any way to tell if the database had been accessed?
and what brought this up to your attention?
IBIS G0D
any way to tell if the database had been accessed?
and what brought this up to your attention?
Originally Posted by OMGBEARS
IBIS G0D
if one had a networking site link such as face book on there forum profile, and there forum profile was compromised, one would assume they may go as far as attempting to use the password they found with our other sites you are affiliated to?
IBIS Regular
I think this should be sent to everyone just as a precaution to tell them to change their passwords. You don't want this coming back and nipping you in the butt
Administrator
I would be able to tell because it would require them to hack the root of the website and add them self to the white list of the firewall. There are also access logs for root and I am the only ip in there. The database is so locked down that I can not even access it remotely. I can only access it locally from within the server. So there is no way anyone could have accessed it.
I was informed about it via e-mail from a user on the forums.
So yea nothing was actually compromised other than the account data for the sql server (that account is now deleted). I just posted this thread right away because on the old web server from a few years ago anyone could access the database remotely. I forgot that I do not allow that anymore in order to make a brute force hack impossible.
So no worries all is good
IBIS G0D
good to know. thanks mateI would be able to tell because it would require them to hack the root of the website and add them self to the white list of the firewall. There are also access logs for root and I am the only ip in there. The database is so locked down that I can not even access it remotely. I can only access it locally from within the server. So there is no way anyone could have accessed it.
I was informed about it via e-mail from a user on the forums.
So yea nothing was actually compromised other than the account data for the sql server (that account is now deleted). I just posted this thread right away because on the old web server from a few years ago anyone could access the database remotely. I forgot that I do not allow that anymore in order to make a brute force hack impossible.
So no worries all is good
edit: although now that i think about it, who the fuck was trying to hack into the database that they noticed this flaw?
Posting Permissions
Register To Reply
