 Board upgrades Part II, Here we go again. |
|
|||||||||
 Mar 26 2006, 07:08 PM
Post
#1
|
|
|
FRRAX Owner/Admin  Group: Admin Posts: 15,432 Joined: 13-February 04 From: Ohio Member No.: 196  |
We are working through another series of board upgrades to correct for security issues and to remove the trafficage link that has been inserted on the board (I'm guessing through one of those exploits). The upgrade is done, but the link is still there and I'm working with the Invision Board staff to get it removed at this time. And I'd like to thank their support people for their time and rapid assistance. Once that is complete, I'll try to get the sponsor banners and such restored to the board in the very near future.
It seems that as we are growing, we have become a more attractive target for these exploits and such. I'm beginning to realign my security concerns in response to this increased activity. Sorry for the difficulties, I hope to have them cleared up shortly. More information is here: http://www.frrax.com/rrforum/index.php?showtopic=7156 Thanks for your patience. I'll have it all worked out very soon. Kevin |
 |
 
|
 |
Replies
|
Mar 27 2006, 03:24 AM
Post
#2
|
|
|
Experienced Member Group: Advanced Members Posts: 1,766 Joined: 10-April 04 From: New Orleans, LA Member No.: 303 |
QUOTE google hacking is becoming a whole new discipline. google's api and advanced search features really allow to automatically find sites running exploitable software, and then just unleash your exploits on them. blind scanning for large numbers of hosts is long gone. manual exploitation of each site separately is long gone. the old goals of gaining access to just more boxes for the sake of it is all gone. now all you got is some hungry/poor/greedy eastern block hackers writing one exploit for one popular version of software, make it into a worm, let it propagate, and insert some traffic generating links and popups to some advertising site to make few cents. that's what happened in our case i think. of course i don't have shell access to really get in there and look... the real culprit is badly written software with unsanitized inputs, ripe for insertions. combine it with few bad permissions (courtesy of stupid windows ftp clients that change permissions to world readable/writable/executable so your usual windows idiot, 'scuse me, user, doesn't have problems accessing anything) and you got yourself a goldmine of opportunities. and now i get to go back and spend another day in the lab hacking some custom servers without any sourcecode...and this is my 'spring break' too! please kill me now... In English, this translates to, "The bad man is trying to hurt me - help me mommy!" |
|
|
|
Posts in this topic
trackbird Board upgrades Part II Mar 26 2006, 07:08 PM
Teutonic Speedracer Wow, that's what Marcin was telling me! F... Mar 26 2006, 07:30 PM
trackbird QUOTE (Teutonic Speedracer @ Mar 26 2006, 02... Mar 26 2006, 07:47 PM RedHardSupra google hacking is becoming a whole new discipline.... Mar 27 2006, 12:47 AM firehawkclone QUOTE (RedHardSupra @ Mar 26 2006, 06:47 ... Mar 27 2006, 01:01 AM CMC #37 Our banners are gone, okily dokily? Mar 27 2006, 03:15 AM trackbird QUOTE (CMC #37 @ Mar 26 2006, 10:15 PM) O... Mar 27 2006, 04:08 AM CMC #37 Ah... the familiar banners reappear! The board... Mar 27 2006, 05:11 AM trackbird QUOTE (CMC #37 @ Mar 27 2006, 12:11 AM) A... Mar 27 2006, 05:18 AM Jon A Thank you! It was so slow it was basically un... Mar 27 2006, 06:32 PM trackbird QUOTE (Jon A @ Mar 27 2006, 01:32 PM) Tha... Mar 27 2006, 06:40 PM sgarnett BTW, I just discovered that outgoing PMs aren... Mar 28 2006, 04:27 AM trackbird QUOTE (sgarnett @ Mar 27 2006, 11:27 PM) ... Mar 28 2006, 01:35 PM sgarnett Yes, I got it. Mar 28 2006, 02:03 PM |
1 User(s) are reading this topic (1 Guests and 0 Anonymous Users)
0 Members:
| Lo-Fi Version | Time is now: 6th June 2025 - 11:28 AM |