| Author |
Message |
Zhen-Xjell
Nuke Cops Founder
Joined: Nov 14, 2002
Posts: 5939
|
 Posted:
Fri Feb 27, 2004 2:37 pm |
  |
An IP was banned ealier today and I'm not sure why, other than to think one or two of these keywords forced it to:
postt22943.html&highlight=weblinks+hash
That is one example from the pages visited. Another highlight term was 'union'.
I removed the ban. It was a single IP, but banned twice.
Ideas? |
_________________
Paul Laudanski, Microsoft MVP Windows-Security
CastleCops: [de] [en] [wiki] |
|
     |
|
foxyfemfem
Support Staff
Joined: Jan 23, 2003
Posts: 668
Location: USA
|
| Posted:
Fri Feb 27, 2004 3:51 pm |
|
ZX, that happen on my website all the time. Protector was banning everyone. Maybe it had something to do with keyword searches. Although, members were being banned left & right for whatever reason, as I stated in the first post you wrote. |
_________________
If you shoot for the moon and miss, you'll still be amongst the stars. |
|
|
|
Zhen-Xjell
Nuke Cops Founder
Joined: Nov 14, 2002
Posts: 5939
|
| Posted:
Fri Feb 27, 2004 4:35 pm |
|
Interesting... That needs to be checked. |
_________________
Paul Laudanski, Microsoft MVP Windows-Security
CastleCops: [de] [en] [wiki] |
|
|
|
MisterWORK
Support Mod
Joined: Jun 11, 2003
Posts: 245
|
| Posted:
Fri Feb 27, 2004 5:07 pm |
|
Checked in next release  AS it is now will it ban any code that contains UNION as that is the common term hacker uses ....
Also remember to enable Mail Admin then will you get a more specifik mail whit info Why the user is banned... Next release will also put that info on the banned page. Well next release have alot more feature and fixes  |
_________________
Protector System for phpNuke.
<b>Current Version Released: 1.15.b2( 05/12-04) </b>
Support site: http://protector.warcenter.se |
|
|
|
Zhen-Xjell
Nuke Cops Founder
Joined: Nov 14, 2002
Posts: 5939
|
| Posted:
Fri Feb 27, 2004 6:18 pm |
|
The emails I got from protector had a Forums link with 'highlight=union', and it thought it was an attempt on admin.php. This is a bug. |
_________________
Paul Laudanski, Microsoft MVP Windows-Security
CastleCops: [de] [en] [wiki] |
|
|
|
XtraX
Lieutenant
Joined: Aug 23, 2003
Posts: 195
|
| Posted:
Fri Feb 27, 2004 6:47 pm |
|
Secondly I also noticed if you ban an AOL user anyone else on Aol also gets Auto Banned is there a fix for this .. becuase it is truly anoying to the members as well as the staff..
We banned an Aol user and anyone else coming in on AOL seems to be auto banned by protector it bans them and then it starts to ban anyone else on AOL ..
Weird ...
XtraX  |
|
|
|
|
MisterWORK
Support Mod
Joined: Jun 11, 2003
Posts: 245
|
| Posted:
Sat Feb 28, 2004 12:19 am |
|
| Zhen-Xjell wrote: |
| The emails I got from protector had a Forums link with 'highlight=union', and it thought it was an attempt on admin.php. This is a bug. |
As i said it's fixed in next release |
_________________
Protector System for phpNuke.
<b>Current Version Released: 1.15.b2( 05/12-04) </b>
Support site: http://protector.warcenter.se |
|
|
|
Zhen-Xjell
Nuke Cops Founder
Joined: Nov 14, 2002
Posts: 5939
|
| Posted:
Sat Feb 28, 2004 6:05 am |
|
Thanks... |
_________________
Paul Laudanski, Microsoft MVP Windows-Security
CastleCops: [de] [en] [wiki] |
|
|
|
XtraX
Lieutenant
Joined: Aug 23, 2003
Posts: 195
|
| Posted:
Sat Feb 28, 2004 11:03 am |
|
Ok Mister but is there away to stop it from Auto Banning and Just let the user that is banned from not accessing the Site ...
