Board Security
(Click here to view the original thread with full colors/images)Posted by: MCHeshPants420
After seeing what happened to Slyck (http://www.slyck.com/forums/index.php) forums (they got hacked and everything deleted and are still not back up properly yet...). I was just wondering what the security is like here. Is the forum software regularly patched up with any security updates or is it pretty much the same as it was when the board was moved? :ermm:
I mean, we don't want the team chat becoming public domain. Again. :lol:
Posted by: lynx
People who do that sort of thing should have their skin removed.
I'm not sure what the board security is like, I suspect we have a cheese-grater. :shifty:
Posted by: MCHeshPants420
People who do that sort of thing should have their skin removed.
I'm not sure what the board security is like, I suspect we have a cheese-grater. :shifty:
I don't think a cheese grater will work for security it has holes - oh...I see :(
Seriously though, patching the board for security is probably like backing the board's db up. Should be done all the time but easily forgotten....
Posted by: Vargas
this isn't phpBB
Posted by: MCHeshPants420
this isn't phpBB
I know the that. But surely there would still be security flaws (and thus updates) for the forum software that this board uses?
Come on, put my mind at ease or I won't be able to sleep this afternoon. :(
Posted by: {I}{K}{E}
Can be better, we still haven't upgraded to the latest version of vBulletin.
I know that Brian made some changes some time ago to improve the securty of the website.
Posted by: Snee
Last time it was one of the non-standard addons that got you.
Any plans to add a smiley generator again, btw?
Posted by: sparsely
this isn't phpBB
the phpBB thing was a problem with awstats, not phpBB.
Posted by: rookiecrd1
There is a daily backup should anythign go wrong. phpbb is a totally different story then VB. VB is known for its security. Having said this, that doesn't make us immune to everything.
Brian
Posted by: SeK612
The current vBulletin version is 3.0.7, this forum is running v3.0.3 so it's a bit behind. Patches have been made available for those who don't wish to change version everytime but want to be more secure. I would presume the admins here are using these since several flaws have been found causing the newer versions to be released.
As for hacking itself, many people have said this forum is not big enough to warrent any offensive (say from the various anti P2P lobbies) and on the whole I would agree with this, especially since K++ creation has ceased. Still it can't hurt to be secure ^_^
Posted by: MCHeshPants420
As for hacking itself, many people have said this forum is not big enough to warrent any offensive (say from the various anti P2P lobbies) and on the whole I would agree with this, especially since K++ creation has ceased. Still it can't hurt to be secure ^_^
It's true about the forum not being big enough to attract attention but I think it would be more likely to occur from a disgruntled member (like what happened when we were on IPB...). Or some script kiddie* just having laugh at the forum's expense.
*Is that the right term?
Posted by: {I}{K}{E}
Patches have been made available for those who don't wish to change version everytime but want to be more secure.
Entity installed those patches some time ago dunno if he also added the latest patch.
Posted by: DanB
There is a daily backup should anythign go wrong.
But are they usable? :unsure:
Posted by: Snee
Yes, provided they don't patch the forum software :lol:
Posted by: MCHeshPants420
*bump*
Told you so.
Posted by: tesco
The board is on 3.0.3.
A few weeks ago IKE sent me 3.0.7 over msn...i'm not sure if that's the latest version, but even thatwould mean that the forum is outdated.
edit: ok 3.0.7 is the latest version.
here you can download the latest patch: http://www.vbulletin.com/forum/showthread.php?postid=819562
Posted by: MCHeshPants420
The board is on 3.0.3.
A few weeks ago IKE sent me 3.0.7 over msn...i'm not sure if that's the latest version, but even thatwould mean that the forum is outdated.
edit: ok 3.0.7 is the latest version.
here you can download the latest patch: http://www.vbulletin.com/forum/showthread.php?postid=819562
Maybe when I made my initial (well intentioned) post I should have written in size 80 font 'patch your f-ing security holes'?
Who is up for the big delete next?:unsure:
Posted by: bujub22
Maybe when I made my initial (well intentioned) post I should have written in size 80 font 'patch your f-ing security holes'?
Who is up for the big delete next?:unsure:
:handraisedintheairsmiley:
Posted by: RPerry
Maybe when I made my initial (well intentioned) post I should have written in size 80 font 'patch your f-ing security holes'?
Who is up for the big delete next?:unsure:
vBulletin v3.0.7, Copyright ©2000-2005, Jelsoft Enterprises Ltd. :cool:
Posted by: DanB
vBulletin v3.0.7, Copyright ©2000-2005, Jelsoft Enterprises Ltd. :cool:
Unfortunately we updated to the patch after our haxing incident rather than before. A case of shutting the door after the horse has bolted I think :P
Posted by: RPerry
Unfortunately we updated to the patch after our haxing incident rather than before. A case of shutting the door after the horse has bolted I think :P
I guess, but only noticed cause someone bumped the topic last night :rolleyes:
Posted by: JPaul
More evidence, if it be needed, that the disgruntled ex member who did this was cheese. He has obviously left the board and learned to be a l337 ubber h4x0r, with the specific intention of getting revenge on this board. At the same time proving pant boy's point about the security.
I flippin' well knew it all along.