Security
- DX
- Posts: 1780
- Joined: Wed Feb 04, 2004 1:00 pm
Sniper as of lately has been rambling on about wanting to hack SSC. If someone was able to, is there any kind of backup that would restore the site? Waterbridges site has been hacked in the past. I doubt there is any threat but Doom, I would at least disable the source code.
Mess With the Best, Get Soaked Like the Rest!
2004 Red Sox - World Series Champions
2007 Red Sox - World Series Champions!
2004 Red Sox - World Series Champions
2007 Red Sox - World Series Champions!
-
- Posts: 313
- Joined: Sat Jun 28, 2003 12:00 pm
There are a few measures I know of. Either way, I know for a fact neo patches the entire site, SQL queries and all, onto his HD. If he tried it, it could be restored in 15 minutes.And I get to enjoy DoS on snipers computer, and reporting him to the authortities.
We already have a full set of personal information on him, as he was a complete idiot with many privacy issues.
He would be totally screwed.
We already have a full set of personal information on him, as he was a complete idiot with many privacy issues.
He would be totally screwed.
Offical DMOZ Editor of "Recreation: Guns: Toy: Water Guns"
Soak On
HYPERACTIVE 4 EVER!
Soak On
HYPERACTIVE 4 EVER!
- SSCBen
- Posts: 6449
- Joined: Sat Mar 22, 2003 1:00 pm
Hyper is right, if he hacks us then he pretty much has screwed himself. I make backups of the site every once and a while. Sometimes I will make SQL backups, but not as often as the site.
There is no way sniper is getting into the site's FTP or CPanel. The password is randomly generated, and he doesn't even know the username to begin with. It will take him years to get through bruteforce. I'm also confident in the security of the servers we're running on. It's not going to happen.
There is no way sniper is getting into the site's FTP or CPanel. The password is randomly generated, and he doesn't even know the username to begin with. It will take him years to get through bruteforce. I'm also confident in the security of the servers we're running on. It's not going to happen.
- Monsoon
- Posts: 832
- Joined: Sun Jul 13, 2003 2:14 pm
- RacerSoaker445
- Posts: 951
- Joined: Sun Mar 14, 2004 2:27 pm
I have gotten into the site's directory, say the uploads area where a lot of things are uploaded.
Very simple, but in order to keep people from doing that, you need to redierect, say, Fourms.SSC.net/uploads/ to the page you were just at. My Mom has a very large site that has that, ultra handy.
Very simple, but in order to keep people from doing that, you need to redierect, say, Fourms.SSC.net/uploads/ to the page you were just at. My Mom has a very large site that has that, ultra handy.
I don't check this forum anymore.
- SSCBen
- Posts: 6449
- Joined: Sat Mar 22, 2003 1:00 pm
I actually made it like that on purpose, so I could browse those directories without opening anything special. No security holes there anyway. The SSC images directory is also like that, it's not used anymore though. The most important directory, where most of the site's important info is held, is secure btw (it's sscentral.net/res/ for those who think they might be cool and figure it out). There is no way they could do anything in that directory anyway without opening FTP or CPanel. It's not chmodded to 777 or something similar so a GET/POST based attack isn't an option either.
The only security hole in the entier site is the forum's news, which is not being used currently. But that will not let sniper do anything other than read the first posts of some topics that were deleted and our planning board. Nothing to special, the only hole I know.
Believe me when I say the site is secure. My password is randomly generated, the FTP and CPanel ones are, but I'm not sure about Neo's and Mist's passwords. I've read internet security books before, I used to be into all that hacking XPBackfire-esque. There is no way an elementary schooler could hack this site, unless they were a child hacking prodigy or something. What would he gain by hacking anyway? The FBI making a visit maybe, or his ISP cutting his connection.
The only security hole in the entier site is the forum's news, which is not being used currently. But that will not let sniper do anything other than read the first posts of some topics that were deleted and our planning board. Nothing to special, the only hole I know.
