Ravens PHP Scripts: Forums
 

 

View next topic
View previous topic
Post new topic   Reply to topic    Ravens PHP Scripts And Web Hosting Forum Index -> Security - PHP Nuke
Author Message
MGCJerry
New Member
New Member


Joined: Feb 19, 2006
Posts: 5
Location: Nowhere

PostPosted: Sun Feb 19, 2006 10:24 am Reply with quote

I posted this on another forum (The Admin Zone) and figured this would be appropriate if I posted it here also... I'm posting this to see what you think about the idea.

After spending some time coding some site security software (in-house) and discussing the project with others, I get a mixed reaction about what the software does upon identifying an attack...

I have developed a fairly complex security system for PHPNuke and have employed it for almost 2 years now. Upon identifiying an attack, the script displays a page similar to this: Only registered users can see links on this board! Get registered or login! (no this specific page will not ban you)

However, I have a project on hand called "Rogue Admin" that will allow users to browse the "Wall of Shame", and be able to leave a comment for the hacker (in addition to other functions). Once a comment is left, when the hacker returns (most do), all they will see is the message which the user enters themselves. Measures are in place to allow the user to hide their idenity (profile data) if they wish.

Now, the difference of opinion....

My Logic:
Yes, he'll get a little upset because he was busted. But having google open in one window, he'll just press on while referring his close, leet "hacker" buddies to the site to try to attack it, usually with a similar exploit list to his own. He sure as hell isnt going to brag about it because he got caught, and caught by a script... OR he may not even mention it to others and simply move on, because if you're such a "leet hacker" as these people feel, its not wise to tell your buddies that you got busted on your first attack. So in effect, I have no qualms about insulting such no skill "skript kiddies".

Others say:
Don't insult them, just ban them and tell them they've been banned. These people think it is a very bad idea to insult a script kiddie...

So, what do you think? Do you think it is ok to insult someone who is trying to exploit your website, or just let them be and silently ban them?

I want to know how you guys feel about the issue of whether to be obscure with error messages, or just telling them how not leet they are.
 
View user's profile Send private message
Raven
Site Admin/Owner


Joined: Aug 27, 2002
Posts: 17086

PostPosted: Sun Feb 19, 2006 10:56 am Reply with quote

I have always had mixed emotions on this - and I still do. You've just caused me to have to think about it again ROTFL


Last edited by Raven on Sun Feb 19, 2006 2:04 pm; edited 1 time in total 
View user's profile Send private message
MGCJerry
PostPosted: Sun Feb 19, 2006 11:45 am Reply with quote

Image

Well, let us know how you feel about it when you're done thinking. Very Happy
 
fkelly
Former Moderator in Good Standing


Joined: Aug 30, 2005
Posts: 3312
Location: near Albany NY

PostPosted: Sun Feb 19, 2006 1:13 pm Reply with quote

Ban 'em. Ignore them. They crave attention and if you give them any it just spurs them on. It's hard to humiliate idiots.
 
View user's profile Send private message Visit poster's website
FireATST
RavenNuke(tm) Development Team


Joined: Jun 12, 2004
Posts: 637
Location: Ohio

PostPosted: Sun Feb 19, 2006 1:26 pm Reply with quote

killing me killing me I like the way you think fkelly. I don't think you can really do anything to change their minds, they do it for attention as fkelly stated. The more you try and deal with them, the more they get from it. I say "BAN THEM"
 
View user's profile Send private message Visit poster's website MSN Messenger ICQ Number
Susann
Moderator


Joined: Dec 19, 2004
Posts: 3191
Location: Germany:Moderator German NukeSentinel Support

PostPosted: Sun Feb 19, 2006 8:45 pm Reply with quote

I have really mixed emotion, I thought about to leave a message to a turkish hacker who attacked my site 5 days. I´know he would come back but he got no chance and I quess his friends are also banned. Maybe I can change the mind from some of our kiddies but I´m sure I can not change the world.
 
