Go Back   vb.org Archive > Community Central > Community Lounge
FAQ Community Calendar Today's Posts Search

Reply
 
Thread Tools Display Modes
  #11  
Old 07-15-2004, 07:16 PM
EvilLS1's Avatar
EvilLS1 EvilLS1 is offline
 
Join Date: Apr 2002
Location: Georgia, USA
Posts: 987
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default

I think 90% of the time its script kiddies who mess up peoples boards. They find the vulnerability in certain softwares on these security sites. Alot of these sites also tell you how to exploit the security hole. So even though the script kiddie knows nothing about code or hacking he simply follows the instructions on the security site and "hacks" peoples boards. Why does he do it? Your guess is as good as mine.

Best way to avoid being "hacked" is to keep your forum software up-to-date and be very careful which hacks you install. Only install hacks that you need and check over the code yourself if you know what to look for. I learned that the hard way. My board was hacked about a year ago due to an SQL injection vulnerability with the Store hack for vb2. Luckily damage was minimal b/c I caught him shortly after he gained admin access.
Reply With Quote
  #12  
Old 07-15-2004, 07:57 PM
SaN-DeeP's Avatar
SaN-DeeP SaN-DeeP is offline
 
Join Date: Jun 2002
Location: Mumbai, India
Posts: 1,195
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default

Quote:
Originally Posted by EvilLS1
I think 90% of the time its script kiddies who mess up peoples boards. They find the vulnerability in certain softwares on these security sites. Alot of these sites also tell you how to exploit the security hole. So even though the script kiddie knows nothing about code or hacking he simply follows the instructions on the security site and "hacks" peoples boards. Why does he do it? Your guess is as good as mine.

Best way to avoid being "hacked" is to keep your forum software up-to-date and be very careful which hacks you install. Only install hacks that you need and check over the code yourself if you know what to look for. I learned that the hard way. My board was hacked about a year ago due to an SQL injection vulnerability with the Store hack for vb2. Luckily damage was minimal b/c I caught him shortly after he gained admin access.
I fully agree with EvilLS1

As additional security measures.
Rename your modcp and admincp dirs and set .hta xs to those

Keep a copy of admincp and modcp dirs, with .hta acces (these dirs will be blank as u already renamed them)

but this way, these newbies or script kiddies would end up messing in places were nothing can be found at all

my 2 cents
Reply With Quote
  #13  
Old 07-15-2004, 11:07 PM
filburt1 filburt1 is offline
 
Join Date: Feb 2002
Location: Maryland, US
Posts: 6,144
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default

Quote:
Originally Posted by Zero Tolerance
Yes, the guy who hacked me had no access to my site or ftp, he used a form of hacking known as httpd, that's all i know. He used a browser to uplaod a script to my site...

But this method cannot add folders, so by deleting the folder the process couldn't be repeated.

- Zero Tolerance
httpd is Apache. Your host was probably running an old version. 99% of the time a board is hacked is due to the administrator's own fault of running an old version of the software or choosing a host who does not take security seriously and lags on software updates.
Reply With Quote
  #14  
Old 07-15-2004, 11:08 PM
Zachery's Avatar
Zachery Zachery is offline
 
Join Date: Jul 2002
Location: Ontario, Canada
Posts: 11,440
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default

Quote:
Originally Posted by filburt1
httpd is Apache. Your host was probably running an old version. 99% of the time a board is hacked is due to the administrator's own fault of running an old version of the software or choosing a host who does not take security seriously and lags on software updates.
There is no reason to delete the install folder, only what it tells you to, the ONLY file that you NEED to delete is install.php as it is the ONLY file that could cause any harm.
Reply With Quote
  #15  
Old 07-16-2004, 05:07 AM
Modin Modin is offline
 
Join Date: Jun 2004
Posts: 162
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default

Yeah, there's many ways to hack a board, either by a board vulnerability (which I haven't seen any for vb3), a security vulnerability like improper passwords, improperly set permissions etc, or if the host is running vulnerable software like older versions of apache, mysql, php, has improper security permission there too, etc... (got ya scared yet?) In the later case if your host has stuff improperly set up then there's nothing you can really do to protect yourself, though with the suggestions above by others you can be sure it wasn't your own fault

They reason they hack is usually for giggles, I've known a couple of these people and they get their kicks by seeing that "404 error". The odd time it's for revenge, but rarely.

