Go Back   vb.org Archive > vBulletin Article Depository > Read An Article > Management Articles
How to prevent Social Engineering.....
liamwli
Join Date: May 2012
Posts: 172

 

Show Printable Version Email this Page Subscription
liamwli liamwli is offline 06-30-2012, 10:00 PM

You may be thinking "Not another post on securing my forum", but this post also touches on a hacking method known as 'Social Engineering' - so read on....

So, you have secured your forum in every way possible - you changed the AdminCP directory name, passworded the new directory, chosen very secure passwords but.

Your forum got hacked. You run around like a headless chicken trying to fix it, at the same time trying to figure out how they did it. You were running the latest vB, you start to think that it may have been a mod that you installed - but it wasn't.

It was Social Engineering.

Social engineering is when someone gains the complete trust of a forum founder, and then abuses that trust. Social engineering can take a long time to complete - but it can be devastating to a forum.

If you end up trusting someone a lot, they may have access to your cPanel, your FTP area, your database, SSH!

Imagine what they could do - they could delete the database, they could delete the entire forum files, they could delete any internal backups you have. Just think about it for a minute....

Scary thought, yes?

So how do I prevent it?

That is the million pound question, isn't it?

The best way to protect yourself is to not hire strangers to do work on your forum. If you must, then use separate logins, and check logs and EVERYTHING to see what they did. Check your plugins area for any new plugins, and ensure that if you are giving someone AdminCP access, they have the bare minimum admin permissions.

Social engineering doesn't just devastate a forum/website. It can devastate a human being. They placed their trust in you, and it was abused.

Don't fall foul to Social Engineering. Follow all the safety tips on the internet. Only trust people you know in real life - and don't trust them either!

I hope this article will open the eyes of some people....

Liam
Reply With Quote
  #2  
Old 07-24-2012, 04:16 AM
abdobasha2004's Avatar
abdobasha2004 abdobasha2004 is offline
 
Join Date: Aug 2008
Posts: 541
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default

I just never make anyone else admin
the most trusted and working for years are supermoderators
Reply With Quote
Reply

Thread Tools

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off

Forum Jump


All times are GMT. The time now is 09:24 AM.


Powered by vBulletin® Version 3.8.12 by vBS
Copyright ©2000 - 2024, vBulletin Solutions Inc.
X vBulletin 3.8.12 by vBS Debug Information
  • Page Generation 0.03965 seconds
  • Memory Usage 2,186KB
  • Queries Executed 15 (?)
More Information
Template Usage:
  • (1)SHOWTHREAD
  • (1)ad_footer_end
  • (1)ad_footer_start
  • (1)ad_header_end
  • (1)ad_header_logo
  • (1)ad_navbar_below
  • (1)ad_showthread_beforeqr
  • (1)footer
  • (1)forumjump
  • (1)forumrules
  • (1)gobutton
  • (1)header
  • (1)headinclude
  • (1)modsystem_article
  • (1)navbar
  • (4)navbar_link
  • (120)option
  • (2)post_thanks_box
  • (2)post_thanks_button
  • (1)post_thanks_javascript
  • (1)post_thanks_navbar_search
  • (2)post_thanks_postbit_info
  • (1)postbit
  • (2)postbit_onlinestatus
  • (2)postbit_wrapper
  • (1)spacer_close
  • (1)spacer_open
  • (1)tagbit_wrapper 

Phrase Groups Available:
  • global
  • inlinemod
  • postbit
  • posting
  • reputationlevel
  • showthread
Included Files:
  • ./showthread.php
  • ./global.php
  • ./includes/init.php
  • ./includes/class_core.php
  • ./includes/config.php
  • ./includes/functions.php
  • ./includes/class_hook.php
  • ./includes/modsystem_functions.php
  • ./includes/functions_bigthree.php
  • ./includes/class_postbit.php
  • ./includes/class_bbcode.php
  • ./includes/functions_reputation.php
  • ./includes/functions_post_thanks.php 

Hooks Called:
  • init_startup
  • init_startup_session_setup_start
  • init_startup_session_setup_complete
  • cache_permissions
  • fetch_threadinfo_query
  • fetch_threadinfo
  • fetch_foruminfo
  • style_fetch
  • cache_templates
  • global_start
  • parse_templates
  • global_setup_complete
  • showthread_start
  • showthread_getinfo
  • forumjump
  • showthread_post_start
  • showthread_query_postids
  • showthread_query
  • bbcode_fetch_tags
  • bbcode_create
  • showthread_postbit_create
  • postbit_factory
  • postbit_display_start
  • post_thanks_function_post_thanks_off_start
  • post_thanks_function_post_thanks_off_end
  • post_thanks_function_fetch_thanks_start
  • post_thanks_function_fetch_thanks_end
  • post_thanks_function_thanked_already_start
  • post_thanks_function_thanked_already_end
  • fetch_musername
  • postbit_imicons
  • bbcode_parse_start
  • bbcode_parse_complete_precache
  • bbcode_parse_complete
  • postbit_display_complete
  • post_thanks_function_can_thank_this_post_start
  • tag_fetchbit_complete
  • forumrules
  • navbits
  • navbits_complete
  • showthread_complete