| :: |
| Author |
Message |
lavinya
PR1
Joined: 24 Jul 2006
Posts: 159
Location: Turkey
|
|
| Back to top |
|
 |
|
|
AmirAbbas
phpBB SEO Team
Joined: 11 May 2006
Posts: 529
Location: IRAN
|
|
| Back to top |
|
|
Peter77
phpBB SEO Team
Joined: 10 May 2006
Posts: 512
Location: Michigan
|
 Posted: Fri Oct 20, 2006 3:56 am Post subject: Re: Cracker Tracker Professional G5 |
|
|
| I agree. I had this MOD installed in the 4.x.x versions and there where too many updates to keep up with. it is too bulky for what it does and half the bots it blocks can be done with a robots.txt. |
|
|
| Back to top |
|
|
AmirAbbas
phpBB SEO Team
Joined: 11 May 2006
Posts: 529
Location: IRAN
|
|
| Back to top |
|
|
dcz
Administrateur - Site Admin
Joined: 28 Apr 2006
Posts: 13354
|
|
| Back to top |
|
|
gowap
phpBB SEO Team
Joined: 07 May 2006
Posts: 990
|
| Posted: Fri Oct 20, 2006 8:32 pm Post subject: Re: Cracker Tracker Professional G5 |
|
|
erm....
phpBB dev's have an alternate point of view :
| Acyd Burn wrote: | | Crack(er)Tracker is a mod i would never ever recommend or include. |
theres also a post from graham, see :
http://area51.phpbb.com/phpBB/viewtopic.php?p=157896 |
_________________
Gravure-News : la communauté francophone de la gravure de CD/DVD et son forum d'entraide. |
|
| Back to top |
|
|
dcz
Administrateur - Site Admin
Joined: 28 Apr 2006
Posts: 13354
|
| Posted: Fri Oct 20, 2006 9:46 pm Post subject: Re: Cracker Tracker Professional G5 |
|
|
| Graham wrote: | | There are generally much more effective ways to do what those MODs claim to do at the server level instead which also has the advantage of not altering the code |
This is so true. Beside it's a lot faster to do it at the server level.
Then, I agree the vast majority of hacking attempts logged by this software or by phpbbsecurity for example will be false positive, and for sure this is not said enough. But, these are still hacking attempts.
No big deal if your website just gets scanned for known security issues only affecting outdated versions, but you should still care about these attempts to become a bit too repeated in time.
And it's not that easy to find out this type of thing without some active tracking.
It can be quite interesting to find out what the ip was used for, in your server's log, around the time it was detected as an hacking attempt. You might find out this ip was previously used a lot, you might even find out many ip are obviously linked to the same attempt (which would really mean someone is deploying some efforts), for quite some time and for the same reasons. And now that you see ther's never a page load, but only attempts to pass some weird vars and to open some forbidden directories, wouldn't you feel more confidant to just ban this or these Ip for at least while and send a clear message to whoever ?
The problem is how to track and find out about such events, as they do occur a lot more often than they actually lead to a successful hack.
I really think we all need these info.
I personally use mod rewrite and error documents a lot to secure a web site, because the server is less likely to be hacked and will need less resources to operate.
You don't need to mod any file and you protect all your site at once.
I will, as soon as I'll get done with some more SEO mods, continue to work on a security solution based on error documents and .htaccess rewriterules.
We'll be able to filter and track many hacking and spamming behaviours. The system will be entirely customisable, everyone will be able to choose from several rewriterule sets and to add more.
The major enhancement in comparison to previous mods will be the fact it will not add code in the regular php process, just some rewriterules (a lot faster than if we'd do it with php), will log and handle http errors (404, 401 500 etc ...) and will, upon some settings, logs any suspicious event.
When an event will be logged, it will output a friendly message telling the event was logged, and do nothing more. Every event will be compared to the previous logged ones, so that the mod will be able to find out if an ip is performing a bit to many errors and will start warning the user the event is of a kind that should not be repeated.
It's all based on levels and error log analysis, first level, tell an error or known hacking attempt occurred, second level ask to stop, third level warn and send a mail to the admin with a detailed analysis of the matching error logs, levels above are left for self defense, to be able to face massive scanning as the mod should concentrate most of the suspicious events, from shortening the process (outputting a lighter page with a lighter but clearer message) to ip banning after a last but shorter mail was sent to the admin.
The tricky part is to properly tune the event rating system, but in the end, it should be very useful.