View user's profile Send private message
daemon
Worker
Worker


Joined: Jan 07, 2005
Posts: 163

PostPosted: Sun Feb 19, 2006 9:28 pm Reply with quote

yea rubbing it in there face will usually only make them want to try again so its diffently a mixed emotion.... simply banning them may be the same depending on who it is.... so just ban them and deal with it as needed. no sense in dragging it out.

just my 2 cents Mr. Green
 
View user's profile Send private message Visit poster's website AIM Address
evaders99
Former Moderator in Good Standing


Joined: Apr 30, 2004
Posts: 3221

PostPosted: Sun Feb 19, 2006 9:36 pm Reply with quote

If a script kiddie, you may just encourage them on by giving your site special attention. If just a robot, then they will probably not actually be doing this in a browser with Javascript nor actually have anyone to view the message.

Just do a ban, move on Smile

_________________
- Only registered users can see links on this board! Get registered or login! -

Need help? Only registered users can see links on this board! Get registered or login! 
View user's profile Send private message Visit poster's website
studeggle
Hangin' Around


Joined: Mar 19, 2004
Posts: 36

PostPosted: Thu Feb 23, 2006 1:36 pm Reply with quote

The previous posts are right. Best to just BAN them and move on. Tuanting back gives them attention and for some its like daring them to try again and again.
Doesn't mean I didn't get a good laugh out of your page though Very Happy

_________________
Image 
View user's profile Send private message Visit poster's website AIM Address Yahoo Messenger MSN Messenger
kguske
Site Admin


Joined: Jun 04, 2004
Posts: 6383

PostPosted: Thu Feb 23, 2006 9:25 pm Reply with quote

I like to waste the punk's time more than they waste mine. So, I might redirect them to the index page - or to the index page of my favorite (NOT!) websites. Or ban them. Or PC-Killer them. Don't you just LOVE NukeSentinel's flexibility?

Also, showing banned IPs is like free advertising - as fkelly implied - some people like attention, positive or negative.

But responding wastes MY time - it's almost never worth that, unless I have enough proof to get their site shut down - a forwarded email from NukeSentinel is worth the time it will take them to move to another site or recreate on another site.

_________________
I google, therefore I exist...
Only registered users can see links on this board! Get registered or login!
 
View user's profile Send private message
Guardian2003
Site Admin


Joined: Aug 28, 2003
Posts: 6793
Location: Ha Noi, Viet Nam

PostPosted: Fri Feb 24, 2006 12:48 am Reply with quote

Depending on the type of attack I redirect to a page containing links to 'Downloads' - what youngster can resist looking?
What they actually download is a program called 'crazymouse' which is loaded the first time they reboot their PC and periodically makes the mouse move about all over the place for a few seconds (seemingly at random).

When they eventually locate it, they spend so much time sending it to their 'mates' they have forgotten about my site long ago - and I had a bit of fun knowing.

I find taunting the younger generation is just like throwing down the gauntlet.
 
View user's profile Send private message Send e-mail
Dawg
RavenNuke(tm) Development Team


Joined: Nov 07, 2003
Posts: 910

PostPosted: Fri Feb 24, 2006 7:30 pm Reply with quote

Guardian2003 wrote:
Depending on the type of attack I redirect to a page containing links to 'Downloads' - what youngster can resist looking?
What they actually download is a program called 'crazymouse' which is loaded the first time they reboot their PC and periodically makes the mouse move about all over the place for a few seconds (seemingly at random).

When they eventually locate it, they spend so much time sending it to their 'mates' they have forgotten about my site long ago - and I had a bit of fun knowing.

I find taunting the younger generation is just like throwing down the gauntlet.



That's good! I love it!

I would not say a word to them. Just ban them and move on.
 
View user's profile Send private message
djmaze
Subject Matter Expert


Joined: May 15, 2004
Posts: 719
Location: http://tinyurl.com/5z8dmv

PostPosted: Sat Feb 25, 2006 8:15 am Reply with quote

i wrote one that opens and closes the cd tray every 3 seconds Smile
 
View user's profile Send private message Visit poster's website
Display posts from previous:       
Post new topic   Reply to topic    Ravens PHP Scripts And Web Hosting Forum Index -> Security - PHP Nuke

View next topic
View previous topic
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
You can attach files in this forum
You can download files in this forum


Powered by phpBB © 2001-2007 phpBB Group
All times are GMT - 6 Hours
 
Forums ©