote:
|
Oh, Ok, LOL
You were talking about a brother in arms and I was starting to get a little unnerved. |
We can start with a small one :D
|
As one who had two sites hacked since the new year I would like to see this added also. Not on how to hack but how to prevent being hacked, tips, etc. Maybe a stickied thread where the latest security issues found with various add ons for vbulletin could be posted warning others if they didn't know about them.
My case with vbgallery I hadn't been on their site lately and did not receive an email they sent out stating issues with the gallery and that they had an update out for it. |
I was hacked a few years ago on my old server but it turned out they just replaced the index.html in the domain directory with their own and renamed mine. Copying mine over theirs fixed it for me. That is one of the most common ways I have seen and it causes a lot of concern until you find out how they do it. I don't think we all ought to go out and buy guns because someone tripped over someone else's shoestring. Nex is right in the idea that if we bring attention to these clowns, it is only going to draw them out and make it worse.
(You owe me, Nex) |
Bravo.
Anyone can get that kind of response. Hacking and coding are amazingly two entirely different things. It can happen to anyone of us. What can we do? Pray? lol Not much really, if they have the skill they can get into it and while I own a website and forum I respect that. When we actually do something worth hacking, like a shop, I'm going to hire a hacker to make it hacker proof and make them liable if it's hacked if they'll accept the job. If not, I don't really care. Boo hoo, call your host, get your Super Admin account set back up and own them. However they deserve to be respected and since I can't beat them, I can hire them. That's my perspective. |
Moved to Site Feedback.
I don't see much use of creating a seperate section on this. There are already advices on how to operate your board securely on both vB.com and vB.org. If there are more security tips, then feel free to write an article about it. If a vulnerability is found on a modification here on vBulletin.org, we already do warn the users of that modification. My view: All information is already there, but people tend to ignore it until too late. No new section will change that. |
Quote:
it is like when people wants a forum for SEO and search engine related topics... nobody block you from doing so, maybe just not ALL HERE... that's all... also, hacking a hosted account have not a single link between vBulletin and the server... 95% of the hacking related to the sites that were listed here as "hacked" were hacked outside vBulletin engine, by not having enough securities on the server, so people need to understand what they are doing when they host a site like this, instead of thinking everything is fine until they are hit... when someone come here and say "my site was hacked, he accessed my database and i'm crashed"... i can say that most of the time, if not all the time, that was a serverside situation of a hacker who knew how to obtain the config.php data to hack into the database... no need to crash an entire site, you just have to infiltrate and make fun of it... this is basic site administration, not forum code. this topic started because one of the partner of the admin trashed from the inside... not a single bit of code related to security.. it's all about confidence to the persons you're supposed to trust before giving them access to the administration... i don't think Bill Gates would give the key from his house to his business partners... |
Quote:
I think I got all the security measures in place on my board and despite that I got my dB deleted totally for a hired coder. Well security is a plus anywhere, so if we keep thinking that vB is mostly a hobby than a Business/Investment then forget about protection. |
your problem is actually not related to vBulletin at all, you know it... it depend on the access you gave to someone... even if Jelsoft develop a level 7 security protocol, there will be nothing they can do if the best security is to not give access to the database... this is not security of a script at all..
the first words are always : BACKUP YOUR DAMN DATABASE AND KEEP IT SAFE... if you can't follow that, forget about securities... |
What harm is there in organizing information to help protect administrators?
|
Quote:
-------------------------- -------------------------- Anyway - I think it's a very valid suggestion - I'm frankly surprised it hasn't been mentioned before really. At anyrate - yes - A how-to prevent hacking/steps to reorder after being hacked forum would be very nice IMO Great suggestion - I doubt it will be implemented though - but we can always hope that vB.org and/or vB.com shows an interest in helping those who have had their $160+ vBulletin forum hacked by providing such an informational NEW section. And I'm equally sure that there is a great bulk of helpful and invaluable suggestions/information to be added in the NEW section from the talented Coders of this vBulletin Community that would help immensely in such a case as having been hacked... Jacquii. --------------- Added [DATE]1204502244[/DATE] at [TIME]1204502244[/TIME] --------------- Quote:
Jacquii. |
Quote:
*Ouch! someone mentioned his/her money to claim rights |
Well, maybe my opinion does matter. I shall rally the troops! ;)
|
LOL - well my view is this...
Quote:
I'd recommend putting the NEW section on the very forum index. Anyway... Jacquii. |
since security is mostly a hosting/server related issue since standard vBulletin is pretty secure, couldn't everyone just use the Hosting forum here that really doesn't get much more then a "I NEEDZ NEW HOSTZORS!!" threads?
|
Quote:
|
I think a re-purposing of the hosting forum (plus some security related stickies) would be a great compromise. vb.org search can be a little...hard to wade through sometimes.
|
Quote:
Nexialys, such 'infallible attitude' surprises me, can you tell me if here in vB.org we don't have 'dormant hackers'? we are 100% safe? |
if there is dormant hackers in the mod team or the admins, that will be hilarious when he make his coming-out, because it would be a really lazy hacker who is dormant for years...
nobody who is not IN CHARGE have access to the core elements of vb.org ... that's part of the securities... this is helping on the paranoid attitudes... and actually, nobody can even be sure.. maybe Paul is trying to hide some secret means... |
Well, I for one think both ideas are great. We really don't need it until we do need it and then we should have it. And then not have it until we need it again.
I'll let you guys work the details out for that. Thank you, Middle-of-the-road Boofo |
Quote:
Quote:
|
Quote:
oh, and that dress Danny found one day in one of my posts.... ... actually, if you misread the forum's sub-title, it is "The Official VBulletin Modification Site", not "The Ultimate vBulletin Resource" ... that one you can deal with, if you want... want to make a complete resource site for vB owners, be my guest, i'll register on your site the day you open. |
I'm a pushover...
|
3D pushover...
|
That hurts, Nexia. :(
Well, I'm over that now. |
Quote:
|
Ok, just rememeber the old sly fox...
|
Lol
|
Quote:
|
with such a forum, everybody would fail in all security protocols... not good to use an image with my face on it btw, your reputation will drop iO...
|
| All times are GMT. The time now is 05:20 PM. |
Powered by vBulletin® Version 3.8.12 by vBS
Copyright ©2000 - 2025, vBulletin Solutions Inc.
| X vBulletin 3.8.12 by vBS Debug Information | |
|---|---|
|
|
 More Information |
|
|
Template Usage:
Phrase Groups Available:
|
Included Files:
Hooks Called:
|