Announcement

Collapse
No announcement yet.

BG is infected

Collapse
X
 
  • Filter
  • Time
  • Show
Clear All
new posts

  • #31
    Re: BG is infected

    Or so you say.
    sigpic
    "In this world, the one who has the most fun is the winner!" C.B.
    Prishe's Knight 2004-Forever.

    その目だれの目。

    Comment


    • #32
      Re: BG is infected

      Dammit Feba, I so have some sort of balls joke for your multiple uses of 'low-hanging fruit', but I had a few beers at lunch and I can't for my fucking life make a solid line for it.

      This is going to bother me all fucking day now.

      Fuck it.


      Low-hanging fruit. Balls. Hahahahhaha it's funny b/c it's balls, get it?
      Callysto of RamuhCaithsith - 75 RDM / BRD / COR / PLD / WAR / SCH / DRK

      Formerly Callisto of Ramuh. | Retired 5.28.10

      Callisto Broadwurst of Palamecia

      Comment


      • #33
        Re: BG is infected

        So it is.

        If this was a matter of the records being attacked on SE's end using a zero day exploit? You'd be very much correct. In this case, though, it's the user's end, and for software that had been patched for weeks or even months. They have no expectation of security when browsing the web, it's their own fault.
        ______________________________
        Originally posted by Callisto View Post
        I had a few beers at lunch
        It's not even 6PM and you're drunk?
        Last edited by Feba; 06-13-2008, 01:40 PM. Reason: Automerged Doublepost

        Comment


        • #34
          Re: BG is infected

          Originally posted by Feba View Post
          It's not even 6PM and you're drunk?
          Of course not, I've sobered up plenty since 2. I'm just tired and ready to leave work now.
          Callysto of RamuhCaithsith - 75 RDM / BRD / COR / PLD / WAR / SCH / DRK

          Formerly Callisto of Ramuh. | Retired 5.28.10

          Callisto Broadwurst of Palamecia

          Comment


          • #35
            Re: BG is infected

            I used to drink at lunch all the time. But never enough to get drunk.

            Anyway, I'm kind of glad I don't play FFXI on the same machine I browse my internets on.

            Comment


            • #36
              Re: BG is infected

              This is why I really don't think I'll ever put my main character on my new laptop. I'm being as careful as possible updating shit and whatnot, but really fuck that, lol.
              Callysto of RamuhCaithsith - 75 RDM / BRD / COR / PLD / WAR / SCH / DRK

              Formerly Callisto of Ramuh. | Retired 5.28.10

              Callisto Broadwurst of Palamecia

              Comment


              • #37
                Re: BG is infected

                ...I see this has derailed into primarily a flamewar over the degree of the victim's fault in the matter. If anyone has anything to add on the nature of the vulnerability and means to address it on the server side of things (client side has been discussed in other threads), I'd be interested in hearing from you in PM. I operate a website running a forum and a wiki, though I don't have ad content to contend with; maintaining site integrity is a matter I'm concerned with.
                Kumei, pickpocket of Midgardsormr(Bastok Rank 10)
                DRK99,DNC91,THF90
                Alchemy 72, Smithing 51, Goldsmithing 48, Leathercraft 23, Fishing 20
                Koren, San d'Orian Adv.(Rank 10)
                WHM95,BLM90,SMN85,RDM82,SCH49
                Woodworking 29,Cooking 20
                All celestials(Trial-Size), Fenrir, Diabolos, Alexander, Odin
                Myrna, Windurstian Merchant
                Clothcraft 24
                Nyamohrreh, Windurstian Adv.(Rank 6)
                BST90,WHM56,DNC45

                Comment


                • #38
                  Re: BG is infected

                  Here's what Mhurron told me, Lunaryn:
                  Session Start (Taskmage:Mhurron): Fri Jun 13 12:51:16 2008
                  [12:51] Mhurron: sup
                  [12:51] Taskmage: Hey
                  [12:51] Taskmage: Can you make any suggestions as to what we could do to make sure FFXIO doesn't become a host for that iframe?
                  [12:52] Mhurron: the iframe is injected into sites by a XSS exploit found via google, at least thats how its been done in the past 6 months
                  [12:53] Mhurron: often the first way to prevent it is to make sure that the backend software that is serving up a webboard doesn't have XSS exploits
                  [12:54] Mhurron: if the web server is running Apache, and you can add apache modules, there is mod_security that is also supposed to help prevent common XSS methods
                  [12:56] Mhurron: i don't know how invasive mod_security is though
                  [12:58] Mhurron: there is also a PHP security module, if I can remember the name of the thing, but it can cause problems as it is somewhat invasive and strict in what it allows
                  [12:58] Mhurron: both would require off line testing before it could be implimented
                  [13:00] Taskmage: Ok, thanks. I'll do some research and make recommendations to PiNG.
                  [13:00] Taskmage: I'm surprised how rampant this thing is getting. Want to make sure ..
                  [13:00] Mhurron: it's not that suprising
                  [13:00] Mhurron: the way sites are found is by combing google results
                  [13:01] Mhurron: there's actually very little work beyond initial setup for the attackers
                  [13:10] Mhurron: the PHP security extension is called suhosin Suhosin 0.9.21 - XSS Protection - PHP Security Blog
                  Session Close (Mhurron): Fri Jun 13 14:20:41 2008
                  lagolakshmi on Guildwork :: Lago Aletheia on Lodestone

