How vulnerable is it unpatched?

New Member Joined: Oct 11, 2006 Posts: 12

I just installed Raven nuke 7.6 2 weeks ago, so I'm new to all this stuff. How vulnerable is 7.6 unpatched, but Sentinel installed? Is it possible to install Sentinel on a unpatched 7.6?

Reason: I have this module called 'NukeMatch' I REALLY want it to work, but for some reason it doesnt want to work on patched version of any version. I asked for help, but havent got my answer in whats wrong with it.

What can they do if they hack a site? I'm a noob so please give examples. When someone hacks a website can they take all the emails and passwords from useres that registered on my site?

Involved Joined: Dec 27, 2005 Posts: 296

RavenNuke is PhpNuke 7.6 with all of chatserv's patches applied to it and with Sentinel already installed. It really is the most secure nuke package out there, but still not a 100% guarantee that you won't get hacked, more like a 99.999% guarantee you won't Very Happy

If a module isn't working with this patched version, it is probably old and not formated to work with 7.6, or there are some serious security problems with it (which is almost synonymous with some older versions, and newer versions of Nuke) You can run some older modules with RN 7.6, but you may be exposing yourself to some security risks by doing so.

If a hacker gains access to your site, they take over your god admin account and basically have all the control that you do in your God admin account, so they can change your site (usually just deface it with some bad words), delete things, do whatever. They have complete access to everything in your database, so yes they can take your users e-mail addresses and maybe the passwords. Its not pretty.

But, its still ultimatly your choice to run whatever version you'd like and with whatever module add-on you'd like, and if you do decide to run an unpathced version of 7.6, make sure you make daily backups! That way, if you do get hacked, you can just dump the most recent backup of your databse and set things back to semi-normal.

registered · Posted: Fri Oct 20, 2006 6:34 am

lies, going with an unpatched version of nuke is like having unprotected sex! Hope that makes it clear. Laughing

Seriously, everything srhh has said, you need to consider. The key first question is, will what you have run on 7.6 unpatched? Have you already verified this. If the answer is "no", then the coding job to upgrade it is the most extensive of the options. If the answer is "yes", then it may just be a few things which needs to be tweaked to get it to run under RavenNuke76.

Now, though, just bear in mind that PHP-Nuke, regardless of its "flavor", is only as secure as its weakest link, so YOU are ultimately responsible to ensure that anything you add to it, itsn't going to open you up to hackers.

Theme Guru Joined: Nov 01, 2003 Posts: 1006

What they have said is very true. You can have a very secure nuke setup and then add something like Vwar and get hacked.

montego my friend, when are you going to add TegoNuke(tm) ShortLinks to your signiture??? Wink