| Author |
 Topic  |
|
|
ZkilfinG
Starting Member
10 Posts |
 Posted - 26 July 2009 : 05:38:32
|
Hi
I've tried searching the forum without finding anything on this topic. I'm wondering if there's a way to block admins from seeing users emails? We don't have any use of this feature, and I feel it is a security risk (yes, we recently got hacked). Sure it's nice to see them from time to time, but it's not worth the security risk for us.
I'm not sure if it's "possible" to get Forum Admin access, if not then it might be enough to block regular admins from seeing emails, but perhaps it would be best to block it for everybody.
Though as I'm writing this I'm realizing that perhaps there's no point since if they can hack they probably can access the database and thus get the emails from there anyway? If this is the case, could this be solved by using (an decrypt-able) encryption on the emails? |
|
|
Carefree
Advanced Member
Philippines
4222 Posts |
Posted - 26 July 2009 : 06:05:51
|
Yes, both ways are possible. To restrict viewing of Email in profiles to the Forum Admin, you would have to modify a single character of code. The encryption function which works for the password can be extended to additionally encrypt the EMail address. Unfortunately, it could then never be displayed on a form, even for the user to check it's accuracy. So that's the downside.
|
 |
|
|
HuwR
Forum Admin
United Kingdom
20600 Posts |
Posted - 26 July 2009 : 09:58:02
|
| I think you should be concentrating on finding out how you are being hacked rather than hiding peoples emails, then you won't need to bother. if you have the latest code it should not be posible to hack into it to get users email addresses. |
|
|
|
ZkilfinG
Starting Member
10 Posts |
Posted - 27 July 2009 : 03:22:55
|
Thanks for the replies, both of you.
Carefree: Would that be "secure"? What I mean is, could the hacker just give himself forum admin rights to get around it? Or get it straight from the database? Would it also affect admin_emaillist.asp ? Also as for encryption, what if using a decryptable encryption (unlike MD5 which can only be encrypted)? Then it would be possible to get the emails back to display. However I'm not sure it's possible to set that up in a secure way, and if so there's no point in using that kind of encryption.
HuwR: I am concentrating on that. This is just thoughts for added security. For the same reason that you should encrypt passwords, which Snitz Forum 2000 does. I have been on 3.4.06 so I plan on updating the forum today. |
|
|
|
Carefree
Advanced Member
Philippines
4222 Posts |
Posted - 27 July 2009 : 17:10:22
|
quote:
Originally posted by ZkilfinG
Thanks for the replies, both of you.
Carefree: Would that be "secure"? What I mean is, could the hacker just give himself forum admin rights to get around it? Or get it straight from the database? Would it also affect admin_emaillist.asp ? Also as for encryption, what if using a decryptable encryption (unlike MD5 which can only be encrypted)? Then it would be possible to get the emails back to display. However I'm not sure it's possible to set that up in a secure way, and if so there's no point in using that kind of encryption.
For the questions in red, yes, yes, & yes. If a hacker gains access to the database, the email addresses stored there will be accessible unless you either password protect the database or encrypt those addresses. Again, encrypted addresses using sha256 will defeat the whole purpose of collecting them and render many features of the forum unusable (i.e., subscriptions, contact outside the forum, etc.).
Your best bet is to store the database outside the forum's folders to render it unavailable over the web, that'll stop the physical access issue. Then make sure you have all the software updates and security fixes to keep the hacker out of the rest of your features. Instead of using mLev = 5 for access to email addresses, you could use if MemberID=intAdminMemberID then
or
if Session(strCookieURL & "Approval") <> "15916941253" then |
|
|
|
ZkilfinG
Starting Member
10 Posts |
Posted - 28 July 2009 : 09:36:48
|
Thanks for the reply Carefree. If that's the case there's no real point in limiting access to the forum admin. I guess I could remove the access entirely though, but if the hacker still can access the database that still wouldn't help.
If the database was password protected would the password be accessible to the hacker? If not that sounds like a good option (along with removing the access for all admin users). |
|
|
|
Carefree
Advanced Member
Philippines
4222 Posts |
Posted - 28 July 2009 : 17:34:07
|
| Your password would have to be stored in your config.asp file, so if the hacker gained access to it and the database, nothing would remain protected. |
|
|
|
AnonJr
Moderator
United States
5768 Posts |
Posted - 28 July 2009 : 21:23:42
|
quote:
Originally posted by Carefree
Your password would have to be stored in your config.asp file, so if the hacker gained access to it and the database, nothing would remain protected.
At which point you've got bigger problems anyway... |
|
|
|
ZkilfinG
Starting Member
10 Posts |
Posted - 29 July 2009 : 07:27:40
|
quote:
Originally posted by AnonJr
quote:
Originally posted by Carefree
Your password would have to be stored in your config.asp file, so if the hacker gained access to it and the database, nothing would remain protected.
At which point you've got bigger problems anyway...
I second that :-)
Again, thanks for the replies. |
|
|
| |
Topic |
|
Topic Locked
