Ravens PHP Scripts: Forums
 

 

View next topic
View previous topic
Post new topic   Reply to topic    Ravens PHP Scripts And Web Hosting Forum Index -> NukeSentinel™
Author Message
broose
Regular
Regular


Joined: Feb 17, 2006
Posts: 94

PostPosted: Sat Apr 08, 2006 1:21 pm Reply with quote

i have noticed that Nukesentinal have banned an ip address for reason Union, what is union?

cheers
 
View user's profile Send private message
hitwalker
Sells PC To Pay For Divorce


Joined:
Posts: 5661

PostPosted: Sat Apr 08, 2006 1:52 pm Reply with quote

basically thats a sql injection...
nothing special..
 
View user's profile Send private message
Susann
Moderator


Joined: Dec 19, 2004
Posts: 3191
Location: Germany:Moderator German NukeSentinel Support

PostPosted: Mon Apr 24, 2006 1:53 pm Reply with quote

Hitwalker, I believe for you it s nothing special.


Quote:

tried to load</b></font><font color=#FF0000><b> /member.asp?id=-1%20UNION%20SELECT%201,memName,3,4,5,6,7,8,9,10,11,memPassword,13,14,15,16%20FROM%20member+where+memID=1

User Agent = Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; .NET CLR 2.0.50727)


Is it typical for Union Attacks to have a high number of quests online ?
 
View user's profile Send private message
hitwalker
PostPosted: Mon Apr 24, 2006 2:32 pm Reply with quote

to my knowledge no...
with these types of attack they dump info into your database.
in the beginning of my site i had an attack to,that was fun...
had 800 visitors online,nice dos attack.
 
evaders99
Former Moderator in Good Standing


Joined: Apr 30, 2004
Posts: 3221

PostPosted: Mon Apr 24, 2006 2:48 pm Reply with quote

Could be a bot net trying to exploit your system with various robot scripts. It happens

_________________
- Only registered users can see links on this board! Get registered or login! -

Need help? Only registered users can see links on this board! Get registered or login! 
View user's profile Send private message Visit poster's website
Susann
PostPosted: Mon Apr 24, 2006 2:51 pm Reply with quote

That was fun... I don't see the fun of it. But I´ll check my logs tomorrow to fight back.


evaders99 you are right.


Last edited by Susann on Mon Apr 24, 2006 2:58 pm; edited 1 time in total 
hitwalker
PostPosted: Mon Apr 24, 2006 2:55 pm Reply with quote

fight back?
You cant....if you get a dos attack like i had then you cant do anything at all.
only thing you can do is call your host like i did and pull the plug...
then it takes an hour for all connections to drop dead.
after that i came back online...
as for any sql attacks,sentinel should deal with that.
and sure susann,...allways smile...
 
Susann
PostPosted: Mon Apr 24, 2006 3:05 pm Reply with quote

No, I meant the bots or possible some of the members anyway the guest are normal again.


I had today a little accident with a shop window can t smile because of my face. Embarassed Smile
 
wildnsyko
New Member
New Member


Joined: Jun 19, 2006
Posts: 4

PostPosted: Mon Jun 19, 2006 1:09 pm Reply with quote

I've blocked myself out of my site 4 times now via Union attack. I was trying to copy and paste some stuff from a Word doc into the Content section of my site. It automatically blocks me. I don't understand what this Union attack thing is when I'm not adding any script....just words. Even if I retype the paragraph, it does the same thing.

Any ideas?? I'm using Nuke Evolution and they don't seem to know why it does it either.
 
View user's profile Send private message
wildnsyko
PostPosted: Mon Jun 19, 2006 1:19 pm Reply with quote

I think I have it narrowed down.....it's the word "union" in a paragraph. Now how can I stop Sentinel from doing that?
 
Susann
PostPosted: Mon Jun 19, 2006 1:28 pm Reply with quote

You can use a combination with that word because sentinel is sometimes overagressive.
Do a search here for this word and you ´ll find examples, I believe.
I tested this long time ago and its really possible to use several word combinations without ban problems. Smile
 
wildnsyko
PostPosted: Mon Jun 19, 2006 1:45 pm Reply with quote

It's hard to change it when you're talking about the Civil War and Union forces. That's my problem.
 
montego
Site Admin


Joined: Aug 29, 2004
Posts: 9449
Location: Arizona

PostPosted: Mon Jun 19, 2006 10:12 pm Reply with quote

Unfortunately, that is vital protection that although is deemed "overly aggressive", would require a tremendous amount of redesign (from what I have read elsewhere). For now, it is an unfortunate, but necessary reality. Although it may look a little bit "odd" to some, maybe replace the "o" with a zero or the "i" with a "1". Sorry, for now, that is the best that I know to do.

_________________
Only registered users can see links on this board! Get registered or login!
Only registered users can see links on this board! Get registered or login! 
View user's profile Send private message Visit poster's website
wildnsyko
PostPosted: Tue Jun 20, 2006 7:30 am Reply with quote

Thanks for all your help. I will figure something out. We're in the middle of getting ready to move to Missouri, so I'm trying to hurry up and get things done before I take my computer down.
 
reformedman
New Member
New Member


Joined: Sep 15, 2006
Posts: 3

PostPosted: Wed Sep 20, 2006 1:25 pm Reply with quote

That's great that you found that out, I was wondering how I could fix my problem with the same situation. I am going to try

un<font size=1>.</font>ion

this way it does not see a super-small dot smaller than 10% of a pixel in the middle of the word.

See if that works.
 
View user's profile Send private message
fkelly
Former Moderator in Good Standing


Joined: Aug 30, 2005
Posts: 3312
Location: near Albany NY

PostPosted: Wed Sep 20, 2006 1:39 pm Reply with quote

Please see this thread:

Only registered users can see links on this board! Get registered or login!

The Onion issue is due to a bug in mainfile, not Sentinel as explained in that thread. There is also a "fix" you can put in if you are comfortable with patching code and the overall issue will be fixed in RN2.10.
 
View user's profile Send private message Visit poster's website
reformedman
PostPosted: Wed Sep 20, 2006 4:05 pm Reply with quote

Best way to fix this problem without having to patch is to use ascii

instead of union

type:

&#117 ; nion

I put spaces in the above but don't put any spaces at all, stick everything together.
 
montego
PostPosted: Wed Sep 20, 2006 8:29 pm Reply with quote

And &#85 ; for the UPPER case U.
 
Display posts from previous:       
Post new topic   Reply to topic    Ravens PHP Scripts And Web Hosting Forum Index -> NukeSentinel™

View next topic
View previous topic
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
You can attach files in this forum
You can download files in this forum


Powered by phpBB © 2001-2007 phpBB Group
All times are GMT - 6 Hours
 
Forums ©