Go Back   vb.org Archive > Community Central > Community Lounge
FAQ Community Calendar Today's Posts Search

Reply
 
Thread Tools Display Modes
  #11  
Old 12-20-2003, 03:42 PM
Xride Xride is offline
 
Join Date: Oct 2003
Posts: 20
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default

Htaccess the directory, but any password past 8 characters is a waste, as it doesnt read past the 8th one.
Use upper and lower case, and put an odd charator in there, something like a # ~ + } should make it almost impossible to ever guess what it is, and trying to brute force it will take weeks. and it wont take long for you to figure out where the attack is coming from and block the IP from the server directly as an other member here suggested.

But good luck, hope you make it though this unscaved.
Reply With Quote
  #12  
Old 12-20-2003, 07:14 PM
MaDCaT75 MaDCaT75 is offline
 
Join Date: Jul 2003
Location: Southern California
Posts: 718
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default

Thank you for all your tips and support. I appreciate it.
Reply With Quote
  #13  
Old 12-21-2003, 10:43 AM
Dave# Dave# is offline
 
Join Date: Nov 2001
Posts: 82
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default

I'd use apache rather than hacking the app

<Location /admin>
Order Allow,Deny
Deny from all
Allow from myipaddress myotheripaddress mybackupipaddress
</Location>
Reply With Quote
  #14  
Old 12-21-2003, 12:00 PM
Catch-22|BL Catch-22|BL is offline
 
Join Date: Aug 2003
Posts: 99
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default

Is it just random posters or the actual staff of a different message board? If it is just random people, try using diplomacy with the staff of the board and resolve the problems peacefully.

Regardless, it is always good to increase security so please use some of the things that people have already suggested. Administrators owe it to their communities to take such reasonable measures.

Reply With Quote
  #15  
Old 12-30-2003, 06:05 PM
magnus's Avatar
magnus magnus is offline
 
Join Date: Apr 2002
Location: Miami, FL
Posts: 1,107
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default

Quote:
Originally Posted by Mist
Hackers are people I have zero respect for.
Hrm.. people/businesses pay me to hack into their systems to expose security vulnerabilities. I attempt to hack almost every forum, website, shell, etc.. I come across to uncover unknown exploits so I can report them to BugTraq so the software developers can issue patches and fixes.

Without these "hackers" you have no respect for, the quality of software security would fall into oblivion. These same hackers are the reason vBulletin is as secure as it is today.. something worthy of respect, if I do say so myself.

Hackers help raise the bar for security. Someone brute forced your password? Serves you right.. how many times have you been told/read that you should not use a common word found in a dictionary. Got nailed by a buffer overflow exploit? Maybe you should keep your software updated.. patches/updates are released for a reason.

Of course, none of my hacking tactics are used for malicious intent. I do not deface/delete/modify/etc.. any of the server/site content. I simply inform the administration of the methods used to obtain entry as well as provide a link to a recommended fix.

Lumping "Hackers" into your zero respect clause is naive and insulting to those of us who better your internet-lives.

Just my $0.02.
Reply With Quote
  #16  
Old 12-30-2003, 06:24 PM
Dean C's Avatar
Dean C Dean C is offline
 
Join Date: Jan 2002
Location: England
Posts: 9,071
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default

Perhaps I should rephrase then. The meaning behind that comment was idiots like what's going on with the vB sites right now and those intent on hacking to cause harm. We can't explain our words perfectly all the time.
Reply With Quote
  #17  
Old 12-30-2003, 06:30 PM
Chris Gwynne's Avatar
Chris Gwynne Chris Gwynne is offline
 
Join Date: Jan 2003
Posts: 316
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default

Ler him attack your site, it's fun to see what hackers put as their attack message.
Reply With Quote
  #18  
Old 12-30-2003, 08:04 PM
MaDCaT75 MaDCaT75 is offline
 
Join Date: Jul 2003
Location: Southern California
Posts: 718
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default

They are no longer a threat.... it was all hot air I found out.
Reply With Quote
  #19  
Old 12-31-2003, 04:25 AM
ajk ajk is offline
 
