idiot

Red Squirrel · Post by **Red Squirrel** » Sat Oct 09, 2004 7:08 pm

yeah lol.

He does not realize all the processing that would be required to reparse the logs to block html. Have to replace < with < and > with > which requires the use of a php function twice. That's for one field, there's more then one field.

I tested it on my server and it ain't pretty, get's pretty slow. Sometimes you just have to sacrifice "security" for performance.

Archived topic from Iceteks, old topic ID:2731, old post ID:22379

Andy · Post by **Andy** » Sat Oct 09, 2004 7:13 pm

LOL yeah Seems like someone don't know Java or flash scrips either.

Sorry red to see "Idiot" problems are still trying their best to give everyone here high blood presser.

Archived topic from Iceteks, old topic ID:2731, old post ID:22380

Red Squirrel · Post by **Red Squirrel** » Sat Oct 09, 2004 7:23 pm

The way I look at it, the worse thing that can happen is that someone requests a string that has html to an image to fetch my IP. But if someone hacks my lan, they really have nothing to do.

I'm trying to find a way to kill html in those logs though, but it's not easy to do if I want it to be efficient.

Archived topic from Iceteks, old topic ID:2731, old post ID:22381

Red Squirrel · Post by **Red Squirrel** » Sat Oct 09, 2004 8:05 pm

Well I fixed the issue so he won't be able to try and hack me anymore, not that his attempts were successful in first place.

htmlspecialchars() is what I used. Gets rid of < and > in HTTP headers as they are put in logs.

Archived topic from Iceteks, old topic ID:2731, old post ID:22382

Red Squirrel · Post by **Red Squirrel** » Sat Oct 09, 2004 8:48 pm

Just gave him full access, under high supervision of course.

I'll watch a 2 hour movie and come back to see what happends. I'll get popup notifications on my PC if I get scada emails hough so not to worry since I'll check 'em to see if it's him.

Archived topic from Iceteks, old topic ID:2731, old post ID:22383

Death · Post by **Death** » Sat Oct 09, 2004 10:40 pm

Hehehe. Looks like you're pulling out the big guns. Trying to be crafty. Bwahaha.

Archived topic from Iceteks, old topic ID:2731, old post ID:22385

Red Squirrel · Post by **Red Squirrel** » Sat Oct 09, 2004 11:39 pm

Yep, so far nothing too interesting though...

Archived topic from Iceteks, old topic ID:2731, old post ID:22387

Triple6_wild · Post by **Triple6_wild** » Sun Oct 10, 2004 11:45 am

you might get some sort of revenge

that image is gonna be on google and the world will have access to that IP lol

Archived topic from Iceteks, old topic ID:2731, old post ID:22396

Nathan · Post by **Nathan** » Sun Oct 10, 2004 12:16 pm

In France they invented a world to express the action you did :

cassé!

Archived topic from Iceteks, old topic ID:2731, old post ID:22397

Red Squirrel · Post by **Red Squirrel** » Sun Oct 10, 2004 12:47 pm

Haha. Or sabotagé.

Yeah that IP will eventually get spidered on google. Interesting really.

Still no sign of him though, only 2 alarms for that other IP, which is just a referrer spammer that I blocked months ago, just a cheap status 2 alarm.

Archived topic from Iceteks, old topic ID:2731, old post ID:22402

Red Squirrel · Post by **Red Squirrel** » Mon Oct 11, 2004 12:56 pm

Well how fun is this.

http://www.google.ca/search?hl=en&q=%2224....le+Search&meta=

Archived topic from Iceteks, old topic ID:2731, old post ID:22473