Just checking

Discussion in 'General Topics' started by Longboard, Mar 11, 2005.

Thread Status:
Not open for further replies.
  1. Longboard

    Longboard Registered Member

    Joined:
    Oct 2, 2004
    Posts:
    3,187
    Location:
    Sydney, Australia
    Would you ever send e-mails from "anyone@wilders" or such?

    As you are no doubt aware, Spywarewarrior's database was compromised and e-mail addresses harvested resulting in bogus e-mails.

    I appreciate how difficult it must be maintaining security and have always thought of netrn as a great resource, but this is annoying.

    This is alarming on many fronts !!!

    We the members have been assured that our e-mail addys have not been harvested, but still a shiver down the spine. Will have to wait and see.

    There is no similar exploit in Wilder's?
     
  2. NICK ADSL UK

    NICK ADSL UK Administrator

    Joined:
    May 13, 2003
    Posts:
    9,217
    Location:
    UK
    Hi longboard :)
    We have discussed this numerous times in the past and it is indeed very unfortunate as to what has happened over at the Spywarewarrior's forum. There is indeed no similar exploit here in the Wilder's security forum. As forum security is strictly private and confidential this thread is now closed

    Regards
     
  3. LowWaterMark

    LowWaterMark Administrator

    Joined:
    Aug 10, 2002
    Posts:
    17,876
    Location:
    New England
    The description from Spyware Warrior says that the person who did that simply triggered the built-in function to send bulk email to all registered members. Using that feature (which most forum packages have available) means that the automated mailer in the forum software sent the email, not that the people involved extracted any email addresses. So while everyone did indeed get an email, it is doubtful the email addresses were harvested.

    I don't know the specific exploit used, but not all exploits are the same. They don't all allow unrestricted access to even the forum software, never mind the database or the server they run on. Sometimes they are very focused and only allow specific limited functions to be performed.

    In any case, all software has bugs and new exploits are found fairly from time to time. vBulletin has had its share just like phpBB and all the others. The best you can do is keep informed about any critical updates offered by the vendor in question, and apply what you need to in order to stay secure.
     
  4. Longboard

    Longboard Registered Member

    Joined:
    Oct 2, 2004
    Posts:
    3,187
    Location:
    Sydney, Australia
    re;:just checking

    to Nick & LWM
    Thankyou. :)
     
Thread Status:
Not open for further replies.