The Major BBS Forums (Archive)

Hey dspain is your system down? I was going to upload some of the mods like you asked but I havn't been able to get on for a few days.

Its arcticzone.dyndns.org right? I could be losing my mind hehe but thats nothing new

Thanks,

Talonp

Might try,

azonebbs.dyndns.org

Thanks it works via Telnet I was trying to access it via the HTML interface

SO I know it up now for telnet at less.

Again thanks for the help Drex

Talonp wrote:Thanks it works via Telnet I was trying to access it via the HTML interface

SO I know it up now for telnet at less.

Again thanks for the help Drex

i disabled the web interface for right now.
i found a severe exploit in the GALWEBD web server and have
it down while i go through the WEBD.C code and find a way
to repel it.

once i get this guy to come off the explot's source code i will counter-attack it, until then i had to disable the web side.

Ahhh that explains it...thank you for the answer, let us know when you get it fixed and how it goes my friend.

Talonp wrote:Ahhh that explains it...thank you for the answer, let us know when you get it fixed and how it goes my friend.

it goes slow as usual, seems the damn thing can attack FTP port 21 as well.

the ftp one is easy capture the params and limit to like 70 chars.

web one im pulling my hair out over.

dspain wrote:

Talonp wrote:Ahhh that explains it...thank you for the answer, let us know when you get it fixed and how it goes my friend.

it goes slow as usual, seems the damn thing can attack FTP port 21 as well.

the ftp one is easy capture the params and limit to like 70 chars.

web one im pulling my hair out over.

It is recommend to run it in Safe Web mode so that the attack is thwarted.

The Storm wrote:

dspain wrote:

Talonp wrote:Ahhh that explains it...thank you for the answer, let us know when you get it fixed and how it goes my friend.

it goes slow as usual, seems the damn thing can attack FTP port 21 as well.

the ftp one is easy capture the params and limit to like 70 chars.

web one im pulling my hair out over.

It is recommend to run it in Safe Web mode so that the attack is thwarted.

run what in safe mode?

dspain wrote:

The Storm wrote:

dspain wrote: it goes slow as usual, seems the damn thing can attack FTP port 21 as well.

the ftp one is easy capture the params and limit to like 70 chars.

web one im pulling my hair out over.

It is recommend to run it in Safe Web mode so that the attack is thwarted.

run what in safe mode?

"Enable Secure Web?

Do you want to enable Secure Web? Secure Web allows you to password protect and/or key off particular URLs. You cannot key off/password protect URLs that are owned by Active HTML modules, however, with Secure Web. "

It seems with this option turned on, the attack is less likely to crash the board. It's in the General Setup.

The Storm wrote:

dspain wrote:

The Storm wrote: It is recommend to run it in Safe Web mode so that the attack is thwarted.

run what in safe mode?

"Enable Secure Web?

Do you want to enable Secure Web? Secure Web allows you to password protect and/or key off particular URLs. You cannot key off/password protect URLs that are owned by Active HTML modules, however, with Secure Web. "

It seems with this option turned on, the attack is less likely to crash the board. It's in the General Setup.

oh you mean secure web, yeah that is likely to minimize the threat but won't cease it altogether, i have already coded in a series of debugging log utilities to write to specific logfiles when certain things happen, the good news is it will write the debug info prior to the crash which is an exception crash (old GP in dos) so the servere comes right back up,
and unlike dos since the nt system doesnt reboot, it writes the entire file.
im gonna have a series of things pointed at that web server such as syn_'s and such and see what i get in the debug logs and then write in preventitive measures in the webd thus giving us a safe place to surf

i know i know i have no F****NG life!!!!