After seeing what happened to Slyck (http://www.slyck.com/forums/index.php) forums (they got hacked and everything deleted and are still not back up properly yet...). I was just wondering what the security is like here. Is the forum software regularly patched up with any security updates or is it pretty much the same as it was when the board was moved? :ermm:


I mean, we don't want the team chat becoming public domain. Again. :lol:

People who do that sort of thing should have their skin removed.

I'm not sure what the board security is like, I suspect we have a cheese-grater. :shifty:

People who do that sort of thing should have their skin removed.

I'm not sure what the board security is like, I suspect we have a cheese-grater. :shifty:


I don't think a cheese grater will work for security it has holes - oh...I see :(

Seriously though, patching the board for security is probably like backing the board's db up. Should be done all the time but easily forgotten....

this isn't phpBB

this isn't phpBB

I know the that. But surely there would still be security flaws (and thus updates) for the forum software that this board uses?

Come on, put my mind at ease or I won't be able to sleep this afternoon. :(

Can be better, we still haven't upgraded to the latest version of vBulletin.
I know that Brian made some changes some time ago to improve the securty of the website.

Last time it was one of the non-standard addons that got you.


Any plans to add a smiley generator again, btw?

this isn't phpBB
the phpBB thing was a problem with awstats, not phpBB.

There is a daily backup should anythign go wrong. phpbb is a totally different story then VB. VB is known for its security. Having said this, that doesn't make us immune to everything.

Brian

The current vBulletin version is 3.0.7, this forum is running v3.0.3 so it's a bit behind. Patches have been made available for those who don't wish to change version everytime but want to be more secure. I would presume the admins here are using these since several flaws have been found causing the newer versions to be released.

As for hacking itself, many people have said this forum is not big enough to warrent any offensive (say from the various anti P2P lobbies) and on the whole I would agree with this, especially since K++ creation has ceased. Still it can't hurt to be secure ^_^

As for hacking itself, many people have said this forum is not big enough to warrent any offensive (say from the various anti P2P lobbies) and on the whole I would agree with this, especially since K++ creation has ceased. Still it can't hurt to be secure ^_^


It's true about the forum not being big enough to attract attention but I think it would be more likely to occur from a disgruntled member (like what happened when we were on IPB...). Or some script kiddie* just having laugh at the forum's expense.

*Is that the right term?

Patches have been made available for those who don't wish to change version everytime but want to be more secure.



Entity installed those patches some time ago dunno if he also added the latest patch.

There is a daily backup should anythign go wrong.



But are they usable? :unsure:

Yes, provided they don't patch the forum software :lol:

*bump*

Told you so.

The board is on 3.0.3.
A few weeks ago IKE sent me 3.0.7 over msn...i'm not sure if that's the latest version, but even thatwould mean that the forum is outdated.

edit: ok 3.0.7 is the latest version.
here you can download the latest patch: http://www.vbulletin.com/forum/showthread.php?postid=819562

The board is on 3.0.3.
A few weeks ago IKE sent me 3.0.7 over msn...i'm not sure if that's the latest version, but even thatwould mean that the forum is outdated.

edit: ok 3.0.7 is the latest version.
here you can download the latest patch: http://www.vbulletin.com/forum/showthread.php?postid=819562

Maybe when I made my initial (well intentioned) post I should have written in size 80 font 'patch your f-ing security holes'?

Who is up for the big delete next?:unsure:

Maybe when I made my initial (well intentioned) post I should have written in size 80 font 'patch your f-ing security holes'?

Who is up for the big delete next?:unsure:
:handraisedintheairsmiley:

Maybe when I made my initial (well intentioned) post I should have written in size 80 font 'patch your f-ing security holes'?

Who is up for the big delete next?:unsure:

vBulletin v3.0.7, Copyright ©2000-2005, Jelsoft Enterprises Ltd. :cool:

vBulletin v3.0.7, Copyright ©2000-2005, Jelsoft Enterprises Ltd. :cool:

Unfortunately we updated to the patch after our haxing incident rather than before. A case of shutting the door after the horse has bolted I think :P

Unfortunately we updated to the patch after our haxing incident rather than before. A case of shutting the door after the horse has bolted I think :P

I guess, but only noticed cause someone bumped the topic last night :rolleyes:

More evidence, if it be needed, that the disgruntled ex member who did this was cheese. He has obviously left the board and learned to be a l337 ubber h4x0r, with the specific intention of getting revenge on this board. At the same time proving pant boy's point about the security.

I flippin' well knew it all along.