Page 2 of 2
idiot
Posted: Sat Oct 09, 2004 7:08 pm
by Red Squirrel
yeah lol.
He does not realize all the processing that would be required to reparse the logs to block html. Have to replace < with < and > with > which requires the use of a php function twice. That's for one field, there's more then one field.
I tested it on my server and it ain't pretty, get's pretty slow. Sometimes you just have to sacrifice "security" for performance.
Archived topic from Iceteks, old topic ID:2731, old post ID:22379
idiot
Posted: Sat Oct 09, 2004 7:13 pm
by Andy
LOL yeah Seems like someone don't know Java or flash scrips either.
Sorry red to see "Idiot" problems are still trying their best to give everyone here high blood presser.
Archived topic from Iceteks, old topic ID:2731, old post ID:22380
idiot
Posted: Sat Oct 09, 2004 7:23 pm
by Red Squirrel
The way I look at it, the worse thing that can happen is that someone requests a string that has html to an image to fetch my IP. But if someone hacks my lan, they really have nothing to do.
I'm trying to find a way to kill html in those logs though, but it's not easy to do if I want it to be efficient.
Archived topic from Iceteks, old topic ID:2731, old post ID:22381
idiot
Posted: Sat Oct 09, 2004 8:05 pm
by Red Squirrel
Well I fixed the issue so he won't be able to try and hack me anymore, not that his attempts were successful in first place.
htmlspecialchars() is what I used. Gets rid of < and > in HTTP headers as they are put in logs.
Archived topic from Iceteks, old topic ID:2731, old post ID:22382
idiot
Posted: Sat Oct 09, 2004 8:48 pm
by Red Squirrel
Just gave him full access, under high supervision of course.
I'll watch a 2 hour movie and come back to see what happends. I'll get popup notifications on my PC if I get scada emails hough so not to worry since I'll check 'em to see if it's him.
Archived topic from Iceteks, old topic ID:2731, old post ID:22383
idiot
Posted: Sat Oct 09, 2004 10:40 pm
by Death
Hehehe. Looks like you're pulling out the big guns. Trying to be crafty. Bwahaha.
Archived topic from Iceteks, old topic ID:2731, old post ID:22385
idiot
Posted: Sat Oct 09, 2004 11:39 pm
by Red Squirrel
Yep, so far nothing too interesting though...
Archived topic from Iceteks, old topic ID:2731, old post ID:22387
idiot
Posted: Sun Oct 10, 2004 11:45 am
by Triple6_wild
you might get some sort of revenge
that image is gonna be on google and the world will have access to that IP lol
Archived topic from Iceteks, old topic ID:2731, old post ID:22396
idiot
Posted: Sun Oct 10, 2004 12:16 pm
by Nathan
In France they invented a world to express the action you did :
cassé!
Archived topic from Iceteks, old topic ID:2731, old post ID:22397
idiot
Posted: Sun Oct 10, 2004 12:47 pm
by Red Squirrel
Haha. Or sabotagé.
Yeah that IP will eventually get spidered on google. Interesting really.
Still no sign of him though, only 2 alarms for that other IP, which is just a referrer spammer that I blocked months ago, just a cheap status 2 alarm.
Archived topic from Iceteks, old topic ID:2731, old post ID:22402
idiot
Posted: Mon Oct 11, 2004 12:56 pm
by Red Squirrel
Well how fun is this.
http://www.google.ca/search?hl=en&q=%2224....le+Search&meta=
Archived topic from Iceteks, old topic ID:2731, old post ID:22473