                  Comment


                  • #39
                    Re: BG is infected

                    Thanks. Looks from a brief examining that there's some room for argument over whether this is a vuln in PHP or in several PHP apps, but I have a good place to start now as far as addressing the matter. (And I'd lean toward faulting PHP, if only because they try to make things safe-ish elsewhere; PHP_SELF strikes me as something that really should be guaranteed safe)
                    Kumei, pickpocket of Midgardsormr(Bastok Rank 10)
                    DRK99,DNC91,THF90
                    Alchemy 72, Smithing 51, Goldsmithing 48, Leathercraft 23, Fishing 20
                    Koren, San d'Orian Adv.(Rank 10)
                    WHM95,BLM90,SMN85,RDM82,SCH49
                    Woodworking 29,Cooking 20
                    All celestials(Trial-Size), Fenrir, Diabolos, Alexander, Odin
                    Myrna, Windurstian Merchant
                    Clothcraft 24
                    Nyamohrreh, Windurstian Adv.(Rank 6)
                    BST90,WHM56,DNC45

                    Comment


                    • #40
                      Re: BG is infected

                      Originally posted by Feba View Post
                      So it is.

                      If this was a matter of the records being attacked on SE's end using a zero day exploit? You'd be very much correct. In this case, though, it's the user's end, and for software that had been patched for weeks or even months. They have no expectation of security when browsing the web, it's their own fault.
                      And it still isn't the user's fault if someone decides to exploit a vulnerability (patched or not) in their system, but there's no point on repeating what I've already posted. XD
                      sigpic
                      "In this world, the one who has the most fun is the winner!" C.B.
                      Prishe's Knight 2004-Forever.

                      その目だれの目。

                      Comment


                      • #41
                        Re: BG is infected

                        Originally posted by Raydeus View Post
                        And it still isn't the user's fault if someone decides to exploit a vulnerability (patched or not) in their system,
                        "Or not"? Perhaps. It depends on if it requires some other incredibly stupid security flaw to have worked.

                        If it is patched though? It is most certainly the user's fault.



                        Let's say you loan a friend your car. He leaves it parked in a shady neighborhood, unlocked, and with the keys in the ignition. Do you say "no man, it's perfectly logical to leave the car unlocked and easy to use!", or do you get pissed because he did something retarded? Likewise with a person's own property, the decision to leave it open to criminals is retarded.

                        Comment


                        • #42
                          Re: BG is infected

                          This debate isn't really going anywhere, is it?
                          lagolakshmi on Guildwork :: Lago Aletheia on Lodestone

                          Comment


                          • #43
                            Re: BG is infected

                            Gah, this will be my last reply on the subject, I already replied to that. Let's just agree to disagree or something politically correct like that.

                            Originally posted by Me
                            There is a huge difference between not taking "enough" steps to prevent a crime and being at fault for it happening to you.
                            It would've been stupid for someone to do that, but the decision to steal the car is all the thieves', if it's easier or not for them to do it is irrelevant for the purpose of this discussion.


                            Edit >
                            Originally posted by Taskmage View Post
                            This debate isn't really going anywhere, is it?
                            We were just killing some time on a friendly match? <_<
                            sigpic
                            "In this world, the one who has the most fun is the winner!" C.B.
                            Prishe's Knight 2004-Forever.

                            その目だれの目。

                            Comment


                            • #44
                              Re: BG is infected

                              Originally posted by Raydeus View Post
                              but the decision to steal the car is all the thieves'
                              And the decision to allow it to be stolen was with the person who left their keys in the ignition.

                              Comment


                              • #45
                                Re: BG is infected

                                Originally posted by Lunaryn View Post
                                Looks from a brief examining that there's some room for argument over whether this is a vuln in PHP or in several PHP apps, but I have a good place to start now as far as addressing the matter. (And I'd lean toward faulting PHP, if only because they try to make things safe-ish elsewhere; PHP_SELF strikes me as something that really should be guaranteed safe)
                                It doesn't seem to be a direct fault in PHP, as far as you usually think of a fault in a piece of software, so much as a combination of poor programming (i.e. not validating inputs) and/or the fact that PHP docs and general accepted PHP programming encourage bad practices by either glossing over security concerns or simply ignoring them by presenting very insecure programming methods as examples of the right way to do PHP.

                                PHP is often a self taught language, and many of the PHP books are just as bad as the official PHP docs. This has lead to an army of PHP sites that are vulnerable to god knows what by the way they were written, not necessarily because extension X has a buffer overflow.

                                The best example of this is actually phpBB, which is the poster child for PHP apps being ripped apart because of poor programming. Unfortunately phpBB has become so popular on its own and as a basis for many other PHP based boards that even PHP programmers that do (or should) know about these issues also being bitten by these problems.
                                I use a Mac because I'm just better than you are.

                                HTTP Error 418 - I'm A Teapot - The resulting entity body MAY be short and stout.

                                loose

                                Comment

                                Working...
                                X