Page Index Toggle Pages: [1] 2 
Topic Tools
Hot Topic (More than 10 Replies) YaBBForum.com Vulnerability Audit (Read 1,486 times)
JonB
YaBB Administrator
YaBB Next Team
Operations Team
Beta Testers
Support Team
*****
Offline



Posts: 4,038
Location: Land of the Blazing Sun!

YaBB 2.6.1
YaBBForum.com Vulnerability Audit
Mar 4th, 2014 at 3:13am
Post Tools
I am actually a tiny bit surprised. I use this service on many hosted accounts, and few get Zero Medium vulnerabilities. BUT I am pleased!   Cool

We will be adding added a 'safe-site' Badge soon to our pages. As we add 'new parts', they will be added to the audit.

Smiley

Edited:
Its a good service and I recommend it. http://www.beyondsecurity.com/
And why do I suddenly feel like Bill M.?  Wink




« Last Edit: Mar 4th, 2014 at 4:02am by JonB »  

how_we_did.jpg (Attachment deleted)

I find your lack of faith disturbing.
Back to top
IP Logged
 
JonB
YaBB Administrator
YaBB Next Team
Operations Team
Beta Testers
Support Team
*****
Offline



Posts: 4,038
Location: Land of the Blazing Sun!

YaBB 2.6.1
Re: YaBBForum.com Vulnerability Audit
Reply #1 - Mar 4th, 2014 at 6:38pm
Post Tools
Now on YaBB pages near you ---  Smiley
  

safe_too.jpg (Attachment deleted)

I find your lack of faith disturbing.
Back to top
IP Logged
 
WestwegoMan
Junior Member
Beta Testers
**
Offline



Posts: 81
Location: Westwego, Louisiana

YaBB 2.5.2
Re: YaBBForum.com Vulnerability Audit
Reply #2 - Mar 5th, 2014 at 8:40pm
Post Tools
tried to use and it doesn't seem to want to go past confirmation. I click it and it says it is validating but then gives me the confirm button without any errors.

JonB, Did you have any problems when you started?
  
Back to top
IP Logged
 
JonB
YaBB Administrator
YaBB Next Team
Operations Team
Beta Testers
Support Team
*****
Offline



Posts: 4,038
Location: Land of the Blazing Sun!

YaBB 2.6.1
Re: YaBBForum.com Vulnerability Audit
Reply #3 - Mar 5th, 2014 at 9:46pm
Post Tools
WestwegoMan wrote on Mar 5th, 2014 at 8:40pm:
tried to use and it doesn't seem to want to go past confirmation. I click it and it says it is validating but then gives me the confirm button without any errors.

JonB, Did you have any problems when you started?



I'm a bit confused?

Is what you are asking me - did I have problems with WSSI?

No, not particularity as I recall.  I have had my account for some time now, so its hard to say.

Did you create an account with them for your site?  OR are you using their one-time scan?  The options now are way more advanced than when I started.

Undecided

  

I find your lack of faith disturbing.
Back to top
IP Logged
 
WestwegoMan
Junior Member
Beta Testers
**
Offline



Posts: 81
Location: Westwego, Louisiana

YaBB 2.5.2
Re: YaBBForum.com Vulnerability Audit
Reply #4 - Mar 6th, 2014 at 1:42am
Post Tools
I was trying to use the one at beyondsecurity.com. I tried to register and it brought me to the page to enter the website info. When I did that, it doesn't seem to want to go past confirmation. It doesn't throw an error either so I was wondering. Undecided

  
Back to top
IP Logged
 
JonB
YaBB Administrator
YaBB Next Team
Operations Team
Beta Testers
Support Team
*****
Offline



Posts: 4,038
Location: Land of the Blazing Sun!

YaBB 2.6.1
Re: YaBBForum.com Vulnerability Audit
Reply #5 - Mar 6th, 2014 at 5:40am
Post Tools
Did you add the site ownership validation code to your page?

