IPB

Welcome Guest ( Log In | Register )

 Forum Rules 
> Hacked :(
Mata
post Feb 17 2011, 04:08 PM
Post #1


'Trouble Down Pit' now online!
***************

Group: Admin
Posts: 10,206
Joined: 22-February 03
From: Southern UK
Member No.: 1
Gender: Male



So, this site (and every other site that I host) was hacked in the past twelve hours. It might be a good idea to run a virus check on your machine.

Sorry about this - my site became hosted by a new company about six months ago and there seem to be a lot more breaches since this new company took over.

The telltale sign of a hack is often a tiny square, just a few pixels wide and tall, usually at the very top or the very bottom of the screen. If you see one of these then please let me know immediately.


--------------------
Trouble Down Pit: Still updated every Monday and Friday
The Matazone Games blog
The Matazone Shop The Matazone Blog
The Matazone Corset Shop: Snobz corsets at 10% off their recommended price!
Go to the top of the page
 
+Quote Post
 
Start new topic
Replies
mooooooooooopo
post Feb 19 2011, 11:03 PM
Post #2


: P>
************

Group: Moderators
Posts: 2,355
Joined: 5-March 04
From: Derby
Member No.: 991
Gender: Secret



QUOTE (MataTeachesMeLudology @ Feb 19 2011, 10:10 PM) *
And next to that, injecting data into a page is useless, as it's stored on your own computer. You'd be doing nothing at all. You'd have to send something to the server.

Are you quite sure of that? I was suggesting someone could inject some Javascript.

Did you realise that Javascript is perfectly capable of sending off asynchronous HTTP requests? There is protection against cross site requests in browsers but I can think of a few exploits where sending a request to the server on which the forum is hosted would be enough. I'm not going to post any details as I'm sure Mata wouldn't appreciate it.

I'm not going to change your opinion and I'm getting pretty tired of this argument. It seems like you're happy to be complacent about security and have decided you don't need the protection, but in the end you need to guard against all possibilities whereas an attacker need only consider one. Bear in mind that viruses and worms like to spread themselves around so by ignoring such things it is not just yourself you put at risk. I hope your friends don't get any fallout when you inevitably get an infection.

QUOTE (MataTeachesMeLudology @ Feb 19 2011, 10:10 PM) *
Up-to-date browser USUALLY (as in, almost always, but there are small exceptions) does not allow applications to be stored on your computer under any circumstance without properly notifying the user about this. Next to that, the latest versions of Windows automatically detect whenever an application that is downloaded from the internet or is coming from a questionable source and notifies the user whenever that application is trying to run. This means basically that the user can deny the launch of any unwanted applications as well.

Java could do stuff to your computer, but you're properly notified of the fact that it's trying to do that by the Java application itself. Exploits could still happen, but is rather unlikely.

It's all in the usually. That minority to which it doesn't apply are going to get screwed by your poor advice. The others won't be terribly inconvenienced so I still consider it a fairly irresponsible thing to say.

QUOTE (MataTeachesMeLudology @ Feb 19 2011, 10:10 PM) *
I'd only do this if Mata keeps your passwords stored without an hash. Which, by standards, he'll probably do. (I don't see him changing the source code of IPS, no offence)

Why must you get so uppity every time anyone offers people decent advice? I think speaker was talking about Mata's passwords for administering the server, rather than every user.

Why bother with this sentence if you're immediately going to point out that it's probably bad advice in the next? It doesn't impart any information and is just confusing.


--------------------
I am Candice's asw emo e-husband, real life actual husband and all around awesome person, Funked)Out_Frogg's e-paramour. Snugglebum's harem slave. Candice and gothictheysay are my e-pimps.
Go to the top of the page
 