++ |
_________________
Useful links :
SEO Forum || SEO Directory || SEO phpBB || SEO phpBB3 || Search
____________________
Liens Utiles :
Forum référencement || Annuaire référencement || Référencement phpBB || Référencement phpBB3 || Recherche |
|
| Back to top |
|
|
AmirAbbas
phpBB SEO Team
Joined: 11 May 2006
Posts: 529
Location: IRAN
|
|
| Back to top |
|
|
lavinya
PR1
Joined: 24 Jul 2006
Posts: 159
Location: Turkey
|
| Posted: Sat Feb 10, 2007 4:12 pm Post subject: Re: Cracker Tracker Professional G5 |
|
|
this mod high secure your phpbb forum.
## FEATURES:
## ==========
##
## - Worm & Exploit protection Unit with heuristic engine and more than 280 definitions
## - SQL Injection detector for GET, POST, ... Vars
## - Attack Counter function
## - Checksum Scanner to detect PHP Files wich were changed
## - Recovery System for the board configuration table
## - 8 different footer layouts
## - File Security Scanner wich detects general security issues in phpBB Files
## - Global Message Function
## - IP Blocker Engine
## - Proxy Blocker Engine
## - UserAgent Blocker Engine
## - Comfortable LOG Manager to view attack logfiles and manage the files
## - Selftest system
## - Automatically check file permissions on the logfiles
## - Show Security Tipps for your Server and Board
## - Maintenance function
## - "Miserable User" function to easily block userposts in viewtopic.php
## - Adjustable main logfile size
## - Completely new and modern layout in ACP and Forum
## - Every feature can easily be activated or deactivated over ACP
## - Search Flood Protection for Guests and Users
## - Login Brute Force Protection System
## - Detect wrong Logins and save them in your logfile
## - Login History for Users
## - IP Range Scanner to detect account abuse
## - Spammer Detection System
## - Detect human registered Spammer (Spam Detection Boost)
## - Spammer Keyword Detection for Posts and Profile
## - Registration Protection
## - Registration IP Scanning
## - Account Password Expire Function
## - Account Password Complexity Function
## - Account Password Length Control
## - Emergency console wich can restore board configuration Table without running phpBB
## - Password Reset Flood Protection
## - Massmail Protection System
## - Auto Recovery Board Settings
## - Visual Confirmation for Guest Postings
## - Protect from "Throw Away Mailservices"
## - Automatically detect misconfiguration of sensible Board Settings
## - Very fast code and OOP with Class Files etc.
## - Protect from overwriting sensible vars
## - and many more |
|
|
| Back to top |
|
|
arkantos
Joined: 13 Feb 2007
Posts: 26
Location: Dark Side of Tha World
|
| Posted: Fri Mar 02, 2007 1:58 am Post subject: Re: Cracker Tracker Professional G5 |
|
|
This mod makes your board like 50% slower than any other mod.
Also you will have lots of problems, its never a final release.
Sometimes users get blocked just for to have 2 windows open in the same browser, they leave the board because of so many ctracker blockings.
I had this mod and its very difficult to keep up to date, so many releases every 2 months.
Also as Graham says if you are uptodate you will prevent hack attemps and DDOs attempts. The only way to secure a PHPBB is trought securing your server and changing variables, those mods just block common treaths that phpbb already blocks, if its not up to date the mod will not prevent the exploit. (except the highlith exploits). |
|
|
| Back to top |
|
|
Capiten.GeP
Joined: 02 Dec 2007
Posts: 1
|
| Posted: Sun Dec 02, 2007 9:10 pm Post subject: Re: Cracker Tracker Professional G5 |
|
|
it says :
| Code: | | message_die() was called multiple times. This isn't supposed to happen. Was message_die() used in page_tail.php? |
something is not ok :s |
|
|
| Back to top |
|
|
Professional
PR1
Joined: 07 Apr 2008
Posts: 116
Location: 1/2 of the World
|
|
| Back to top |
|
|
SeO
Administrateur - Site Admin
Joined: 15 Mar 2006
Posts: 3103
|
| Posted: Thu May 15, 2008 8:52 am Post subject: Re: Cracker Tracker Professional G5 |
|
|
I don't know if they released a phpBB3 version yet, but it's possible.
Now, this does not mean that this mods really helps to increase you board security, at least if you keep it up to date. |
_________________
|
|
| Back to top |
|
|
Professional
PR1
Joined: 07 Apr 2008
Posts: 116
Location: 1/2 of the World
|
|
| Back to top |
|
|
|
|