Wink

  

I find your lack of faith disturbing.
Back to top
IP Logged
 
WestwegoMan
Junior Member
Beta Testers
**
Offline



Posts: 81
Location: Westwego, Louisiana

YaBB 2.5.2
Re: YaBBForum.com Vulnerability Audit
Reply #6 - Mar 6th, 2014 at 1:46pm
Post Tools
Sure did. I have since removed it after trying for almost 2 days. Sad

Oh well, Ill try again in a few days. Maybe they were experiencing problems.
  
Back to top
IP Logged
 
JonB
YaBB Administrator
YaBB Next Team
Operations Team
Beta Testers
Support Team
*****
Offline



Posts: 4,038
Location: Land of the Blazing Sun!

YaBB 2.6.1
Re: YaBBForum.com Vulnerability Audit
Reply #7 - Mar 6th, 2014 at 1:54pm
Post Tools
They put you on a 'scan scheduler', usually about a day or two before you get scanned. The code has to be there when the bot shows up.  Then you get a scan report via e-mail (a link actaully)

Good Luck
Smiley
  

I find your lack of faith disturbing.
Back to top
IP Logged
 
Bill Myers
God Member
Beta Testers
*****
Offline



Posts: 1,737
Location: Los Angeles

YaBB 2.4
Re: YaBBForum.com Vulnerability Audit
Reply #8 - Mar 6th, 2014 at 2:56pm
Post Tools
JonB wrote on Mar 4th, 2014 at 3:13am:
Edited:
Its a good service and I recommend it. http://www.beyondsecurity.com/
And why do I suddenly feel like Bill M.?  Wink
Because recommending a good service is a good thing. Smiley

Of course you have to pay for it if you use the service the way it's supposed to be used, but at least it's opt-in, which is the kind of YaBB-authorized spam that can be tolerated.

Edited:
This is a good and valid point:

JonB wrote on Mar 6th, 2014 at 3:19pm:
Recommendations are not spam, btw.  Its a product we are receiving benefits from -- and -- I am the host of this system (just like the old XiMinc & UK2 hosting tags)
« Last Edit: Mar 6th, 2014 at 4:24pm by Bill Myers »  

Morning, noon, or night, have a great one!

Note: This forum doesn't allow for us to freely edit our posts or topics to make corrections as needed, so please remember to look for subsequent posts if you see any mistakes or outdated information. Sorry for the inconvenience.
Back to top
IP Logged
 
JonB
YaBB Administrator
YaBB Next Team
Operations Team
Beta Testers
Support Team
*****
Offline



Posts: 4,038
Location: Land of the Blazing Sun!

YaBB 2.6.1
Re: YaBBForum.com Vulnerability Audit
Reply #9 - Mar 6th, 2014 at 3:19pm
Post Tools
Bill -

Can we sign you up for a sponsorship?

As for WSSI - I think the service can still be free. I will later verify this to make sure I am right. I was a very, very early adopter (before they had all the other stuff) and yabbforum.com is riding on my 'free' coattails.  Not everything is free, Bill; and not being free does not mean it does not have value.  I can tell you they have quick, courteous, personalized support.  I used it earlier this week to trigger an out-of-schedule scan. Reason: I had finished my server fixes and the old host (UK2) report showed some Medium vulnerabilities - I wanted to see if I needed any fixes.  We have been getting scans for free from them since I cleaned up the malware last year.  Smiley

Recommendations are not spam, btw.  Its a product we are receiving benefits from -- and -- I am the host of this system (just like the old XiMinc & UK2 hosting tags)

As always, thanks for your input. 

Cool
 

  

I find your lack of faith disturbing.
Back to top
IP Logged
 
WestwegoMan
Junior Member
Beta Testers
**
Offline



Posts: 81
Location: Westwego, Louisiana

YaBB 2.5.2
Re: YaBBForum.com Vulnerability Audit
Reply #10 - Mar 6th, 2014 at 3:30pm
Post Tools
JonB wrote on Mar 6th, 2014 at 1:54pm:
They put you on a 'scan scheduler', usually about a day or two before you get scanned. The code has to be there when the bot shows up.  Then you get a scan report via e-mail (a link actaully)

Good Luck
Smiley


Since it said 2 hours, maybe I jumped the gun. I have placed the seal back on the page. Now to wait and see. If I don't get anything in a few days, I'll try to contact them.