XtraX |
|
|
|
|
Zhen-Xjell
Nuke Cops Founder
Joined: Nov 14, 2002
Posts: 5939
|
| Posted:
Sat Feb 28, 2004 5:38 pm |
|
Check includes/blocker.php and search on 'UNION'. I changed it from "or" to "&&" for the meantime. |
_________________
Paul Laudanski, Microsoft MVP Windows-Security
CastleCops: [de] [en] [wiki] |
|
|
|
maciekp
Sergeant
Joined: Sep 09, 2003
Posts: 94
Location: Perth, WA
|
| Posted:
Tue Mar 02, 2004 7:23 am |
|
You should look for something like "union(.{1,3})select" instead. |
_________________
ElectricDice 0.8 - password & MD5, sitekey generator tool
Use SHA1 in Nuke |
|
|
|
x
Corporal
Joined: Mar 25, 2003
Posts: 57
Location: Puerto Rico
|
| Posted:
Thu Mar 11, 2004 10:53 am |
|
Mister;
I imagine you are busy as ever with the new release. But I have an emergency and I would appreciate it if you could help me install Protector on my portal. I tried installing it but for some reason it just won't do. Can you or anyobne here please help?
Another question would be, a more or less when you think the next version will come out.
Thanks
PS. you can reach me at my e-mail x@zonaxbox.com |
_________________
Gilberto J. Palau aka 'X'
Head Honcho
www.zonaxbox.com |
|
  |
|
bigtree
Sergeant
Joined: Feb 04, 2004
Posts: 100
|
| Posted:
Thu Mar 11, 2004 6:52 pm |
|
Hi, sorry if this is a lame question but from a complete innocent point of view, why are people trying to hack into nuke sites or any site for that matter? Is it mostly email harvesting or is it just to see if they can or for malicious reasons.
Thanks in advance |
|
|
|
|
x
Corporal
Joined: Mar 25, 2003
Posts: 57
Location: Puerto Rico
|
| Posted:
Thu Mar 11, 2004 6:56 pm |
|
| bigtree wrote: |
Hi, sorry if this is a lame question but from a complete innocent point of view, why are people trying to hack into nuke sites or any site for that matter? Is it mostly email harvesting or is it just to see if they can or for malicious reasons.
Thanks in advance |
Most of the time they are just unwanted visitors. I think that if anyone were to hack a phpnuke site I would start on the server not the site... |
_________________
Gilberto J. Palau aka 'X'
Head Honcho
www.zonaxbox.com |
|
|
|
GibsonXXI
Private
Joined: Apr 25, 2004
Posts: 48
Location: United Kingdom
|
| Posted:
Mon Apr 26, 2004 6:11 pm |
|
| XtraX wrote: |
Secondly I also noticed if you ban an AOL user anyone else on Aol also gets Auto Banned is there a fix for this .. becuase it is truly anoying to the members as well as the staff..
We banned an Aol user and anyone else coming in on AOL seems to be auto banned by protector it bans them and then it starts to ban anyone else on AOL ..
Weird ...
XtraX |
At last a mod with some artificial intelligence!
AOL software is the worst pile of c**p ever to be foisted on the public. It goes far beyond anything Microsoft have ever done. It's intrusive, hard to get rid of, installs itself all over your pc, leaves remnants even if you uninstall it, and spies on your browsing habits. That's besides the amount of targetted ads they fling at you. Oh and did i mention they throttle back connections that use too much bandwidth for their liking? pretty much rules out reliable internet gaming. And they charge as much as regular ISP's. I wouldn't touch AOL with a barge-pole.
Let me know how you auto-banned AOL users, i think i might implement this on my site, lol.
|
_________________
"Sic vis pacem para bellum!"
RAF71_Hornet / GibsonXXI |
|
 |
|
|
|
