News:

SMF 2.1.6 has been released! Take it for a spin! Read more.

Main Menu

Security Concern!!

Started by megacelt, April 14, 2005, 08:41:28 PM

Previous topic - Next topic
Print
Go Down Pages1
User actions

megacelt

April 14, 2005, 08:41:28 PM Last Edit: April 14, 2005, 08:49:54 PM by megacelt
I have my board preferences set up to allow no guests to view anything but a registration page.

I noticed a guest was viewing boards they should not have been able to.  I did an IP on them and got this:

  Search results for: 128.30.52.13


OrgName:    Massachusetts Institute of Technology
OrgID:      MIT-2
Address:    Room W92-190
Address:    77 Massachusetts Avenue
City:       Cambridge
StateProv:  MA
PostalCode: 02139-4307
Country:    US

NetRange:   128.30.0.0 - 128.30.255.255
CIDR:       128.30.0.0/16
NetName:    MIT-NET
NetHandle:  NET-128-30-0-0-1
Parent:     NET-128-0-0-0-0
NetType:    Direct Assignment
NameServer: MINTAKA.LCS.MIT.EDU
NameServer: FEDEX.AI.MIT.EDU
NameServer: LAMPANG.LCS.MIT.EDU
NameServer: BEET-CHEX.AI.MIT.EDU
Comment:   
RegDate:    1983-05-27
Updated:    2003-07-30

TechHandle: ZM80-ARIN
TechName:   MIT Laboratory for Computer Science
TechPhone:  +1-617-253-8304
TechEmail:  [email protected]

OrgTechHandle: JIS-ARIN
OrgTechName:   Schiller, Jeffrey
OrgTechPhone:  +1-617-253-8400
OrgTechEmail:  [email protected]

# ARIN WHOIS database, last updated 2005-04-13 19:10
# Enter ? for additional hints on searching ARIN's WHOIS database.

How is this happening and what can I do to prevent it?

Amacythe

#1
April 14, 2005, 09:33:10 PM
The software shows what they TRIED to do, not what they are actually doing.  If they click a link they can't view you will see that they attempted to, but they won't actually be able to see it.

HoTmetal

#2
April 14, 2005, 10:06:07 PM
That makes me feel better. I've had that IP try funny things on my board too.

megacelt

#3
April 15, 2005, 12:00:39 AM
Same IP? What is up with that! They were shown as online for perhaps 30 minutes.  Hard to imagine they were just staring at a login screen for that long... but who knows - actually makes me more suspicious (ok, maybe I'm just paranoid, I don't have members posting national secrets :) , but it is supposed to be a registered member only board).  I know any site can be hacked if someone wants to badly enough, but did not know how effective the login requirement is in relative terms.

Anyone have any notions about that MIT IP address?

Thantos

#4
April 15, 2005, 12:07:16 AM
Yeah its a web bot
Print
Go Up Pages1
User actions
Advertisement: