Go Back   vb.org Archive > vBulletin 3 Discussion > vB3 General Discussions
FAQ Community Calendar Today's Posts Search

Closed Thread
 
Thread Tools Display Modes
  #41  
Old 06-21-2006, 07:20 AM
Revan's Avatar
Revan Revan is offline
 
Join Date: Jan 2004
Location: Norway
Posts: 1,671
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default

Quote:
Originally Posted by Andromeda2875
People do have lives you know. We do not sit in front of the computer all day watching posts and topics.
Yet you posted 10 posts in this topic already, all proving the point I made that you quoted.
  #42  
Old 06-21-2006, 12:05 PM
Trana Trana is offline
 
Join Date: Apr 2005
Posts: 604
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default

Quote:
Originally Posted by KW802
Since he won't believe anybody here on .org that it's not a vB problem and he is absolutely, positively convinced it is.... then just think of the fun thread it will make for on .com!

:banana:
If there is an equivalent thread on .com, PLEASE post a link to it! That sounds like a lot of fun to read. PERIOD.
  #43  
Old 06-21-2006, 12:10 PM
amykhar's Avatar
amykhar amykhar is offline
 
Join Date: Oct 2001
Location: PA
Posts: 4,438
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default

Guys, please don't be mean spirited. While I agree the original poster is not being logical about solving the problem, provoking somebody who has been hacked is neither kind nor constructive.
  #44  
Old 06-21-2006, 01:47 PM
KW802's Avatar
KW802 KW802 is offline
 
Join Date: Jul 2003
Location: A galaxy far, far away...
Posts: 1,450
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default

Quote:
Originally Posted by amykhar
... please don't be mean spirited. ...
Yes, because apparently based upon some of the recent threads around here the right to be mean spirited is reserved for staff only.

Amy, that sentiment is not pointed at anybody in particular but it's getting to be a pretty common sight lately that if a staff member makes a light-hearted comment then it's OK but if a mere mortal makes a similar comment or responds to the staff members comment then another staff member comes along to whack the mortal across the knuckles with a ruler.





{Kevin goes back to his cave, expecting to admonished yet again for daring to question the voice of authority.}
  #45  
Old 06-21-2006, 08:40 PM
Revpolar Revpolar is offline
 
Join Date: Feb 2004
Posts: 102
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default

Quote:
Originally Posted by KW802
{Kevin goes back to his cave, expecting to admonished yet again for daring to question the voice of authority.}
You get those too? I got one for quoting Jim Carey. I thought it was funny but apparently it wasnt.
  #46  
Old 06-22-2006, 05:26 AM
Andromeda2875 Andromeda2875 is offline
 
Join Date: Jun 2006
Posts: 62
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default

There are only a few people in here that are kind enough to try and explain something to someone. You are here to piss people off and try and make someone look stupid. As I told you before and I will tell you again. It is not my server, it is vbulletin. Believe it or not, there are tons of exploits for every forum software. I simply asked for some assistance.
  #47  
Old 06-22-2006, 05:37 AM
yinyang's Avatar
yinyang yinyang is offline
 
Join Date: May 2004
Location: Los Angeles
Posts: 580
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default

Quote:
Originally Posted by Andromeda2875
There are only a few people in here that are kind enough to try and explain something to someone. You are here to piss people off and try and make someone look stupid. As I told you before and I will tell you again. It is not my server, it is vbulletin. Believe it or not, there are tons of exploits for every forum software. I simply asked for some assistance.
disable all your hacks. if that doesn't work, then it is a PICNIC problem. for sure.
  #48  
Old 06-22-2006, 07:58 AM
SupremeWeapon SupremeWeapon is offline
 
Join Date: Jan 2005
Posts: 121
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default

lmao... vB is NOT by far the secureist(Spelling?) BB out there by far.

Any half wit cvan gain access to your admin/smod users with nothing less then a brute forcer.

Heres some suggestions for the OP

1) Make your mods+ have SECURE passwords. I can almost positively say yours don't. they most likely have silly dictionary words.

thats th eonly option I will give you. everyone else took the rest.

IE - Remove those permissions from your smods
- Demot the SMOD if it's the same account geting it.


This next one will sound silly. Are you SURE you paid for it? Me myself if I had an issue like this the FIRST thing I would do is talk to vb.com about it... not bring it here.. since they WOULD be the best avenue.

Also What web server do you run?

Apache?
lighttpd?

I forget any others that may be out there.. mainly because they suck. if it's apache then... get rid of it... There are a number of security hoels in apache, most have fixes out there but I doubt you would take the time to find them.

lighttpd is the most secure of them all.

I would also install things like "Base" they help you with server security.

Windows or *nix?

