[fpc-other] Last message about changes (guaranteed!)

[waldo kitty]

On 9/29/2012 08:52, Jonas Maebe wrote:
> However, if the server were hacked that would probably not be enough. On the other hand, it probably wouldn't be enough either in case a forum server were hacked.

exactly... if any software on a server is hacked so as to give shell access, 
then security level promotion is the next step and once that is achieved, the 
"world is your oyster" (the server is p0wned)... once that is achieved, then any 
and all processes are able to be "corrupted"... i won't even mention breaking 
out of VMs or simply hacking into the host OS and then "corrupting any VMs and 
the host from there...

i've seen hosted sites taken down because one site or application, while it may 
have been upgrades/updated, left behind older buggy tools or versions... 
remember when java didn't uninstall previous during an upgrade? so then you had 
the old and the new and you were still vulnerable to the bugs of the previous 
versions if/when the hacker found them...

the *biggest* reason for hacks is not sanitizing and/or validating user and 
supposedly known automated input... even if a passed var is not user accessible, 
if it is in the stream, then it can be modified or replaced... even cookie data 
falls into this... IDS/IPS folks see this type of stuff all the time... in some 
cases, it is simply a "SQL injection" which places code in a field in the 
database which is then executed by the server for every call that pulls that 
field or it is executed by every user when the page they are viewing pulls that 
field...

i'll stop there because i'm starting to wander and get too far afield but i just 
wanted to point out that no server (or workstation for that matter!) is 
completely safe from "users" doing what they are not supposed to be doing ;)