Search found 41 matches

by rcardona
Sat Dec 31, 2005 7:00 pm
Forum: [2.0.x] MODs in Development
Topic: [BETA] FreeCap Visual Confirmation 0.0.3
Replies: 205
Views: 73219

Big-endian means Sun UltraSparc or IBM Power, and maybe PowerPC, correct? I'm going to include the font-building note in the author notes. Yes those are some examples of big-endian processors. Others are M68000, ARM, IBM zSeries. I'm on a PPC 750 machine but upgrading soon to a dual core 970MP.
by rcardona
Sat Dec 24, 2005 8:06 am
Forum: [2.0.x] MODs in Development
Topic: [BETA] FreeCap Visual Confirmation 0.0.3
Replies: 205
Views: 73219

I found aronchav's eval() bug:

Code: Select all

					$logic = 'return strtolower($row[\'code\'])) != strtolower($confirm_code);';

Has one too many )'s for the first strtolower(). This is from the latest zip, enhanced_002.zip.

I had to fix that too to get registration to work.
by rcardona
Sat Dec 24, 2005 7:08 am
Forum: [2.0.x] MODs in Development
Topic: [BETA] FreeCap Visual Confirmation 0.0.3
Replies: 205
Views: 73219

A_Jelly_Doughnut, After some intense debugging I finally got your freecap port to work. Fixing the fonts for big-endian only involved modifying the first 16 bytes of the font file. Then I spent a few more hours debugging a bug in freecap()... In this block of code // read each font and get font char...
by rcardona
Sat Dec 24, 2005 3:11 am
Forum: [2.0.x] MODs in Development
Topic: [BETA] FreeCap Visual Confirmation 0.0.3
Replies: 205
Views: 73219

I found the problem in freecap's usage of imageloadfont(): int imageloadfont ( string file ) ... The font file format is currently binary and architecture dependent. This means you should generate the font files on the same type of CPU as the machine you are running PHP on. The fonts included in fre...
by rcardona
Sat Dec 24, 2005 12:25 am
Forum: [2.0.x] MODs in Development
Topic: [BETA] FreeCap Visual Confirmation 0.0.3
Replies: 205
Views: 73219

Thanks for the mod A_Jelly_Doughnut.

What font is the mod supposed be using? All I'm getting are backgrounds with no foreground sequence.

Any ideas? I'll see if can dig it up myself...
by rcardona
Fri Jul 01, 2005 11:22 pm
Forum: 2.0.x Support Forum
Topic: Apache forbidden rule for new 2.0.15 worm
Replies: 9
Views: 440

Yes, what Neothermic said.

Thank you!
by rcardona
Fri Jul 01, 2005 10:44 pm
Forum: 2.0.x Support Forum
Topic: Apache forbidden rule for new 2.0.15 worm
Replies: 9
Views: 440

This is not a security issue for patched phpBB systems. It is a high database connection or Active visitor issue that can be resolved with an Apache mod_rewrite rule. It is also an indication that there is a least one worm taking advantage of an update issue in <= v2.0.15. Worms happen, the ST team ...
by rcardona
Fri Jul 01, 2005 10:30 pm
Forum: 2.0.x Support Forum
Topic: Apache forbidden rule for new 2.0.15 worm
Replies: 9
Views: 440

You may be referring to the Santy worm. I posted the Apache forbidden rule for that worm as well. This worm has a different signature that can bypass those rules. Based on the two BugTraq Full Disclosure posts, I have seen two probing request signatures: 209.152.*.* - - [01/Jul/2005:13:39:12 -0500] ...
by rcardona
Fri Jul 01, 2005 10:00 pm
Forum: 2.0.x Support Forum
Topic: Apache forbidden rule for new 2.0.15 worm
Replies: 9
Views: 440

Apache forbidden rule for new 2.0.15 worm

In preparation for exploits on the new security issue possible in phpBB v2.0.15 and the high database activity it generates, I added these rules to my system yesterday. RewriteEngine On RewriteCond %{QUERY_STRING} ^(.*)highlight=\% [NC,OR] RewriteCond %{QUERY_STRING} ^(.*)highlight=(.*)[\%27|\'](.*)...
by rcardona
Tue Jan 11, 2005 7:38 am
Forum: 2.0.x Support Forum
Topic: Suddenly a lot of users viewing forums?
Replies: 86
Views: 9308

If you have read this post and are unsure of what to do contact your support team and give them the URL to this message. Ask for them assistance in putting some web server rules in place to prevent worms from wasting their bandwidth and server CPU resources. I've noticed a remarkable increase in wha...
by rcardona
Thu Dec 30, 2004 6:50 pm
Forum: 2.0.x Support Forum
Topic: Suddenly a lot of users viewing forums?
Replies: 86
Views: 9308

Rewrite rules require mod_rewrite support to be active in Apache. Check your main httpd.conf file to make sure there is a line for: LoadModule rewrite_module mod_rewrite.so Since you are using .htaccess your main httpd.conf must allow overrides, if your virtual host is setup with "AllowOverrides Non...
by rcardona
Thu Dec 30, 2004 5:26 pm
Forum: 2.0.x Support Forum
Topic: Suddenly a lot of users viewing forums?
Replies: 86
Views: 9308

What you are seeing is the result of outbreaks of automated worm attacks that are using search engines to find any and all phpBB forums. The latest breakout seems to have happened today at 04:30 -0600 or 10:30 GMT and is using msn search. Since your system is not vulnerable, phpBB is processing the ...
by rcardona
Thu Dec 30, 2004 4:14 am
Forum: 2.0.x Support Forum
Topic: Suddenly a lot of users viewing forums?
Replies: 86
Views: 9308

The Santy worm variants have slowed to lower, pre-outbreak levels. Instead of logging 40,000 daily requests my Server is logging about 2,000 daily requests. This would translate to less "simulateneous viewers" than during the worm attack heights.
by rcardona
Mon Dec 27, 2004 5:39 pm
Forum: 2.0.x Support Forum
Topic: Forum errors
Replies: 1
Views: 310

There are variants of the Santy worm making tens of thousands of requests against fully patched, non-vulnerable servers out there. Yours may be getting impacted. Just the act of accessing the viewtopic page, over and over may be exhausting the number of concurrent database connections on your system...
by rcardona
Mon Dec 27, 2004 5:29 pm
Forum: 2.0.x Support Forum
Topic: "Warning: Unknown" problem with my board...
Replies: 2
Views: 165

If you have not upgraded to PHP v2.0.11 some web host providers or ISPs are changing the file permissions of the vulnerable file, viewtopic.php, to "unreadable" by the web server. This is their hint for you to upgrade. If you upgrade to, or install v2.0.11 the permissions should be restored. If not,...

Go to advanced search