It is well known windows based servers have crap security in themselves. easy as pie to get into and gain control. This is why 80% of those with brains use *nix for web properties.
  #49  
Old 06-22-2006, 08:34 AM
Zachery's Avatar
Zachery Zachery is offline
 
Join Date: Jul 2002
Location: Ontario, Canada
Posts: 11,440
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default

Quote:
Any half wit cvan gain access to your admin/smod users with nothing less then a brute forcer.
Can you tell me how you do this? As you cannot attempt a brute force on vB3/3.5/3.6 without having a sites strikes systems disabled, even if you get the md5 hash of a cookie you'd need to obtain the secondary salt used by the cookie hashing system to actually brute force the real password. So you tell me now how you brute force the password, and if you can do it, take a shot at mine,

Quote:
I forget any others that may be out there.. mainly because they suck. if it's apache then... get rid of it... There are a number of security hoels in apache, most have fixes out there but I doubt you would take the time to find them.

lighttpd is the most secure of them all.
Considering how well aged the apache base is, if there are still security exploits with the most recent versions, 1.3.36 2.0.58 and 2.2.2 please report them.

If you are going to spout FUD here, please take it else where, theres no mass difference between a windows and linux server preformance or security wise with a competant system administrator.

Edit: so if vB is not the most secure, what is?



Now to the original poster, if you _truely_ believe this is a fault of the core vBulletin software PLEASE! send in a support ticket with as much information you can give us and if possible be willing to provide us with access to your webservers logs and other access we may request.

There are _no_ known issues at this time with any of the vBulletin core packages, 2.3.9 3.0.14 3.5.4 and 3.6.0 beta 3, if you know of one please report it to vBulletin.com via the members area.
  #50  
Old 06-22-2006, 10:52 AM
amykhar's Avatar
amykhar amykhar is offline
 
Join Date: Oct 2001
Location: PA
Posts: 4,438
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default

Um, people aren't saying it's your server. We're saying it's software you've installed on your server and we've told you repeatedly how to go about tracking down the problem. At this point, it seems you don't want help - you want to fight. If you wanted help, you would have gone to Jelsoft - the makers of the software you feel is flawed.

I'm closing this because you don't seem to want any actual advice and just want to call people names.
Closed Thread


Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off

Forum Jump


All times are GMT. The time now is 05:02 AM.


Powered by vBulletin® Version 3.8.12 by vBS
Copyright ©2000 - 2025, vBulletin Solutions Inc.
X vBulletin 3.8.12 by vBS Debug Information
  • Page Generation 0.04006 seconds
  • Memory Usage 2,255KB
  • Queries Executed 11 (?)
More Information
Template Usage:
  • (1)SHOWTHREAD
  • (1)ad_footer_end
  • (1)ad_footer_start
  • (1)ad_header_end
  • (1)ad_header_logo
  • (1)ad_navbar_below
  • (1)ad_showthread_beforeqr
  • (1)ad_showthread_firstpost
  • (1)ad_showthread_firstpost_sig
  • (1)ad_showthread_firstpost_start
  • (7)bbcode_quote
  • (1)footer
  • (1)forumjump
  • (1)forumrules
  • (1)gobutton
  • (1)header
  • (1)headinclude
  • (1)navbar
  • (3)navbar_link
  • (120)option
  • (1)pagenav
  • (1)pagenav_curpage
  • (3)pagenav_pagelink
  • (10)post_thanks_box
  • (10)post_thanks_button
  • (1)post_thanks_javascript
  • (1)post_thanks_navbar_search
  • (10)post_thanks_postbit_info
  • (10)postbit
  • (10)postbit_onlinestatus
  • (10)postbit_wrapper
  • (1)spacer_close
  • (1)spacer_open
  • (1)tagbit_wrapper 

Phrase Groups Available:
  • global
  • inlinemod
  • postbit
  • posting
  • reputationlevel
  • showthread
Included Files:
  • ./showthread.php
  • ./global.php
  • ./includes/init.php
  • ./includes/class_core.php
  • ./includes/config.php
  • ./includes/functions.php
  • ./includes/class_hook.php
  • ./includes/modsystem_functions.php
  • ./includes/functions_bigthree.php
  • ./includes/class_postbit.php
  • ./includes/class_bbcode.php
  • ./includes/functions_reputation.php
  • ./includes/functions_post_thanks.php 

Hooks Called:
  • init_startup
  • init_startup_session_setup_start
  • init_startup_session_setup_complete
  • cache_permissions
  • fetch_threadinfo_query
  • fetch_threadinfo
  • fetch_foruminfo
  • style_fetch
  • cache_templates
  • global_start
  • parse_templates
  • global_setup_complete
  • showthread_start
  • showthread_getinfo
  • forumjump
  • showthread_post_start
  • showthread_query_postids
  • showthread_query
  • bbcode_fetch_tags
  • bbcode_create
  • showthread_postbit_create
  • postbit_factory
  • postbit_display_start
  • post_thanks_function_post_thanks_off_start
  • post_thanks_function_post_thanks_off_end
  • post_thanks_function_fetch_thanks_start
  • post_thanks_function_fetch_thanks_end
  • post_thanks_function_thanked_already_start
  • post_thanks_function_thanked_already_end
  • fetch_musername
  • postbit_imicons
  • bbcode_parse_start
  • bbcode_parse_complete_precache
  • bbcode_parse_complete
  • postbit_display_complete
  • post_thanks_function_can_thank_this_post_start
  • pagenav_page
  • pagenav_complete
  • tag_fetchbit_complete
  • forumrules
  • navbits
  • navbits_complete
  • showthread_complete