Ravens PHP Scripts: Forums
 

 

View next topic
View previous topic
This forum is locked: you cannot post, reply to, or edit topics.   This topic is locked: you cannot edit posts or make replies.    Ravens PHP Scripts And Web Hosting Forum Index -> NukeSentinel(tm) v2.4.x
Author Message
Serafim
Worker
Worker



Joined: Mar 25, 2006
Posts: 109
Location: Delaware Usa

PostPosted: Fri Apr 07, 2006 9:23 pm Reply with quote

Just curious if anyone has patched to 2.4.2pl5 yet and if any noted problems.. I don't want to be the guinea pig.. Im most crious about the blocker protection and if its been corrected

_________________
Image 
View user's profile Send private message Send e-mail Visit poster's website MSN Messenger
kguske
Site Admin



Joined: Jun 04, 2004
Posts: 6432

PostPosted: Fri Apr 07, 2006 9:40 pm Reply with quote

Can you be a little more specific about what's wrong with the blocker protection?

_________________
I search, therefore I exist...
nukeSEO - nukeFEED - nukePIE - nukeSPAM - nukeWYSIWYG
 
View user's profile Send private message
dcasmr
Worker
Worker



Joined: Feb 06, 2004
Posts: 147

PostPosted: Sat Apr 08, 2006 12:58 am Reply with quote

I have installed it and I am getting more bans in less than a 3-days span due to Reason: Abuse-Flood-
Previously, I was running 2.4.2pl3 and was not getting such things. At one point, I tried loging and mistyped my passsword and got banned from my site.
 
View user's profile Send private message
Serafim







PostPosted: Sat Apr 08, 2006 5:25 am Reply with quote

Sorry about that what I meant to say was have they corrected the flood protection.. yesterday was a very long day for me.. Im at 2.4.2pl4 and the flood protection bans for flood abuse. when there was no flood so I currently have that shut off
 
kguske







PostPosted: Sat Apr 08, 2006 7:23 am Reply with quote

Thanks for following up. I haven't looked at it in detail yet, but hope to do so soon.
 
Susann
Moderator



Joined: Dec 19, 2004
Posts: 3191
Location: Germany:Moderator German NukeSentinel Support

PostPosted: Sat Apr 08, 2006 1:43 pm Reply with quote

I´m busy to unban myself."lol" The flood is set to 5 and the gfx check to 7. Whenever there is a problem with the security code I´m banned through the flood blocker. This happens also in the version 2.4.2.pl4.
I ´m using Fetch mod and it seems since I upgraded to the newest version there is a problem with the security code.

--------------------------
Reason: Abuse-Flood
--------------------

Query String: mygame.de/modules.php?gfx=gfx&random_num=770579
Get String: mygame.de/modules.php?gfx=gfx&random_num=770579
Post String: mygame/modules.php
------------------------------------------
DNSStuffDNSStuffSorry, you have triggered our rate limiting system.


Anyone else got the same problem ?

There is similar post don´t know his NukeSentinelVersion:

[ Only registered users can see links on this board! Get registered or login! ]


Btw: The site is my playzone. So i don´t need at the moment an activated flood blocker.
 
View user's profile Send private message
Serafim







PostPosted: Sat Apr 08, 2006 2:22 pm Reply with quote

Yeah i have been banned multiple times and whats funny is my ip is in the protected range all i did was shut the flood protection off until they fixed the issue..
I was hoping it was resolved with the new patch but I guess ill have to wait until 2.4.3.. So for now i believe ill stay at 2.4.2pl4
 
Raven
Site Admin/Owner



Joined: Aug 27, 2002
Posts: 17088

PostPosted: Sat Apr 08, 2006 2:30 pm Reply with quote

You need the other changes in pl5. Just don't use the flood protection. It's pretty much a minor protection spamming anyway. Flood protection needs to be at the server level, not the site level. I could flood your site and no application level protection would even know it, much less stop it.
 
View user's profile Send private message
Serafim







PostPosted: Sat Apr 08, 2006 3:04 pm Reply with quote

ohh lol I have flood protection already at server level by default its like 50,000 questions per user per hour I think sound about right?? so ill do the patch if its suggested by you...
 
mds
Client



Joined: Dec 24, 2004
Posts: 194
Location: Michigan

PostPosted: Sun Apr 09, 2006 8:36 pm Reply with quote

i did it last week and havnt had any " real "
issues that i know of from it specifically that i know of
 
View user's profile Send private message
Serafim







PostPosted: Sun Apr 09, 2006 8:56 pm Reply with quote

I never realized there was any issue until I tried to import to block ranges.. They won't go in the database and its really not a big deal just interested if anyone else had the issue
 
daemon
Worker
Worker



Joined: Jan 07, 2005
Posts: 163

PostPosted: Sun Apr 09, 2006 8:58 pm Reply with quote

hey everyone, i think i found the security code problem, i turned off flood protection and all codes working correctly.
 
View user's profile Send private message Visit poster's website AIM Address
fkelly
Former Moderator in Good Standing



Joined: Aug 30, 2005
Posts: 3312
Location: near Albany NY

PostPosted: Sat Apr 29, 2006 4:38 pm Reply with quote

I'm wondering what the flood protection is set to by default in the installation of the new Ravennuke 2.02. I'm seeing people get banned as they try to get into the test version of my site. I may have caused this myself by copying config tables over from my old site but I'm not sure. I just went into Sentinel and turned Flood protection off but we might want to put a general warning off or correct the defaults until Sentinel can be fixed.

Thank whoever for SEARCH plus FORUMS.

BTW the 50000 questions per hour has nothing to do with floods. It's a limit brain dead HOSTs put on their users which can be easily circumvented if you search the Forums here for suggestions. Or, or course, sign up with Raven.
 
