Virtual Teen Forums

Virtual Teen Forums (http://www.virtualteen.org/forums/index.php)
-   Virtual Teen HQ (http://www.virtualteen.org/forums/forumdisplay.php?f=10)
-   -   Sorta simple question about this site's security (http://www.virtualteen.org/forums/showthread.php?t=2038186)

Sere June 29th, 2017 02:55 PM

Sorta simple question about this site's security
 
Ok so I see that this site is a forum which tend to be somewhat insecure though I'm not judging with just a glance. Does VT protect itself from SQL injection attacks? If not well... eek. I also see that this site is under http:// and not https:// meaning that this site is not too secure with something like credit info (not thta youd ever put it here in the first place) But how secure do you guys think it is? Has it ever been attacked before? :)





(And no I'm not trying to steal people's VT accounts.)

Alex_Swim June 29th, 2017 02:59 PM

Re: Sorta simple question about this site's security
 
Not sure how secure it needs to be, What are they going to get if someone breaks in?

Our Email address?
Some private messages?
Play around with someones Blog?

The Fourms are public so there is no need to secure them.

Amethyst Rose June 29th, 2017 03:27 PM

Re: Sorta simple question about this site's security
 
Tech Junky's Paradise :arrow2: VTHQ

Sere June 29th, 2017 03:32 PM

Re: Sorta simple question about this site's security
 
Quote:

Originally Posted by Alex_Swim (Post 3538541)
Not sure how secure it needs to be, What are they going to get if someone breaks in?

Our Email address?
Some private messages?
Play around with someones Blog?

The Fourms are public so there is no need to secure them.

Idk what theyd do but still thought it might be interesting to see how secure this place is :)

Living For Love June 29th, 2017 06:13 PM

Re: Sorta simple question about this site's security
 
I think we've had a DDOS attack some years ago that caused VT to be down for a few days. I believe the site is secure enough as we don't deal with that kind of problems very frequently.

xXl0sth0peXx June 29th, 2017 11:17 PM

Re: Sorta simple question about this site's security
 
We did have a DDOS attack back in I believe 2013, but nothing else.

We do however currently have sufficient security for our needs, and we do regular updates to ensure that is the case. If you have any other questions, you can send a PM to one of us, but there's not much else that we can share.

Flapjack July 1st, 2017 08:07 AM

Re: Sorta simple question about this site's security
 
Quote:

Originally Posted by Alex_Swim (Post 3538541)
Not sure how secure it needs to be, What are they going to get if someone breaks in?

Our Email address?
Some private messages?
Play around with someones Blog?

The Fourms are public so there is no need to secure them.

I disagree buddy, they will have a database of everyone's email and their password hash... if that gets out there and users use the same email/ password combo for other sites (which many inevitably do) then it could be a massive problem for the affected users. So security should always be taken seriously:)

Just JT July 1st, 2017 08:16 AM

Re: Sorta simple question about this site's security
 
If that worried about someone getting your email address, create a new email account that's not linked to you, your user na,e or personal name, Andrew use that as your email account for VT.

Freckles July 27th, 2017 12:27 AM

Re: Sorta simple question about this site's security
 
They also have your IP address which is your computer's identification and can hack your computer and get passwords to sites like your bank if you have an account and anything stored on your computer. The likelyhood of that hapening is slim to none but you can't be to careful.

Sere July 30th, 2017 03:36 PM

Re: Sorta simple question about this site's security
 
Ok everybody my main question was just about sql injection and if attackers could break into accounts that way. if they can, IT NEEDS TO BE FIXED. I can test it if an admin or high high up gives permission. Otherwise it is most likely illegal. The threat would be spammers and attackers being able to post, add, remove or many things from that user account. If sql injection isnt protected against admins accounts and the acp could be taken control of, users could be banned, spam would easily run free etc. And I'm just speaking for sql. Many other breach methods exist as you should nearly all know. Thank you and please respond if you can add to this
(And no I have 0 worry about my info contained here being gained but I don't wanna get banned :( )
Hjhj

Just JT July 30th, 2017 06:37 PM

Re: Sorta simple question about this site's security
 
Quote:

Originally Posted by hjhj (Post 3538539)
Ok so I see that this site is a forum which tend to be somewhat insecure though I'm not judging with just a glance. Does VT protect itself from SQL injection attacks? If not well... eek. I also see that this site is under http:// and not https:// meaning that this site is not too secure with something like credit info (not thta youd ever put it here in the first place) But how secure do you guys think it is? Has it ever been attacked before? :)





(And no I'm not trying to steal people's VT accounts.)

