Welcome to Geeklog, Anonymous Monday, November 25 2024 @ 11:00 pm EST

Geeklog Forums

Geeklog is the most Insecure portal i've ever used


apeson

Anonymous
Geeklog is the most Insecure portal I’ve ever used, I’ve been hacked for the 3rd time and I’ve tried everything to eliminate hackers but I was hacked one again. I’ve decided not to use geeklog because this is the worst portal ever. Sure I’ve used phpNuke and stuff like it but I never had problems like I had with geeklog. However, i DO NOT intend to put the developers down for the work that they’ve done I respect them and the job that they tried to do. I’m just disappointed…

take care....
 Quote

Status: offline

ScurvyDawg

Forum User
Full Member
Registered: 11/06/02
Posts: 523
Your dreaming apeson, If your geeklog site is having security issues it is either that box your on or it is your setup of the system.

Geeklog was chosen by me over all the other choices out there because of its security. I just wanted to add my two cents because I beleive your wrong.
 Quote

Status: offline

geKow

Forum User
Full Member
Registered: 01/12/03
Posts: 445
Quote by apeson: ...i DO NOT intend to put the developers down for the work that they’ve done


Nice way to show that

geKow
 Quote

Status: offline

Dirk

Site Admin
Admin
Registered: 01/12/02
Posts: 13073
Location:Stuttgart, Germany
Well, without any further details, there isn't really much to say here. For example, what makes you think that it was even Geeklog that was hacked? Some add-ons or other scripts that you have on your site may have caused the problems.

And it's also possible to install Geeklog in ways where it can be hacked easily (e.g. not changing default passwords, not following the installation instructions properly, ...).

If you can provide any information to substantiate your claims, then we would like to hear about it. Please send any details you could provide to geeklog-security@lists.geeklog.net and we'll look into it (see this page for further information).

bye, Dirk
 Quote

hdn_hrt

Anonymous
Easier: post here your URL. And maybe someone could tell you what's wrong. Of course, the risk is you'll be hacked again. But at least, you'll now the reason.
 Quote

Status: offline

TechSys

Forum User
Regular Poster
Registered: 12/02/03
Posts: 90
It has to be the box his system is run on. I have had people try to hack my server, but have failed... so far.
I believe Geeklog developers make security a priority. since I have started running GL, if a hole has been found, or even thought of, the developers fix it or look into it before doing anything else.

I think the developers are doing a great job
http://70.145.174.180/
 Quote

xlordt

Anonymous
i work as a security analist for some site, and i did find acouple of holes in gl including the current version that i my self have still to path, but i rather let gl path it.. i dont know if i should post it here.. or just email it to someone trustable enought to pass it to the right person
 Quote

xlordt

Anonymous
Quote by apeson: Geeklog is the most Insecure portal I’ve ever used, I’ve been hacked for the 3rd time and I’ve tried everything to eliminate hackers but I was hacked one again. I’ve decided not to use geeklog because this is the worst portal ever. Sure I’ve used phpNuke and stuff like it but I never had problems like I had with geeklog. However, i DO NOT intend to put the developers down for the work that they’ve done I respect them and the job that they tried to do. I’m just disappointed…

take care....


get ready phpnuke is worse and good luck
 Quote

Status: offline

Dirk

Site Admin
Admin
Registered: 01/12/02
Posts: 13073
Location:Stuttgart, Germany
Quote by xlordt: i dont know if i should post it here.. or just email it to someone trustable enought to pass it to the right person

In case that Geeklog Security link is not prominent enough: Please post any security issues that you may have found to geeklog-security@lists.geeklog.net and we'll look into it.

bye, Dirk
 Quote

Status: offline

JohnVanVliet

Forum User
Full Member
Registered: 10/09/03
Posts: 161
it has to be his box or setup
sofar gl is the best i have used
 Quote

Status: offline

Lore

Forum User
Newbie
Registered: 05/17/03
Posts: 1
I have to make a switch, and I'm considering GL. My phpnuke site has been hacked one time too many.
 Quote

Status: offline

xlordt

Forum User
Junior
Registered: 09/06/02
Posts: 19
Quote by Lore: I have to make a switch, and I'm considering GL. My phpnuke site has been hacked one time too many.


Lore dont let that fool you phpnuke is far to worse then gl, take my word for it... i work as a security analist, and i have seen over 50 users who uses phpnuke and got hacked.. and over 25 users who uses gl that got there site hacked, the limit is a big difference
 Quote

Status: offline

Marites

Forum User
Chatty
Registered: 02/04/04
Posts: 64
If the server your GL or PHPNuke is not totally secure how can you expect any application that runs on it to be secure. No one can say any portal is better than any other for security infringements if someone is detirmined to get in they will it just up to us to make their job harder by making our server secure in the first place.

Sorry English is not my first language so hopefully my reply make sense to read.

Tess
 Quote

Status: offline

xlordt

Forum User
Junior
Registered: 09/06/02
Posts: 19
Quote by Marites: If the server your GL or PHPNuke is not totally secure how can you expect any application that runs on it to be secure. No one can say any portal is better than any other for security infringements if someone is detirmined to get in they will it just up to us to make their job harder by making our server secure in the first place.

Sorry English is not my first language so hopefully my reply make sense to read.

Tess


not only the server, but the portal itself the server is the hosts job to deal with, ifi ts the server then gl or phpnuke has nothing to do with it... as long as M$ servers are always updated or linux kernel is always patched/updated then everything is fine.. now this is the part where the portal comes in.. see its two different things
 Quote

Status: offline

ScurvyDawg

Forum User
Full Member
Registered: 11/06/02
Posts: 523
sounds to me like she realizes that?

 Quote

Status: offline

xlordt

Forum User
Junior
Registered: 09/06/02
Posts: 19
heh she said server, i didnt read any thing about portals in her post, just tring to clear that out
 Quote

Status: offline

Marites

Forum User
Chatty
Registered: 02/04/04
Posts: 64
I was not comparing any portal against another - I was saying if you have not set up your server properly or if your server is not maintained properly any application running on it cannot be 100% secure.

There is more to a secure server than the latest updates for example do you run ftp or SSL is your sql and php set up properly and so on if these things are not running in a 100% secure mode then there are back doors for a hacker to enter.

I do run my own server not just rent space on a server and have done so for 10 years now.

I have run many portals and each has its faults and advantages our server runs 1 instance of phpnuke and a number of GL. These are all our own operated sites we do not rent space. I will not stir things by saying which is more or less secure.

Have we been hacked - yes but not through a portal but through Perl about 6 years past.

Tess
 Quote

Status: offline

xlordt

Forum User
Junior
Registered: 09/06/02
Posts: 19
windows server? anyways.. good luck i know what you mean
 Quote

All times are EST. The time is now 11:00 pm.

  • Normal Topic
  • Sticky Topic
  • Locked Topic
  • New Post
  • Sticky Topic W/ New Post
  • Locked Topic W/ New Post
  •  View Anonymous Posts
  •  Able to post
  •  Filtered HTML Allowed
  •  Censored Content