Hacking message board?

[EvilLS1]

I think 90% of the time its script kiddies who mess up peoples boards. They find the vulnerability in certain softwares on these security sites. Alot of these sites also tell you how to exploit the security hole. So even though the script kiddie knows nothing about code or hacking he simply follows the instructions on the security site and "hacks" peoples boards. Why does he do it? Your guess is as good as mine.

Best way to avoid being "hacked" is to keep your forum software up-to-date and be very careful which hacks you install. Only install hacks that you need and check over the code yourself if you know what to look for. I learned that the hard way. My board was hacked about a year ago due to an SQL injection vulnerability with the Store hack for vb2. Luckily damage was minimal b/c I caught him shortly after he gained admin access.

[SaN-DeeP]

Quote:

Originally Posted by EvilLS1

I think 90% of the time its script kiddies who mess up peoples boards. They find the vulnerability in certain softwares on these security sites. Alot of these sites also tell you how to exploit the security hole. So even though the script kiddie knows nothing about code or hacking he simply follows the instructions on the security site and "hacks" peoples boards. Why does he do it? Your guess is as good as mine.

Best way to avoid being "hacked" is to keep your forum software up-to-date and be very careful which hacks you install. Only install hacks that you need and check over the code yourself if you know what to look for. I learned that the hard way. My board was hacked about a year ago due to an SQL injection vulnerability with the Store hack for vb2. Luckily damage was minimal b/c I caught him shortly after he gained admin access.

I fully agree with EvilLS1

As additional security measures.
Rename your modcp and admincp dirs and set .hta xs to those

Keep a copy of admincp and modcp dirs, with .hta acces (these dirs will be blank as u already renamed them)

but this way, these newbies or script kiddies would end up messing in places were nothing can be found at all

my 2 cents

[filburt1]

Quote:

Originally Posted by Zero Tolerance

Yes, the guy who hacked me had no access to my site or ftp, he used a form of hacking known as httpd, that's all i know. He used a browser to uplaod a script to my site...

But this method cannot add folders, so by deleting the folder the process couldn't be repeated.

- Zero Tolerance

httpd is Apache. Your host was probably running an old version. 99% of the time a board is hacked is due to the administrator's own fault of running an old version of the software or choosing a host who does not take security seriously and lags on software updates.

[Zachery]

Quote:

Originally Posted by filburt1

httpd is Apache. Your host was probably running an old version. 99% of the time a board is hacked is due to the administrator's own fault of running an old version of the software or choosing a host who does not take security seriously and lags on software updates.

There is no reason to delete the install folder, only what it tells you to, the ONLY file that you NEED to delete is install.php as it is the ONLY file that could cause any harm.

[Modin]

Yeah, there's many ways to hack a board, either by a board vulnerability (which I haven't seen any for vb3), a security vulnerability like improper passwords, improperly set permissions etc, or if the host is running vulnerable software like older versions of apache, mysql, php, has improper security permission there too, etc... (got ya scared yet?) In the later case if your host has stuff improperly set up then there's nothing you can really do to protect yourself, though with the suggestions above by others you can be sure it wasn't your own fault

They reason they hack is usually for giggles, I've known a couple of these people and they get their kicks by seeing that "404 error". The odd time it's for revenge, but rarely.

Personally, including the other's suggestions, just keep a recent backup of your site on a different pc, I usually backup every couple days or so, so worst case I've lost a couple days of posts...

[Zero Tolerance]

Quote:

Originally Posted by Zachery

There is no reason to delete the install folder, only what it tells you to, the ONLY file that you NEED to delete is install.php as it is the ONLY file that could cause any harm.

In this instance i had no choice, i could either delete the install directory or have the same process repeated again, and for the sake of un-used file's which are only put into play during upgrade's i would rather just re-upload the install folder while upgrading and delete it once im done, that way i had no more threat's posed to me.

As for the apache thing, new news to me but i understand my host has upgraded considerable over the past month to a single secure business now, i will inform him of what you have said, but knowing him it won't be an issue more, my host is a but of an update freak, lol :P

- Zero Tolerance