Quote:

Originally Posted by hjhj (Post 3554079)
Ok everybody my main question was just about sql injection and if attackers could break into accounts that way. if they can, IT NEEDS TO BE FIXED. I can test it if an admin or high high up gives permission. Otherwise it is most likely illegal. The threat would be spammers and attackers being able to post, add, remove or many things from that user account. If sql injection isnt protected against admins accounts and the acp could be taken control of, users could be banned, spam would easily run free etc. And I'm just speaking for sql. Many other breach methods exist as you should nearly all know. Thank you and please respond if you can add to this
(And no I have 0 worry about my info contained here being gained but I don't wanna get banned :( )
Hjhj


Sorry, maybe it's just me, but some of the language you use, some of the words you choose to use in your posts, makes me rather uncomfortable about your abilities and/or intentions. Not sure if I'd even rule out a threat or not.

Just saying.

I'd Take Val's offer to talk about this with admin instead of here like this
Just how I'm seeing it

Flapjack July 30th, 2017 06:53 PM

Re: Sorta simple question about this site's security
 
I highlyyyy doubt the site is vulnerable to SQI injections xD I think some members are getting a little paranoid, to do attacks like SQI injections and XXS attacks the site has to be vulnerable to them, VT is not.

This is for you @Just JT because you seemed a little worried :)

Of course no website is unhackable but there is needless fearmoungering going on in this thread.

Just JT July 30th, 2017 06:57 PM

Re: Sorta simple question about this site's security
 
Quote:

Originally Posted by Flapjack (Post 3554158)
I highlyyyy doubt the site is vulnerable to SQI injections xD I think some members are getting a little paranoid, to do attacks like SQI injections and XXS attacks the site has to be vulnerable to them, VT is not.

This is for you @Just JT because you seemed a little worried :)

Of course no website is unhackable but there is needless fearmoungering going on in this thread.

Thanks!!

Not worried about the vulnerability of VT at all.
But I do appreciate you thoughts bro

Sere July 30th, 2017 11:17 PM

Re: Sorta simple question about this site's security
 
Quote:

Originally Posted by Just JT (Post 3554155)
Sorry, maybe it's just me, but some of the language you use, some of the words you choose to use in your posts, makes me rather uncomfortable about your abilities and/or intentions. Not sure if I'd even rule out a threat or not.

Just saying.

I'd Take Val's offer to talk about this with admin instead of here like this
Just how I'm seeing it

Lol I'm not a hacker nor do I have bad intentions. I do know that the sql injection attacks have had a protection on many sites tho I just wondered about VT lol
Hope everyone has a good while

Hjhj

boy05 January 31st, 2018 08:13 AM

Re: Sorta simple question about this site's security
 
Quote:

Originally Posted by Flapjack (Post 3539207)
I disagree buddy, they will have a database of everyone's email and their password hash... if that gets out there and users use the same email/ password combo for other sites (which many inevitably do) then it could be a massive problem for the affected users. So security should always be taken seriously:)

Yes, of course there will be people who use the same pwd for lotsa sites.

Elysium January 31st, 2018 08:35 AM

Re: Sorta simple question about this site's security
 
Quote:

Originally Posted by boy05 (Post 3626555)
Yes, of course there will be people who use the same pwd for lotsa sites.

Please don't post in threads that have been inactive for two months or more. :locked:


All times are GMT -5. The time now is 07:33 AM.

Powered by vBulletin®
Copyright©2000 - 2018
Search Engine Optimisation provided by DragonByte SEO (Lite) - vBulletin Mods & Addons Copyright © 2018 DragonByte Technologies Ltd.
Copyright 2004 - 2018, VirtualTeen.org