-
When you click on links to various merchants on this site and make a purchase, this can result in this site earning a commission. Affiliate programs and affiliations include, but are not limited to, the eBay Partner Network.
Any other leaks
- Thread starter bfrench
- Start date
bfrench
Administrator
deeb7 said:
Hi, Deeb,
I've set up the front page so the only place anyone not registered can get to is that Registration forum which is locked.
Every time you click on a link it takes you to the registration box.
It's just a dead end.
The program shows the guests but they can't see anything - we can also see their IP addresses.
Bill French
A
Anonymous
Guest
Yes, admins migrating from v. 2 on cornell to v. 3 and continuing to use the same passwords, v. 2 was hacked. All passwords are known. Password complexity = none. Several members use birth dates, names, pets and my favourite '123456' or 'VLJ'. But the board would already be breached if there was anything of value on it, which there isn't. So no worries. Phpbb is notoriously weak, though 3 is an improvement. Black hats and script kiddies will prevail, though. It's just the way it is. Recommend you patch often and keep your eyes open for vulnerabilities and exploits.
bfrench said:
Exactly ... so you're saying that although the guest was redirected, clicking the link was enough to record him, as a guest, on General Flight Jacket Discussion?
I've never seen that before, only ever seen them on the front page. I still don't know how they could even find the link to click.
bfrench
Administrator
deeb7 said:
No - That is not what I'm saying.
I just6 loggen on as a guest using IE ans running VLJ on Firefox - the only place I could see the guest was on the main Index page - all the other topics showed members using them and 0 guests.
I'll try it the other way round - sign on as a guest in Firefox and log on in IE.
Bill French
John Lever
Moderator
This is all a bit technical for my simple artists brain. But why would we allow any guests at all when it's members only ?
bfrench
Administrator
John Lever said:
Hi, John,
Rather than change every style allowed for the forum it is easier to create a registration section which goes no where, accepts no posts but tells prospective members how to register.
When they view the main page or the registration forum they show up as a guest without any privileges - all they can do is register - no matter where they look, they keep being redirected back to the registration box.
But undoubtedly out there in the world wild internet there is somebody who can get through any security wall we throw up.
Our main aim is to plug the obvious holes and as Simon has said - there is nothing of interest for them here so they leave us alone.
Bill French
John Lever
Moderator
Thanks Bill, that's cleared up my confusion.
A
Anonymous
Guest
hacker said:
Yep, this one is worth .03 wallyhoons. Comedy forums are statistically least likely to be hacked, so says Carlsberg.
Vcruiser
Well-Known Member
A
Anonymous
Guest
hacker said:
Probably.
