vb.org Archive
Page 1 of 2 1 2
Show 40 post(s) from this thread on one page

vb.org Archive (https://vborg.vbsupport.ru/index.php)
-   vB3 General Discussions (https://vborg.vbsupport.ru/forumdisplay.php?f=111)
-   -   Flashchat; safe or not? (https://vborg.vbsupport.ru/showthread.php?t=133562)

Scormen 12-09-2006 07:44 AM
Flashchat; safe or not?
 
Hi everyone,

I would like to use a chat on my website, currently I'm using the latest versions of vB (3.6.4) and flashchat (4.7.7).

But, I have read that a lot of boards are hacked due to flashchat. What do you think, is it safe to use or not? Yeah I know, it is coded by people, so it is never 100% save...

Do you suggest another chat system? What do you use?

Thanks,
Kris

Saulie 12-09-2006 06:46 PM
I would say it's pretty safe, I use it on my forum and it's never been hacked so far.

If you have a moderately small forum it is allways best to use a shoutbox in my opinion something along the lines of vShout. Allways there so you can quickly have a look at whats going on while browsing the forum, whereas with flash chat you have load it up and you cant just flick throgh it all. But then on the other hand if you have a larger forum I guess a shoutbox would be too small.

Scormen 12-11-2006 05:03 PM
:) Thanks for your reaction, Saulie!

My forum will start at 16 dec, I'm curious how the chat will react on public.

Grtz,
Kris

salata 12-14-2006 06:48 PM
i thought you just had to delete some file in flashchat and that would solve the hacker problem

Scormen 12-14-2006 06:53 PM
Do you mean the install folder and the files of the other CMS's we don't need?

Kris

Paul M 12-14-2006 07:01 PM
If you read the various theads on the subject you will know that the AEDating CMS security hole was fixed months ago, sometime around Flashchat version 4.6.2, the current version is 4.7.7.

I would be very interested to hear why the people who voted 'No' have done so.

Ntfu2 12-14-2006 07:07 PM
I'd like to hear so to.

Flashchat is perfectly safe, and i'm using it on a forum with 12k members. No security holes, and you should delete the extra CMS files anyway

davidw 12-14-2006 11:36 PM
My .02 cents - It is safe (but only until an exploit is discovered). This goes with any software though.

I used it for 1 year and updated it several times. My site was defaced twice while using it, both times because of flashchat, both times because I failed to update it when a fix came out (update). Because of the lack of attention that I give to addons such as flashchat, I decided to remove it. For the most part it was safe, but twice was too much for me. My time is stretched too far to worry about something that was never used on my site, so I removed it. Had it been used more, I may have kept up with the updates when they came out. My failure. My responsibility.

Scormen 12-16-2006 08:39 AM
Quote:
If you read the various theads on the subject you will know that the AEDating CMS security hole was fixed months ago, sometime around Flashchat version 4.6.2, the current version is 4.7.7.
Yes I did, because of that I still have deleted these files because we don't need them anyway.

So Christian, you where hacked beacuse you didn't installed the updates? It was no problem of FC...

Grtz,
Kris

davidw 12-16-2006 11:12 AM
Quote:
Originally Posted by Scormen (Post 1139611)
So Christian, you where hacked beacuse you didn't installed the updates?
That's right. There are people out there who look for exploits (more specificially my type of website unfortunately) in programs such as flashchat, see if you have IMPEX install files on your site, pretty much anything they can use against you - and if there's a vulnerability they will take advantage of that. If you are up to date, have removed your install files, etc., there are no worries. In my case, I had two outdated versions of flashchat (one with the more recent AEDating CMS security hole and the other I honestly don't remember - that was when I switched to vbulletin Aug/Sep 2005).


All times are GMT. The time now is 09:59 AM.
Page 1 of 2 1 2
Show 40 post(s) from this thread on one page

Powered by vBulletin® Version 3.8.12 by vBS
Copyright ©2000 - 2025, vBulletin Solutions Inc.

X vBulletin 3.8.12 by vBS Debug Information
  • Page Generation 0.00969 seconds
  • Memory Usage 1,733KB
  • Queries Executed 10 (?)
More Information
Template Usage:
  • (1)ad_footer_end
  • (1)ad_footer_start
  • (1)ad_header_end
  • (1)ad_header_logo
  • (1)ad_navbar_below
  • (2)bbcode_quote_printable
  • (1)footer
  • (1)gobutton
  • (1)header
  • (1)headinclude
  • (6)option
  • (1)pagenav
  • (1)pagenav_curpage
  • (1)pagenav_pagelink
  • (1)post_thanks_navbar_search
  • (1)printthread
  • (10)printthreadbit
  • (1)spacer_close
  • (1)spacer_open 
Phrase Groups Available:
  • global
  • postbit
  • showthread
Included Files:
  • ./printthread.php
  • ./global.php
  • ./includes/init.php
  • ./includes/class_core.php
  • ./includes/config.php
  • ./includes/functions.php
  • ./includes/class_hook.php
  • ./includes/modsystem_functions.php
  • ./includes/class_bbcode_alt.php
  • ./includes/class_bbcode.php
  • ./includes/functions_bigthree.php 
Hooks Called:
  • init_startup
  • init_startup_session_setup_start
  • init_startup_session_setup_complete
  • cache_permissions
  • fetch_threadinfo_query
  • fetch_threadinfo
  • fetch_foruminfo
  • style_fetch
  • cache_templates
  • global_start
  • parse_templates
  • global_setup_complete
  • printthread_start
  • pagenav_page
  • pagenav_complete
  • bbcode_fetch_tags
  • bbcode_create
  • bbcode_parse_start
  • bbcode_parse_complete_precache
  • bbcode_parse_complete
  • printthread_post
  • printthread_complete