Thanks for the info. Smiley
  
Back to top
IP Logged
 
JonB
YaBB Administrator
YaBB Next Team
Operations Team
Beta Testers
Support Team
*****
Offline



Posts: 4,038
Location: Land of the Blazing Sun!

YaBB 2.6.1
Re: YaBBForum.com Vulnerability Audit
Reply #11 - Mar 6th, 2014 at 4:06pm
Post Tools
@ westwegoman -

Well, I think that 'sign-up' might be broken. For one thing the HTML they give you on that page references a .gif image that you seem to have to 'divine' into existence.

It also could not validate a site that I know is working with the correct gif in place.  Time for an e-mail to support.

Whatever the misbehaving of their free service sign-up may be, their tools is both useful and valuable.

Thanks
Cool

  

I find your lack of faith disturbing.
Back to top
IP Logged
 
WestwegoMan
Junior Member
Beta Testers
**
Offline



Posts: 81
Location: Westwego, Louisiana

YaBB 2.5.2
Re: YaBBForum.com Vulnerability Audit
Reply #12 - Mar 6th, 2014 at 4:11pm
Post Tools
Exactly. I have the gif in place. I did remove it and tried again, which gave me the message that it could not validate since the validation was not on my page.

I once again placed it back on the page and hit validate again and it just hung and didn't give a response, kind of like hitting a submit button, but nothing happened.
  
Back to top
IP Logged
 
JonB
YaBB Administrator
YaBB Next Team
Operations Team
Beta Testers
Support Team
*****
Offline



Posts: 4,038
Location: Land of the Blazing Sun!

YaBB 2.6.1
Re: YaBBForum.com Vulnerability Audit
Reply #13 - Mar 6th, 2014 at 4:28pm
Post Tools
I used the the 'confirm later' and and a non-auto-responder reply-able email from support in 4 minutes.

Quote:
Any questions? Reply to this email.

Sincerely,

Arnold Moss
Beyond Security
(800) 801-2821
Cupertino, CA


Now we will see what happens.


Roll Eyes

Edited:
I gave them a complete run-down on the problem
« Last Edit: Mar 6th, 2014 at 4:30pm by JonB »  

I find your lack of faith disturbing.
Back to top
IP Logged
 
Bill Myers
God Member
Beta Testers
*****
Offline



Posts: 1,737
Location: Los Angeles

YaBB 2.4
Re: YaBBForum.com Vulnerability Audit
Reply #14 - Mar 6th, 2014 at 4:45pm
Post Tools
JonB wrote on Mar 6th, 2014 at 3:19pm:
Recommendations are not spam, btw.  Its a product we are receiving benefits from -- and -- I am the host of this system (just like the old XiMinc & UK2 hosting tags)

I agree with you on that. Point well taken. Cool

As for sponsorships, however they're implemented, I don't have credibility on that account in terms of identifying what amounts to my company's own opt-in spam (or more accurately as JonB points out, recommendations are not spam). After all, what I continue to offer for free on numerous websites is supported by advertisements/recommendations.

Google, and its subsidiary YouTube are good examples of exceptionally successful opt-in spam (advertisements/recommendations) that offer terrific, and valuable services for free. Facebook does the same, although much more aggressively by interspersing ads within timelines.

  

Morning, noon, or night, have a great one!

Note: This forum doesn't allow for us to freely edit our posts or topics to make corrections as needed, so please remember to look for subsequent posts if you see any mistakes or outdated information. Sorry for the inconvenience.
Back to top
IP Logged
 
Page Index Toggle Pages: [1] 2 
Topic Tools
Bookmarks: del.icio.us Digg Facebook Google Google+ Linked in reddit StumbleUpon Twitter Yahoo