+Quote Post

Posts in this topic
- Mata   Hacked :(   Feb 17 2011, 04:08 PM
- - CheeseMoose   I did wonder why AVG went mental at me when I trie...   Feb 17 2011, 04:11 PM
- - Hobbits   AVG shouted at me at home, and at work today, when...   Feb 17 2011, 04:53 PM
- - moooooooooooooooooooooooooop   Google Chrome gave me a full screen warning about ...   Feb 17 2011, 05:31 PM
- - CheeseMoose   Just came on with Chrome and it's still warnin...   Feb 17 2011, 05:49 PM
|- - Hobbits   QUOTE (CheeseMoose @ Feb 17 2011, 05:49 P...   Feb 17 2011, 06:16 PM
- - moooooooooooooooooooooooooop   QUOTE (Hobbits @ Feb 17 2011, 06:16 PM) Q...   Feb 17 2011, 06:23 PM
- - Mata   I've just registered the site in Google's ...   Feb 17 2011, 06:44 PM
- - SPEAKERfortheLOST   And this is why I use Linux. I don't have to ...   Feb 17 2011, 09:24 PM
|- - MataTeachesMeLudology   Fun-fact: Computers can't get viruses from web...   Feb 17 2011, 09:54 PM
- - Pikasyuu   QUOTE (SPEAKERfortheLOST @ Feb 17 2011, 01...   Feb 17 2011, 11:22 PM
- - moooooooooooooooooooooooooop   QUOTE (MataTeachesMeLudology @ Feb 17 2011, 0...   Feb 17 2011, 11:39 PM
- - CrazyFooIAintGettinOnNoPlane   QUOTE (SPEAKERfortheLOST @ Feb 17 2011, 09...   Feb 18 2011, 08:50 AM
- - Mata   And now my sites have been attacked again. The bas...   Feb 18 2011, 09:01 AM
- - Sharazad   <3 for my avast! doing a virus scan and a b...   Feb 18 2011, 11:34 AM
- - Mata   We have McAfee on the university computers... Gues...   Feb 18 2011, 12:02 PM
|- - Sharazad   QUOTE (Mata @ Feb 18 2011, 01:02 PM) We h...   Feb 18 2011, 12:27 PM
- - Mata   It took about six hours, but I'm pretty sure I...   Feb 18 2011, 10:08 PM
|- - Hobbits   QUOTE (Mata @ Feb 18 2011, 10:08 PM) It t...   Feb 18 2011, 11:31 PM
- - SPEAKERfortheLOST   I would suggest you look into changing ALL your si...   Feb 19 2011, 01:21 AM
|- - MataTeachesMeLudology   QUOTE (moooooooooooooooooooooooooop @ Feb 18 ...   Feb 19 2011, 10:10 PM
- - moooooooooooooooooooooooooop   QUOTE (MataTeachesMeLudology @ Feb 19 2011, 1...   Feb 19 2011, 11:03 PM
- - Mata   MTML - Moop is a pretty hardcore coder and has bee...   Feb 20 2011, 10:14 AM
- - CrazyFooIAintGettinOnNoPlane   I'd like to add that Speaker's advice shou...   Feb 20 2011, 12:12 PM
- - SPEAKERfortheLOST   Thanks for agreeing. Working as the network admin...   Feb 20 2011, 01:27 PM
|- - MataTeachesMeLudology   QUOTE (moooooooooooooooooooooooooop @ Feb 20 ...   Feb 20 2011, 02:15 PM
|- - Polynomial   I happened upon this thread whilst lurking and dec...   Feb 20 2011, 05:48 PM
- - Mata   All of these things are lovely in theory, but when...   Feb 20 2011, 06:35 PM
|- - TigerLily013   QUOTE (Mata @ Feb 20 2011, 02:35 PM) All ...   Feb 24 2011, 04:58 AM
|- - Sharazad   QUOTE (TigerLily013 @ Feb 24 2011, 05:58 ...   Feb 24 2011, 05:24 AM
|- - CrazyFooIAintGettinOnNoPlane   QUOTE (TigerLily013 @ Feb 24 2011, 04:58 ...   Feb 24 2011, 09:46 PM
- - Mr Fuzzy   OK, I've cracked, and will wade in with my two...   Feb 28 2011, 01:58 AM


Reply to this topicStart new topic
1 User(s) are reading this topic (1 Guests and 0 Anonymous Users)
0 Members:

 



Lo-Fi Version Time is now: 21st October 2017 - 03:54 PM
Use these links if you're going to shop at Amazon and a percentage of what you spend goes towards helping this site!