Believe me when I say the site is secure. My password is randomly generated, the FTP and CPanel ones are, but I'm not sure about Neo's and Mist's passwords. I've read internet security books before, I used to be into all that hacking XPBackfire-esque. There is no way an elementary schooler could hack this site, unless they were a child hacking prodigy or something. What would he gain by hacking anyway? The FBI making a visit maybe, or his ISP cutting his connection.
-
- Posts: 361
- Joined: Sat Mar 22, 2003 1:00 pm
- Neuro
- Posts: 1081
- Joined: Thu May 01, 2003 12:00 pm
-
- Posts: 313
- Joined: Sat Jun 28, 2003 12:00 pm
I SWORE owership of the domain techinally changed place in March...Originally posted by Freakymist@Jun 10 2004, 11:42 AM
basically the only person (other than doom) that could really destroy this site is me... :Hey, that's funny.: considering I have more access to the site than anyone else including doom (By law I own this place).
Offical DMOZ Editor of "Recreation: Guns: Toy: Water Guns"
Soak On
HYPERACTIVE 4 EVER!
Soak On
HYPERACTIVE 4 EVER!
- BlueSmudge
- Posts: 886
- Joined: Sun Apr 18, 2004 10:57 pm
I wouldn't be so sure about sniper. My blind step-cousin hacked my local hospital's patient medical records when he was 12.
I don't think sniper even has any disabilities.
I don't think sniper even has any disabilities.
--------------------------------------------------------------
BlueSoak.net
--------------------------------------------------------------
BlueSoak.net
--------------------------------------------------------------
- SSCBen
- Posts: 6449
- Joined: Sat Mar 22, 2003 1:00 pm
No Hyper, I paid Freakymist for the hosting and domain to keep it simple.
Hacking is achieved by holes in the system. I am very sure there are no holes that would let us do that. That hospital likely was running of IIS or something similar. Everytime Microsoft fixes something in that, they add a few new holes. It does take time to find them so that's why many go unfound. IIS is unsecure, and it's sad that many servers run off it.
Hacking is achieved by holes in the system. I am very sure there are no holes that would let us do that. That hospital likely was running of IIS or something similar. Everytime Microsoft fixes something in that, they add a few new holes. It does take time to find them so that's why many go unfound. IIS is unsecure, and it's sad that many servers run off it.
- Neuro
- Posts: 1081
- Joined: Thu May 01, 2003 12:00 pm
-
- Posts: 16
- Joined: Fri Jun 11, 2004 2:38 am
:Hey, that's funny.: what has sniper doen now
I'm an old friend of his.
and yes, if you're wondering, he does have the tools to hack this site. usually what he does is, he will try to crack you're password with a cracker he downloaded a wile back, if that doesn't work, then he will flood the dam place.
but he is just bluffing. He doesn't want to hack sscentral, but he can.
I'm an old friend of his.
and yes, if you're wondering, he does have the tools to hack this site. usually what he does is, he will try to crack you're password with a cracker he downloaded a wile back, if that doesn't work, then he will flood the dam place.
but he is just bluffing. He doesn't want to hack sscentral, but he can.
- BlueSmudge
- Posts: 886
- Joined: Sun Apr 18, 2004 10:57 pm
what did I tell you guys! If a blind kid can do it, a underdeveloped brat can do it.
Or are you just helping sniper threaten us?
Or are you just helping sniper threaten us?
--------------------------------------------------------------
BlueSoak.net
--------------------------------------------------------------
BlueSoak.net
--------------------------------------------------------------
-
- Posts: 313
- Joined: Sat Jun 28, 2003 12:00 pm
Alpha, I know every overrider in the book. SSC Servers are configured to cut off the account for 24 hours after 5 unsucessful login attempts.
Bravo, Theres a difference between a smart blind kid and a dumbass kid.
Bravo, Theres a difference between a smart blind kid and a dumbass kid.
Offical DMOZ Editor of "Recreation: Guns: Toy: Water Guns"
Soak On
HYPERACTIVE 4 EVER!
Soak On
HYPERACTIVE 4 EVER!