Intrusion Detection System
techu Offline
Member
***
Posts: 154
Joined: Sep 2010
Post: #1
Intrusion Detection System
Today in a thread Ryan Gordan wrote:
Quote:It was our Intrusion Detection System giving false positives. It should allow you to post it now.


If anyone knows,  what is this??
Is it a feature in mybb or is it unique for mybb.com?

[Image: banner.png]
11-01-2010 11:49 PM
Find all posts by this user Quote this message in a reply
RateU Offline
Administrator
*******
Posts: 2,349
Joined: Mar 2010
Post: #2
RE: Intrusion Detection System
I think it is a "special" feature for the site, related to the rule in Requests/Services/Jobs forum.

11-02-2010 04:27 AM
Find all posts by this user Quote this message in a reply
MattR Offline
Junior Member
**
Posts: 40
Joined: Jul 2010
Post: #3
RE: Intrusion Detection System
It's nothing to do with the rules in that forum, it's a general security feature for the site.
11-02-2010 04:48 AM
Find all posts by this user Quote this message in a reply
RateU Offline
Administrator
*******
Posts: 2,349
Joined: Mar 2010
Post: #4
RE: Intrusion Detection System
Ah... I thought it has a relationship with the rules for advertiser there.
Ah yes, I think the" error" comes from the reply of PM.

(This post was last modified: 11-02-2010 05:08 AM by RateU.)
11-02-2010 04:58 AM
Find all posts by this user Quote this message in a reply
ZiNgA BuRgA Offline
Fag
*******
Posts: 3,340
Joined: Jan 2008
Post: #5
RE: Intrusion Detection System
I believe it's a special plugin installed only on that forum to try to make attacks against it more difficult.
Ultimately, how successful it is does depend on the exploit an attacker is using and how creative they are at coding around the filters (if necessary at all).

I think it's based off PHPIDS: http://php-ids.org/

My Blog
11-02-2010 12:06 PM
Find all posts by this user Quote this message in a reply
techu Offline
Member
***
Posts: 154
Joined: Sep 2010
Post: #6
RE: Intrusion Detection System
(11-02-2010 12:06 PM)ZiNgA BuRgA Wrote:  I believe it's a special plugin installed only on that forum to try to make attacks against it more difficult.
Ultimately, how successful it is does depend on the exploit an attacker is using and how creative they are at coding around the filters (if necessary at all).

I think it's based off PHPIDS: http://php-ids.org/

So do your think php-ids.org actually works??

[Image: banner.png]
11-02-2010 12:19 PM
Find all posts by this user Quote this message in a reply
ZiNgA BuRgA Offline
Fag
*******
Posts: 3,340
Joined: Jan 2008
Post: #7
RE: Intrusion Detection System
Of course it does.
Probably not a good idea to rely on it however.

My Blog
11-02-2010 12:51 PM
Find all posts by this user Quote this message in a reply
1master1 Offline
Member
***
Posts: 232
Joined: Oct 2010
Post: #8
RE: Intrusion Detection System
yeah, its bad to rely on them as they block some of the basic php functionalities. i had installed injection scanner and it is working fine but not allowing members to perform some basic functionalites on the site.

mainly it is interferring with the RSS feed poster but working fine when who ever tries to run/injection commands to deface the site, it will actively refuse them.
11-02-2010 05:52 PM
Find all posts by this user Quote this message in a reply
trialnick Offline
Junior Member
**
Posts: 13
Joined: Oct 2010
Post: #9
RE: Intrusion Detection System
Quote:but not allowing members to perform some basic functionalites on the site.

injection scanner is fine, I used that too. If it doesn't allow some fuctions you can simply filtered them out. In the list of exploits , some codes are missing as the list is made in 2007.

I use googleseo, and unistalled injection scanner; so I modified htaccess file -putting there many exploit codes (so far I've  mainly for sql , xss and javascript inj.), I used bulletproof + my queries (like|rlike etc)

hope it helps Jap
11-07-2010 02:28 AM
Find all posts by this user Quote this message in a reply
MasterZuFu Offline
Member
***
Posts: 97
Joined: Dec 2010
Post: #10
RE: Intrusion Detection System
Sorry to revive an old thread.

I'd like to see if it's possible for someone to make a plugin with this web software? It'd be really nice to have to say the least.

01-03-2011 10:19 AM
Visit this user's website Find all posts by this user Quote this message in a reply

« Next Oldest | Next Newest »

 Standard Tools
Forum Jump: