vb.org Archive

vb.org Archive (https://vborg.vbsupport.ru/index.php)
-   Forum and Server Management (https://vborg.vbsupport.ru/forumdisplay.php?f=232)
-   -   Security Question: URL Insertion? (https://vborg.vbsupport.ru/showthread.php?t=253495)

segwayon 11-11-2010 01:20 PM
Security Question: URL Insertion?
 
What's the issue with guests seeing an error message while trying to view this remote page:

Quote:
/forum/showthread.php?p=http://babycaleb.fortunecity.co.uk/picture.htm?
I posted a query at vBulletin.COM about this apparent hacker string last year but no one there responded. It seems odd that the "Who's Online" will show that a guest is apparently seeing an error message, but why do the hackers keep trying if the vBulletin software is blocking their page request? Is there any reason to be concerned about these attempts? We are running 3.8.4 PL2.

Thanks!

Lynne 11-11-2010 02:16 PM
Try the link yourself with an unregistered user - what happens? Nothing? Then don't worry about it.

segwayon 11-11-2010 02:51 PM
Quote:
Originally Posted by Lynne (Post 2120556)
Try the link yourself with an unregistered user - what happens? Nothing? Then don't worry about it.
I have to wonder if the attempts are unsuccessful then why do people keep trying?

Lynne 11-11-2010 02:56 PM
Because some are bots.

Have you ever looked at your server logs at attempts to login to your server? Don't do that if you freak out easily. You will see certain IPs hammering the server repeatedly trying to get in constantly (IP changes after every minute long attempt). They all just hit it within one minute increments and try a whole lot of usernames and/or passwords. It goes on all day long. Just because they don't get in the first time, doesn't mean they give up.


All times are GMT. The time now is 02:42 AM.

Powered by vBulletin® Version 3.8.12 by vBS
Copyright ©2000 - 2025, vBulletin Solutions Inc.

X vBulletin 3.8.12 by vBS Debug Information
  • Page Generation 0.02397 seconds
  • Memory Usage 1,713KB
  • Queries Executed 10 (?)
More Information
Template Usage:
  • (1)ad_footer_end
  • (1)ad_footer_start
  • (1)ad_header_end
  • (1)ad_header_logo
  • (1)ad_navbar_below
  • (2)bbcode_quote_printable
  • (1)footer
  • (1)gobutton
  • (1)header
  • (1)headinclude
  • (6)option
  • (1)post_thanks_navbar_search
  • (1)printthread
  • (4)printthreadbit
  • (1)spacer_close
  • (1)spacer_open 
Phrase Groups Available:
  • global
  • postbit
  • showthread
Included Files:
  • ./printthread.php
  • ./global.php
  • ./includes/init.php
  • ./includes/class_core.php
  • ./includes/config.php
  • ./includes/functions.php
  • ./includes/class_hook.php
  • ./includes/modsystem_functions.php
  • ./includes/class_bbcode_alt.php
  • ./includes/class_bbcode.php
  • ./includes/functions_bigthree.php 
Hooks Called:
  • init_startup
  • init_startup_session_setup_start
  • init_startup_session_setup_complete
  • cache_permissions
  • fetch_threadinfo_query
  • fetch_threadinfo
  • fetch_foruminfo
  • style_fetch
  • cache_templates
  • global_start
  • parse_templates
  • global_setup_complete
  • printthread_start
  • bbcode_fetch_tags
  • bbcode_create
  • bbcode_parse_start
  • bbcode_parse_complete_precache
  • bbcode_parse_complete
  • printthread_post
  • printthread_complete