Join Date: Feb 2003
Location: Monmouth County, N.J. U.S.A.
Posts: 82
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default

Quote:
Originally Posted by Mist
I say we don't. Actions such as this are completely illegal and discussion of them will not be tolerated in jest or in seriousness. Hackers are people I have zero respect for. But in regards - .htaccess the admin and mod directories with as difficult and as long a password as you want it to be. And make sure you add some of the administration protection hacks that we have here. That way you can't be demoted as administrator. Also take backups. I doubt if they'll do this but it's best to be safe than sorry
I agree with Mist. I was hacked and destroyed by code kiddies with nothing better to do.
All that because I used another BBS and gave some kids free web space to help them out.

I say leave it alone and block the guys.
Reply With Quote
Reply


Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off

Forum Jump


All times are GMT. The time now is 03:51 AM.


Powered by vBulletin® Version 3.8.12 by vBS
Copyright ©2000 - 2025, vBulletin Solutions Inc.
X vBulletin 3.8.12 by vBS Debug Information
  • Page Generation 0.03990 seconds
  • Memory Usage 2,238KB
  • Queries Executed 11 (?)
More Information
Template Usage:
  • (1)SHOWTHREAD
  • (1)ad_footer_end
  • (1)ad_footer_start
  • (1)ad_header_end
  • (1)ad_header_logo
  • (1)ad_navbar_below
  • (1)ad_showthread_beforeqr
  • (1)ad_showthread_firstpost
  • (1)ad_showthread_firstpost_sig
  • (1)ad_showthread_firstpost_start
  • (2)bbcode_quote
  • (1)footer
  • (1)forumjump
  • (1)forumrules
  • (1)gobutton
  • (1)header
  • (1)headinclude
  • (1)navbar
  • (3)navbar_link
  • (120)option
  • (1)pagenav
  • (1)pagenav_curpage
  • (1)pagenav_pagelink
  • (9)post_thanks_box
  • (9)post_thanks_button
  • (1)post_thanks_javascript
  • (1)post_thanks_navbar_search
  • (9)post_thanks_postbit_info
  • (9)postbit
  • (9)postbit_onlinestatus
  • (9)postbit_wrapper
  • (1)spacer_close
  • (1)spacer_open
  • (1)tagbit_wrapper 

Phrase Groups Available:
  • global
  • inlinemod
  • postbit
  • posting
  • reputationlevel
  • showthread
Included Files:
  • ./showthread.php
  • ./global.php
  • ./includes/init.php
  • ./includes/class_core.php
  • ./includes/config.php
  • ./includes/functions.php
  • ./includes/class_hook.php
  • ./includes/modsystem_functions.php
  • ./includes/functions_bigthree.php
  • ./includes/class_postbit.php
  • ./includes/class_bbcode.php
  • ./includes/functions_reputation.php
  • ./includes/functions_post_thanks.php 

Hooks Called:
  • init_startup
  • init_startup_session_setup_start
  • init_startup_session_setup_complete
  • cache_permissions
  • fetch_threadinfo_query
  • fetch_threadinfo
  • fetch_foruminfo
  • style_fetch
  • cache_templates
  • global_start
  • parse_templates
  • global_setup_complete
  • showthread_start
  • showthread_getinfo
  • forumjump
  • showthread_post_start
  • showthread_query_postids
  • showthread_query
  • bbcode_fetch_tags
  • bbcode_create
  • showthread_postbit_create
  • postbit_factory
  • postbit_display_start
  • post_thanks_function_post_thanks_off_start
  • post_thanks_function_post_thanks_off_end
  • post_thanks_function_fetch_thanks_start
  • post_thanks_function_fetch_thanks_end
  • post_thanks_function_thanked_already_start
  • post_thanks_function_thanked_already_end
  • fetch_musername
  • postbit_imicons
  • bbcode_parse_start
  • bbcode_parse_complete_precache
  • bbcode_parse_complete
  • postbit_display_complete
  • post_thanks_function_can_thank_this_post_start
  • pagenav_page
  • pagenav_complete
  • tag_fetchbit_complete
  • forumrules
  • navbits
  • navbits_complete
  • showthread_complete