Page 1 of 2 [ 20 posts ]  Go to page 1, 2  Next

LordoftheMonkeys
Veteran
Veteran

User avatar

Joined: 15 Aug 2009
Age: 31
Gender: Male
Posts: 927
Location: A deep,dark hole in the ground

24 Feb 2010, 11:11 pm

A couple of script kiddies just hacked my programming forum:

http://codecall.net/

These people go to perfectly good sites and then vandalize them using some hacking program that someone else wrote, leaving pages filled with 1337 in their place.



pakled
Veteran
Veteran

User avatar

Joined: 12 Nov 2007
Age: 63
Gender: Male
Posts: 7,015

24 Feb 2010, 11:24 pm

yeah...been lucky so far, but real hackers find them just as annoying, or so I hear...


_________________
anahl nathrak, uth vas bethude, doth yel dyenvey...


ValMikeSmith
Veteran
Veteran

User avatar

Joined: 18 May 2008
Age: 50
Gender: Male
Posts: 977
Location: Stranger in a strange land

25 Feb 2010, 12:08 am

I don't trust any software I didn't write,
nor any computer I didn't build.
I get really annoyed at the slightest glitch.
I hate scripts, and if ever I "must" allow them,
I keep my finger on the halt button as long as they are enabled.

I also hate Proprietary software, because its made by people who care
more about selling it than whether it actually is even capable of working right.

I'm not even a "professional programmer".
If your site is all about programming, why can't you prevent this from happening?
At some time in the near or indefinite future, I will have an unhackable webserver.
It just simply won't respond to any unanticipated access methods.
Why doesn't anyone else think of such trivial solutions?

If I decide to write my own forum software for my website,
how do you think it will be attacked?
What if "my" forum software was written in DOS BASIC and booted
from a write protected floppy? How could they hack the database then?



jamesongerbil
Veteran
Veteran

User avatar

Joined: 17 Sep 2009
Age: 33
Gender: Female
Posts: 1,001

25 Feb 2010, 12:17 am

they'd have to have intimate knowledge of your passwords or something... floppies are so very old school. i still have some hanging around that I just can't get rid of... you do bring up an excellent point, though. :roll: i wish you luck in your endeavor.



LordoftheMonkeys
Veteran
Veteran

User avatar

Joined: 15 Aug 2009
Age: 31
Gender: Male
Posts: 927
Location: A deep,dark hole in the ground

25 Feb 2010, 12:41 am

You know what else I find annoying? When I start a thread and then two posts into it someone changes the subject.



Apera
Veteran
Veteran

User avatar

Joined: 23 Feb 2008
Age: 31
Gender: Male
Posts: 871
Location: In Your Eyes

25 Feb 2010, 12:53 am

I'm majoring computer security stuff, so I know what this is. By definition, the scripts can only use known weaknesses in a system. Perhaps if you could seal that off...?


_________________
When I allow it to be
There's no control over me
I have my fears
But they do not have me


ValMikeSmith
Veteran
Veteran

User avatar

Joined: 18 May 2008
Age: 50
Gender: Male
Posts: 977
Location: Stranger in a strange land

25 Feb 2010, 1:05 am

LordoftheMonkeys wrote:
You know what else I find annoying? When I start a thread and then two posts into it someone changes the subject.


Big misunderstanding, sir.
In Other Words, what I meant to say is...
Yes, Script Kiddies are so annoying I have been totally avoiding them!
And I said how I avoid them, and I wondered why you don't.
I even asked if you knew any reasons why my simple methods might fail.



LordoftheMonkeys
Veteran
Veteran

User avatar

Joined: 15 Aug 2009
Age: 31
Gender: Male
Posts: 927
Location: A deep,dark hole in the ground

25 Feb 2010, 1:32 am

ValMikeSmith wrote:
LordoftheMonkeys wrote:
You know what else I find annoying? When I start a thread and then two posts into it someone changes the subject.


Big misunderstanding, sir.
In Other Words, what I meant to say is...
Yes, Script Kiddies are so annoying I have been totally avoiding them!
And I said how I avoid them, and I wondered why you don't.
I even asked if you knew any reasons why my simple methods might fail.


Well, it's one thing to say "I'm going to make an unhackable server." It's another thing to actually do it. You have not provided a "simple method", only a proposal to do something really ambitious, without any details as to how you're actually going to carry out this grandiose plan. Simply stating that you can do something is not evidence that you can do it.

