| Author |
 Topic  |
|
RichardKinser
Snitz Forums Admin
USA
16655 Posts |
 Posted - 04 December 2002 : 01:04:06
|
| As of right now, we are not accepting any new registrations. |
|
|
eggyfarts
Junior Member
New Zealand
200 Posts |
Posted - 04 December 2002 : 01:35:50
|
| Is this permanent or just temporary because of the recent abnormality? |
Cheers,
WeeVaa.
|
 |
|
|
RichardKinser
Snitz Forums Admin
USA
16655 Posts |
|
|
eggyfarts
Junior Member
New Zealand
200 Posts |
Posted - 04 December 2002 : 01:51:31
|
| Was this issue server based or a forum access thing? My guess is server, and most likely inc_header.asp changed. |
Cheers,
WeeVaa.
|
|
|
|
RichardKinser
Snitz Forums Admin
USA
16655 Posts |
Posted - 04 December 2002 : 01:54:08
|
| The Forum Title had been changed to include a script command for document.location to the address shown above and the two users mentioned were Admins. Not sure how they were Admins, but they were. |
|
|
|
eggyfarts
Junior Member
New Zealand
200 Posts |
Posted - 04 December 2002 : 02:00:06
|
| Well, at least the issue was resolved quickly so that the stupid people who attempte it will not be able to brag. So I guess they will (hopefully) not attempt it again. Any ideas/theories as to how they gained admin rights? |
Cheers,
WeeVaa.
|
|
|
|
RichardKinser
Snitz Forums Admin
USA
16655 Posts |
Posted - 04 December 2002 : 02:05:25
|
| No, I don't have any ideas or theories. |
|
|
|
seahorse
Senior Member
USA
1075 Posts |
Posted - 04 December 2002 : 02:07:34
|
quote:
Originally posted by RichardKinser
The Forum Title had been changed to include a script command for document.location to the address shown above and the two users mentioned were Admins. Not sure how they were Admins, but they were.
Has anyone reported this to the legal authorities? It probably wouldn't amount to much, but anyone who would try something like this is bound to try again somewhere else.
|
Ken
===============
Worldwide Partner Group
Microsoft |
|
|
|
@tomic
Senior Member
USA
1790 Posts |
Posted - 04 December 2002 : 02:08:20
|
Well hell, am I the only other one closing his forum's registration? Yeah, seems silly if they are accessing the server itself but I am wondering if there's a new server vulnerability out there.
@tomic |
SportsBettingAcumen.com |
Edited by - @tomic on 04 December 2002 02:10:46 |
|
|
|
seahorse
Senior Member
USA
1075 Posts |
Posted - 04 December 2002 : 02:09:11
|
quote:
Originally posted by RichardKinser
The Forum Title had been changed to include a script command for document.location to the address shown above and the two users mentioned were Admins. Not sure how they were Admins, but they were.
Has anyone reported this to the legal authorities? It probably wouldn't amount to much, but anyone who would try something like this is bound to try again somewhere else.
|
Ken
===============
Worldwide Partner Group
Microsoft |
|
|
|
RichardKinser
Snitz Forums Admin
USA
16655 Posts |
|
|
ajhvdb
Junior Member
Netherlands
392 Posts |
Posted - 04 December 2002 : 03:56:58
|
quote:
Originally posted by @tomic
Well hell, am I the only other one closing his forum's registration? Yeah, seems silly if they are accessing the server itself but I am wondering if there's a new server vulnerability out there.
@tomic
Like to have more info also... |
Edited by - ajhvdb on 04 December 2002 03:58:04 |
|
|
|
RichardKinser
Snitz Forums Admin
USA
16655 Posts |
Posted - 04 December 2002 : 04:29:27
|
| I've given all the info I have. |
|
|
|
s0110282
Starting Member
USA
20 Posts |
Posted - 04 December 2002 : 08:43:21
|
Richard - don't rethink your commitment. Although people like this get a feeling of power and enjoy making a mess of someone's hard work, we can learn something.
It's obvious there's a loophole somewhere that needs to be fixed (code, server, whatever). Just remember that all great code is always going to have some type of way to be hacked - not to mention people are always going to try to hack it.
It's important that people like you stick with it and help out the thousands of others that use Snitz code. I'm sure it can be frustrating, but please don't let us all down for some slime balls. |
|
|
|
Kent
Junior Member
United States
193 Posts |
Posted - 04 December 2002 : 11:16:54
|
I concur wholeheartedly with s0110282's comments. I think the reason that Snitz is targeted by hackers is absolutely because of its success and widespread implementation -- much like viruses are targeted at the Microsoft office suite. Who ever hears of a virus attacking the Corel suite (i.e. WordPerfect & Lotus remnants)?
I understand you're frustrations, and hope you direct them to the guilty ones and that they bear the full brunt of those frustrations. I also watch HuwR go through similar frustrations.... These hackers are "cyber-terrorists" IMO, and should receive NO mercy!
Kent |
|
|
|
David K
Junior Member
494 Posts |
Posted - 05 December 2002 : 02:52:43
|
I think someone should test this volrnability on a test server (same software but not same hardware) If someone can get Admin privs around here, what can insignifecent people who don't know ASP do?
I know plenty of people that hardly know ASP but use Snitz, and I think we should take care of this, at least for their sake.
If someone had Admin privs, I think that wer are very lucky they\he\she didn't change anything really bad! |
|
|
|
Topic |
|
Topic Locked
)