View user's profile Send private message Visit poster's website
Guardian2003
Site Admin



Joined: Aug 28, 2003
Posts: 6799
Location: Ha Noi, Viet Nam

PostPosted: Sun Apr 30, 2006 12:30 am Reply with quote

Flood protection is off by default in RN 2.02.02
 
View user's profile Send private message Send e-mail
fkelly







PostPosted: Sun Apr 30, 2006 6:59 am Reply with quote

Thanks Guardian. I guess I was "hoist in my own petard". I really didn't feel like digging into the database or code last night and I just wanted to have the problem go away.

Doing my research this morning. There is a table nsnst_blockers. In it is a field block_name. If the value of activate in it is set to 5 then it is on. (That seems to be the most common value, I also see referer set to 1). If the value of activate is 0 then it is off. In my production system I have it on and no problems. In my RN 2.02 system I had it on and had problems, it's now off. Since the only difference is an upgrade of Sentinel code from 2.4.2 to 2.4.5 it would follow that the problem is in the code ... or is this issue well in hand? I'll look anyway since I will learn something.
 
fkelly







PostPosted: Sun Apr 30, 2006 7:39 am Reply with quote

I can't figure it and don't see the answer in a manual or thru Google. I could experiment and will but maybe someone knows ...

In the sentinel.php in the includes directory for 2.4.5 there is the following code in the flood routine:

Code:
         $checkrow = $db->sql_query('SELECT `lastpost` FROM `'.$prefix."_nsnst_flood` WHERE `ip` = '".$nsnst_const['remote_ip']."'");


In the same code for 2.4.2 there is this code:

Code:
      $checkrow = $db->sql_query('SELECT `lastpost` FROM `'.$prefix."_nsnst_flood` WHERE `ip` = `".$nsnst_const['remote_ip']."`");


If my compare software didn't point out a difference and if I didn't look at them side by side I wouldn't see the difference. But the coder seems to go back and forth between ` characters (upper right of keyboard, html equivalent &#96, decimal 96, hex 60) and the ' character (html equivalent &#39, decimal 39, hex 27). Does this make any difference? Does PHP interpret these the same? Is the hex 60 code interpreted by PHP the same as the hex 27 one? Does this have something to do with the difference in the behavior of the flood code between the versions or am I just, so to speak, barking up the wrong tree.
 
montego
Site Admin



Joined: Aug 29, 2004
Posts: 9457
Location: Arizona

PostPosted: Sun Apr 30, 2006 8:28 am Reply with quote

The use of quotes here is just fine. The author is trying to make this string concatenation as efficient as possible. The first use of single quotes is appropriate and the fastest method of assigning a string. However, since the single quote is needed for the SQL, he has switched to double quotes on the next set of builds so he can include the single quote as a part of the string.

There are known issues with the flood protection that I do not believe have been fixed as yet and is why it is turned off by default. Have not heard though what the plans were for fixing it.

_________________
Where Do YOU Stand?
HTML Newsletter::ShortLinks::Mailer::Downloads and more... 
View user's profile Send private message Visit poster's website
fkelly







PostPosted: Sun Apr 30, 2006 11:02 am Reply with quote

Hey, you know me Montego, I just need confirmation: so the single quote that's on the tilde ~ key on the upper left of the keyboard is the same as the single quote that's on the key with the double quote over by the enter key on the right side. Even though they both have different ascii codes, if that matters. The use of these did change between versions and I wondered why.
 
montego







PostPosted: Sun Apr 30, 2006 12:23 pm Reply with quote

Sorry, fkelly, I misunderstood your post and have looked at it again!! Sorry about that. You are absolutely correct. The 2.4.2 code is NOT right. The backquotes are to be used on the field names and table names but NOT around the actual data values.

Thank you for helping to set me straight! The single quote on the double quote key is NOT the same as the one on the tilde key.
 
fkelly







PostPosted: Sun Apr 30, 2006 3:52 pm Reply with quote

This is getting involved. I guess I don't understand the use of backquotes at all. I'm going to need to do some experimenting as soon as I can make some time to just spend an hour here going over it. I'm wondering if maybe, if the 2.4.2 code wasn't right and then it got corrected for 2.4.5 -- well maybe what happened is that the 2.4.2 code wasn't protecting from floods at all (or I should say from the Sentinel definition of floods) and now the 2.4.5 is protecting but that's what's causing the difficulties with "false positives".

Yet again, I have to say that in looking over the flood code I'm not sure exactly what's happening and maybe I should just leave this to the experts. It looks to me like the code that I'm questioning only gets executed when the user is anonymous and maybe is not even involved in the problem that I'm seeing. But without spending hours digging I can't say for sure.

And as Raven pointed out flood protection is only really effective at the server level anyway. Maybe it should just be left out of Sentinel? I don't know.
 
montego







PostPosted: Sun Apr 30, 2006 5:20 pm Reply with quote

Quote:

And as Raven pointed out flood protection is only really effective at the server level anyway. Maybe it should just be left out of Sentinel? I don't know.


I agree. I think it really had something to do with the proper "counting" of time or something like that. Been too long...

Regarding the backquotes, take a look at SQL generated by phpMyAdmin. To be honest, I've been using them for so long now I cannot even remember why! Laughing I believe it was either here or on Nukescripts.net where I first read about it 12 - 18 months ago. Sorry... I just use 'em.
 
Display posts from previous:       
This forum is locked: you cannot post, reply to, or edit topics.   This topic is locked: you cannot edit posts or make replies.    Ravens PHP Scripts And Web Hosting Forum Index -> NukeSentinel(tm) v2.4.x

View next topic
View previous topic
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
You can attach files in this forum
You can download files in this forum


Powered by phpBB © 2001-2007 phpBB Group
All times are GMT - 6 Hours
 
Forums ©