As to your comment about "I don't trust any software I didn't write, nor any computer I didn't build.", I have a hard time believing that you single-handedly created your computer, your operating system, your programming tools, and the browser you are using from scratch.



LordoftheMonkeys
Veteran
Veteran

User avatar

Joined: 15 Aug 2009
Age: 31
Gender: Male
Posts: 927
Location: A deep,dark hole in the ground

25 Feb 2010, 1:45 am

Also, the forum is not literally "mine". "I" did not get hacked. It's a website hosted by someone else that I happen to have an account on and post to.



LordoftheMonkeys
Veteran
Veteran

User avatar

Joined: 15 Aug 2009
Age: 31
Gender: Male
Posts: 927
Location: A deep,dark hole in the ground

25 Feb 2010, 1:49 am

jamesongerbil wrote:
they'd have to have intimate knowledge of your passwords or something... floppies are so very old school. i still have some hanging around that I just can't get rid of... you do bring up an excellent point, though. :roll: i wish you luck in your endeavor.


I think the first method people use to break into servers is to run a program that determines the password, and then use it to do a remote login.



chrisb12416
Tufted Titmouse
Tufted Titmouse

User avatar

Joined: 23 Jan 2010
Age: 28
Gender: Male
Posts: 46

25 Feb 2010, 4:26 am

Going to the extent of ruining someone's website via means you're not directly responsible for is a whole new level of sad. People that ignorant should just stick to mild trolling...


_________________
Aspergic - Super-friendly Aspergers Discussion Forum
http://www.aspergic.com
Check it out. :)


monsterland
Veteran
Veteran

User avatar

Joined: 30 Dec 2009
Age: 43
Gender: Male
Posts: 836
Location: San Francisco, CA

25 Feb 2010, 4:49 am

ValMike: There are programming techniques developed by NASA to develop programs and operating systems that do not fail. Ever. They have to do this for remote planetary droids, spaceships, etc.

So I believe it is possible to achieve this, in theory.



Ambivalence
Veteran
Veteran

User avatar

Joined: 8 Nov 2008
Age: 43
Gender: Male
Posts: 3,613
Location: Peterlee (for Industry)

25 Feb 2010, 5:16 am

monsterland wrote:
ValMike: There are programming techniques developed by NASA to develop programs and operating systems that do not fail. Ever. They have to do this for remote planetary droids, spaceships, etc.

So I believe it is possible to achieve this, in theory.


It's not so much that they don't ever fail, but that when they fail, they can get back up.

(it's an interesting subject - the computers have to be resistant to radiation damage (the hardware itself becoming damaged), and resistant to logical corruption from radiation (when radiation causes a bit to be wrong) Wiki )


_________________
No one has gone missing or died.

The year is still young.


Last edited by Ambivalence on 25 Feb 2010, 5:38 am, edited 1 time in total.

justMax
Veteran
Veteran

User avatar

Joined: 23 Nov 2009
Age: 40
Gender: Male
Posts: 539

25 Feb 2010, 5:38 am

It's just error correction on various levels, it's programming intensive to run a 5 or 6 or 7 layer self correcting code just because it's mathematically difficult to write one, it gets worse rapidly.

How would you go about countering their access attempts with your own script fun?

A big flashing message: Go home kids, it's past your bedtime.

Design a proprietary password system that can accept inputs as complex numbers, or even quaternions?

That's the physicist in me speaking though, when in doubt, add a dimension!



Ambivalence
Veteran
Veteran

User avatar

Joined: 8 Nov 2008
Age: 43
Gender: Male
Posts: 3,613
Location: Peterlee (for Industry)

25 Feb 2010, 5:39 am

justMax wrote:
That's the physicist in me speaking though, when in doubt, add a dimension!


First we approximate the software to a sphere moving through vacuum... :D


_________________
No one has gone missing or died.

The year is still young.


ruveyn
Veteran
Veteran

User avatar

Joined: 21 Sep 2008
Age: 84
Gender: Male
Posts: 31,502
Location: New Jersey

25 Feb 2010, 9:14 am

pakled wrote:
yeah...been lucky so far, but real hackers find them just as annoying, or so I hear...



anahl nathrak, uth vas bethude, doth yel dyenvey...

Could you translate that into English, please?

ruveyn