server hosts

[hallmat]

can i just say how retarded some of you are

basicly using Xammp is crap with its defult settings

test it out for your self

ask yourself 3 questions

did i put a lock on the FTP server?
did i change the Password for MSSQL?
dd i leave myself VUNRABLE

if yess to all your a dumbass server host

here is how to fix

as i see it with nearly every server that goes up

i will be sending pm's to all the server hosts i have found that are doing as such

EXPECT A PM PPL

as if you have a VB forum i can get your Admin password and have already for 1 server but not accessed it

i will send pm's now

 

[MoaningMurtle]

You mean MySQL, Its not exactly that important on a box that your using to run mir aslong as you cant access the MSSQL.

 

[hallmat]

your very wrong there m8

look at your pm i can get into your SQL from the outside using that

 

[mapadale]

your very wrong there m8

look at your pm i can get into your SQL from the outside using that

I'm affraid to say Matt, not on ours you can't.

As a rule we don't use MySQL on the same server as the host game, this is on our web server - From our web server each DB is indervidually PP'd and no DB sharing - All forum passwords are on a 30day change and won't allow 4 duplication.

Our SQL server, uses the OS security which is fully patched up and so no access by back door account creation - As well as that, its using the SQL security feature and our very own purpose built firewall - Which is running through a DMZ.

I can see where your comming from with this, but not all server hosts are idiots when it comes to security.

 

[BlackT]

I wouldn't go that far and call them "idiots". It's just the fact they ignore things they don't know about and they should ask themselves "how do I secure my server?"....
I'd call them "ignorants"

 

[MoaningMurtle]

your very wrong there m8

look at your pm i can get into your SQL from the outside using that

You got the MySQL, MSSQL is different.

 

[peppe]

hall w8 tull i get out of this mental instatute then i will get my server going lol ><

 

[hallmat]

You got the MySQL, MSSQL is different.

wow

ok here is how someone can access your DEDI from MYsql

i had your password for Mysql or MSSQL i dont know anyway

i can send a exploit to your MYsql and make it run a script where i can gain ROOT acess to your server

im not an idiot i know the differentce between Mysql and MSSQL

Search Metasploit

and miloworm and look at some of the Exploits on there and you will see what a Skiddie can do


@mapdale

tbh m8 i didnt even check yours

 

[mapadale]

wow

ok here is how someone can access your DEDI from MYsql

i had your password for Mysql or MSSQL i dont know anyway

i can send a exploit to your MYsql and make it run a script where i can gain ROOT acess to your server

im not an idiot i know the differentce between Mysql and MSSQL

Search Metasploit

and miloworm and look at some of the Exploits on there and you will see what a Skiddie can do


@mapdale

tbh m8 i didnt even check yours

Lol Metasploit, have u used the command shell for metasploit or the gui, the problem with it, if the servder is fully patched then it has trouble injecting the comand shell.

But I can see where your comming from on this though.

 

[hallmat]

not really i was looking at some of the other security breaching tools as im a programmer and was looking at how to defend some of the applications i will make in the future

 

[Dr3AmScAp3]

not really i was looking at some of the other security breaching tools as im a programmer and was looking at how to defend some of the applications i will make in the future

Metasploit only works on pre service pack OS, if your fully patched up and have all the updates. Its very hard to use Metasploit to inject the command shell in the OS, to create the back door.