Forum/Bulletin Board Recommendations?

Ross Werner ross at indessed.com
Sat Mar 11 19:51:42 MST 2006


On Wed, 08 Mar 2006 21:24:07 -0800, Jonathan Duncan  
<jonathan at jkdwebmagic.com> wrote:
> On Wed, 8 Mar 2006, Ross Werner wrote:
>> What kind of "frightening security breaches" are we talking here, out  
>> of curiousity? I mean, let's say (hypothetically speaking) I was  
>> running a phpBB on remote hosting on a computer I didn't even have  
>> shell access to (I don't even think it's set up to allow PHP to run  
>> commands), and I do nightly backups of the phpBB data. Do I have  
>> anything at all to worry about?
>
> The breaches I was referring to were the ones that other people replying  
> to this thread were mentioning.  I am not quite sure I understand the  
> scenario you presented.  Most web servers are run on "remote" machines,  
> if by remote you mean that you are not sitting at the actual machine.

Heh, true. Basically by "remote" I meant a computer that I don't own, and  
that I don't use for anything else apart from being a web server. (So it's  
not going to have, for example, development tools or personal data and so  
forth.)

> The most recent big security bug can be read about here:
>
> http://news.netcraft.com/archives/2005/12/22/exploit_targets_new_phpbb_security_hole.html

Looks like you have to have HTML enabled for that one. Is that true of  
most phpBB exploits?

> I hope this helps.  Your mileage may vary, of course.

Thanks for the info.

	~ Ross



More information about the PLUG mailing list