Tracking Users, Finding Malicious Users, Security on phpBB

Do not post support requests, bug reports or feature requests. Discuss phpBB here. Non-phpBB related discussion goes in General Discussion!
Anti-Spam Guide
Post Reply
urbanistic
Registered User
Posts: 9
Joined: Wed Apr 25, 2007 6:02 pm

Tracking Users, Finding Malicious Users, Security on phpBB

Post by urbanistic » Wed May 02, 2007 6:28 pm

I am an admin of a community site with private forums, and someone keeps leaking information from inside our forum. What I need to obtian is ways to check records in mySQL or in the phpBB php records... and I dont know where to start.

Main objective...

Monitoring access to particular forums via IP and user name.
Monitoring commands such as email or print.
Verifying IP access tied to accounts.

Hopeful outcome...

Flush the person who may be using a stolen account and password.
Eliminate violations of privacy by eliminating access by malicious member.

Could anyone point me in the right direction here?

ToonArmy
Former Team Member
Posts: 4608
Joined: Sat Mar 06, 2004 5:29 pm
Location: Worcestershire, UK
Name: Chris Smith
Contact:

Re: Tracking Users, Finding Malicious Users, Security on phpBB

Post by ToonArmy » Wed May 02, 2007 6:59 pm

No support for live forums, and phpBB doesn't really track users to the detail you will require. You could try using the HTTP server log but thats not going to be too helpful either.
Chris SmithBlogGitHub
Image
In a foreign field he lay. Lonely soldier unknown grave. On his dying words he prays. Tell the world of Paschendale.

urbanistic
Registered User
Posts: 9
Joined: Wed Apr 25, 2007 6:02 pm

Re: Tracking Users, Finding Malicious Users, Security on phpBB

Post by urbanistic » Wed May 02, 2007 8:38 pm

Thanks for your reply!

I notice that on each thread I am able to view the IP address in the topic details. I am also able to see which IP address they registered from in the user details under admin rights.

I think this may be a good start. Maybe I should be looking at how phpBB queries that information?

b9tumor
Registered User
Posts: 1
Joined: Mon May 07, 2007 9:55 pm

Re: Tracking Users, Finding Malicious Users, Security on phpBB

Post by b9tumor » Mon May 07, 2007 9:59 pm

Yea I would start there. Also you might want to tighten down your backend database and make sure your permissions settings are not compromised.

thepetulantpooner
Registered User
Posts: 1
Joined: Mon May 07, 2007 10:12 pm

Re: Tracking Users, Finding Malicious Users, Security on phpBB

Post by thepetulantpooner » Mon May 07, 2007 10:14 pm

Gee, maybe your first line of defense should be to avoid pissing people off.

urbanistic
Registered User
Posts: 9
Joined: Wed Apr 25, 2007 6:02 pm

Re: Tracking Users, Finding Malicious Users, Security on phpBB

Post by urbanistic » Mon May 07, 2007 10:15 pm

Good idea! Yes, the database itself is 100% secure, there is no way to penetrate that. Ive been given advanced IP mods for the phpbb that allows me to view any IP activity anywhere on the site. It took me a long time editing phps and templates, and reviewing SQL documentation, but it is complete and working successfully. That particular mod will be submitted for review to the phpBB team once the rc1 comes out.

After contacting my ISP and server management people, they gave me a wealth of knowledge as far as tracking users that access the site. I highly recommend that you contact your isp and hosting provider and inquire, they have a bunch of slick tricks up their sleeve... much more advanced than I ever gave them credit, and I am in the network security field.

As for permissions, would you like to clarify about possible permissions compromise?

User avatar
david63
Registered User
Posts: 16318
Joined: Thu Dec 19, 2002 8:08 am
Location: Lancashire, UK
Name: David Wood
Contact:

Re: Tracking Users, Finding Malicious Users, Security on phpBB

Post by david63 » Mon May 07, 2007 10:19 pm

Are you using phpbb2 or phpbb3?

The reason I ask is that you state
urbanistic wrote: Ive been given advanced IP mods for the phpbb
but there are no mods for phpbb3!
David
Remember: You only know what you know and - you don't know what you don't know!
My CDB Contributions | How to install an extension
I will not be accepting translations for any of my extensions in Github - please post any translations in the appropriate topic.
No support requests via PM or email as they will be ignored

urbanistic
Registered User
Posts: 9
Joined: Wed Apr 25, 2007 6:02 pm

Re: Tracking Users, Finding Malicious Users, Security on phpBB

Post by urbanistic » Mon May 07, 2007 10:46 pm

True... I used phpbb3 on this last endeavor, and noticed a few things changed, which is why I posted about it. The phpBB2 had plenty of IP mods... one in particular called the Advanced IP Tools Pack, which I modified a bit to suit my needs on phpbb2. phpBB3 isn't even out yet, nor are there mods or support for mods.

User avatar
Highway of Life
Former Team Member
Posts: 6048
Joined: Wed Feb 02, 2005 5:41 pm
Location: Spokane, WA
Name: David Lewis
Contact:

Re: Tracking Users, Finding Malicious Users, Security on phpBB

Post by Highway of Life » Mon May 07, 2007 10:57 pm

You could use the "Force account reactivation" of suspected members stolen accounts... that might help.
I would also set the online time to something closer to 2 or 4 hours so you can see when someone is online and click the whoisonline link to find out where they are and see their IP address.

Hopefully that helps.
The phpBB Weekly Podcast - Discussing the developments of phpBB4 and beyond.

New to phpBB3? Want to learn about programing?
Visit phpBB Academy at StarTrekGuide to learn how.

PTS
Registered User
Posts: 11
Joined: Thu Aug 30, 2007 5:36 pm

Re: Tracking Users, Finding Malicious Users, Security on phpBB

Post by PTS » Thu Sep 13, 2007 9:38 pm

urbanistic wrote:Thanks for your reply!

I notice that on each thread I am able to view the IP address in the topic details. I am also able to see which IP address they registered from in the user details under admin rights.

I think this may be a good start. Maybe I should be looking at how phpBB queries that information?
Hi, I do not see the IP address of the user in the user details in admin panel. How or where do I enable/see this? I have phpBB3 RC5

Post Reply

Return to “phpBB Discussion”