Personally, including the other's suggestions, just keep a recent backup of your site on a different pc, I usually backup every couple days or so, so worst case I've lost a couple days of posts...
Reply With Quote
  #16  
Old 07-16-2004, 05:42 PM
Zero Tolerance's Avatar
Zero Tolerance Zero Tolerance is offline
 
Join Date: Feb 2004
Location: England
Posts: 813
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default

Quote:
Originally Posted by Zachery
There is no reason to delete the install folder, only what it tells you to, the ONLY file that you NEED to delete is install.php as it is the ONLY file that could cause any harm.
In this instance i had no choice, i could either delete the install directory or have the same process repeated again, and for the sake of un-used file's which are only put into play during upgrade's i would rather just re-upload the install folder while upgrading and delete it once im done, that way i had no more threat's posed to me.

As for the apache thing, new news to me but i understand my host has upgraded considerable over the past month to a single secure business now, i will inform him of what you have said, but knowing him it won't be an issue more, my host is a but of an update freak, lol :P

- Zero Tolerance
Reply With Quote
Reply


Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off

Forum Jump


All times are GMT. The time now is 01:09 PM.


Powered by vBulletin® Version 3.8.12 by vBS
Copyright ©2000 - 2024, vBulletin Solutions Inc.
X vBulletin 3.8.12 by vBS Debug Information
  • Page Generation 0.04673 seconds
  • Memory Usage 2,217KB
  • Queries Executed 11 (?)
More Information
Template Usage:
  • (1)SHOWTHREAD
  • (1)ad_footer_end
  • (1)ad_footer_start
  • (1)ad_header_end
  • (1)ad_header_logo
  • (1)ad_navbar_below
  • (1)ad_showthread_beforeqr
  • (1)ad_showthread_firstpost
  • (1)ad_showthread_firstpost_sig
  • (1)ad_showthread_firstpost_start
  • (4)bbcode_quote
  • (1)footer
  • (1)forumjump
  • (1)forumrules
  • (1)gobutton
  • (1)header
  • (1)headinclude
  • (1)navbar
  • (3)navbar_link
  • (120)option
  • (1)pagenav
  • (1)pagenav_curpage
  • (1)pagenav_pagelink
  • (6)post_thanks_box
  • (6)post_thanks_button
  • (1)post_thanks_javascript
  • (1)post_thanks_navbar_search
  • (6)post_thanks_postbit_info
  • (6)postbit
  • (6)postbit_onlinestatus
  • (6)postbit_wrapper
  • (1)spacer_close
  • (1)spacer_open
  • (1)tagbit_wrapper 

Phrase Groups Available:
  • global
  • inlinemod
  • postbit
  • posting
  • reputationlevel
  • showthread
Included Files:
  • ./showthread.php
  • ./global.php
  • ./includes/init.php
  • ./includes/class_core.php
  • ./includes/config.php
  • ./includes/functions.php
  • ./includes/class_hook.php
  • ./includes/modsystem_functions.php
  • ./includes/functions_bigthree.php
  • ./includes/class_postbit.php
  • ./includes/class_bbcode.php
  • ./includes/functions_reputation.php
  • ./includes/functions_post_thanks.php 

Hooks Called:
  • init_startup
  • init_startup_session_setup_start
  • init_startup_session_setup_complete
  • cache_permissions
  • fetch_threadinfo_query
  • fetch_threadinfo
  • fetch_foruminfo
  • style_fetch
  • cache_templates
  • global_start
  • parse_templates
  • global_setup_complete
  • showthread_start
  • showthread_getinfo
  • forumjump
  • showthread_post_start
  • showthread_query_postids
  • showthread_query
  • bbcode_fetch_tags
  • bbcode_create
  • showthread_postbit_create
  • postbit_factory
  • postbit_display_start
  • post_thanks_function_post_thanks_off_start
  • post_thanks_function_post_thanks_off_end
  • post_thanks_function_fetch_thanks_start
  • post_thanks_function_fetch_thanks_end
  • post_thanks_function_thanked_already_start
  • post_thanks_function_thanked_already_end
  • fetch_musername
  • postbit_imicons
  • bbcode_parse_start
  • bbcode_parse_complete_precache
  • bbcode_parse_complete
  • postbit_display_complete
  • post_thanks_function_can_thank_this_post_start
  • pagenav_page
  • pagenav_complete
  • tag_fetchbit_complete
  • forumrules
  • navbits
  • navbits_complete
  • showthread_complete