Sorry guys...

Status
Not open for further replies.
Actually they locked the keys in the car and just left it there w/ a note on it. Saying I've been in your car don't leave them in it anymore.

Interesting analogy.Ironically enough my car keys were locked inside last night.No note was left though.:D Dang remote locked the car on its own.It took me 2hrs to get in,as my wife has the only spare and was gone all day.:rolleyes:
 
You have your opinion, I have mine. when you're on no sleep like Scott and Don fixing the mess he created its difficult to agree with his "method" of informing the site. most hackers like to cause chaos. I see nothing good about that. Again, MY opinion if that's ok.....

Over the years I've had gray hats drop a text file and send email notification detailing their attack vector. Yeah they shouldn't have been snooping and pooping, but their activities weren't malicious so you log an incident and work to mitigate the vulnerability. However, in this case the perpetrator's actions were public and resulted in our service being unavailable for about six hours. Brutal corporal punishment---to include flogging, castration and chopping off hands---are high on my list of punishments for this yutz.
 
You actually hear about variations on this sort of thing. A "hacker" discovers an issue with an OS, application, website, etc and notifies the people in charge .... and nothing is done (Microsoft is notorious for this). The "hacker" still does nothing -- but could if they wanted to. They also keep the information private because not all of them are "good". Eventually, when they're ignored or a long period of time goes by with no fixes, they make it public. Guess what ? The issue gets fixed real quick then !
 
Over the years I've had gray hats drop a text file and send email notification detailing their attack vector. Yeah they shouldn't have been snooping and pooping, but their activities weren't malicious so you log an incident and work to mitigate the vulnerability. However, in this case the perpetrator's actions were public and resulted in our service being unavailable for about six hours. Brutal corporal punishment---to include flogging, castration and chopping off hands---are high on my list of punishments for this yutz.
May I add gouging eyes out?
 
Actually they locked the keys in the car and just left it there w/ a note on it. Saying I've been in your car don't leave them in it anymore.
Actually, before they locked the keys in the car with the note, they popped the hood and disconnected the battery and spark plug cap, leaving the car inoperable until the owner could get in and repair the damage. At least they didn't put sugar in the gas tank.
 
Not sure if this would be related or not but for the past couple of days I have been receiving some really intrusive ads when reading Satellite Guys. The ads would actually open up new browser windows as well as push themselves in hidden background windows. They took SEVERAL clicks to close out and would often propagate new ad windows if I clicked "OK" or closed out ( "X" ) the window. Manually closing out the ad window without using any of the window buttons usually closed them out. The ads used the same tactic that spammers use. I immediately scanned my PC for virus/trojan/malware and came up clean in AVG, Ad-Aware, Spybot, and Malwarebytes. Not having any problems with rogue ads tonight. There was lots of activity in Firebug as well but I didn't think about creating a log.
 
Which one? I have several passwords. You are probably just talking about the one for here though.
Having different passwords everywhere you go is the best, but IMO, pretty unrealistic. The issue can be if you use the same password at multiple sites, i.e. here, eBay, Amazon, etc and also use the same email address. If someone gains access to the user database, they could have and use that information. I presume that most sites encrypt this information though. Can it be unencrypted ? With the right tools, plenty of computers, and most of all, time, yes, it probably can. That's not what the bad guys are looking for though - they want quick and easy, most likely.
 
It seems to me this hacker waited for Scott to be away so he wouldn't be interfered with or caught by Scott. Definately a cowardly plan of attack. And I'll bet dollars to donuts the hacker is a registered user here. Yes sir, a real credit to the human race!
 
It seems to me this hacker waited for Scott to be away so he wouldn't be interfered with or caught by Scott. Definately a cowardly plan of attack. And I'll bet dollars to donuts the hacker is a registered user here. Yes sir, a real credit to the human race!

I agree, very unlikely that this was coincidental.
 
I'm positive that it came from trying to reopen the Satellite guys Pub page.
I am positive that it did not. :)

I talked to the person who closed us Wednesday and he told me everything he did and it matched the log files as well.

While its no fun coming back to your room on vacation to find the site down, part of me is happy because we are MUCH MUCH secure today. The person who took us down gave me a lot of advice and tips to secure things up even more. No matter what we will never be 100% secure. But we are a hell of a lot more secure then it was a few days ago.

No user passwords were accessed, but if it makes you feel better then by all means feel free to change your password. :)

I will work on getting the homepage back online today. Doing this from Sea is not the easiest thing. :D
 
i don't know when you're due back but take your time. important thing is the site is up and running.
 
I talked to the person who closed us Wednesday and he told me everything he did and it matched the log files as well.

The person who took us down gave me a lot of advice and tips to secure things up even more. No matter what we will never be 100% secure. But we are a hell of a lot more secure then it was a few days ago.
Ahhh, a "good" hacker, generally speaking... Sounds like the person is likely a VBulletin expert as well.
 
It seems to me this hacker waited for Scott to be away so he wouldn't be interfered with or caught by Scott. Definately a cowardly plan of attack. And I'll bet dollars to donuts the hacker is a registered user here. Yes sir, a real credit to the human race!
I suspect Scott could tell you that if this person wanted to, they could have done what they wanted to do whether he was around or not. And I doubt it's a user -- these people can have tools that scour the internet looking for exploitable systems. They also aren't going to dig into who's the owner or admin and then happen to catch his signature saying he'll be away. Besides the fact that with plenty of websites, the "owner" may know nothing about the actual software/hardware (I realize that's not the case here).
 
Ok folks, some of the things I turned off for security reasons have been re-enabled after I have had the chance to sit out here on my balcony here in the middle of the ocean and go through everything making sure things were secure with those modifications. This includes our SatelliteGuys Homepage, which I am happy to report is also back online. :)

I actually uninstalled the homepage portal software and reinstalled in and set everything up again there from scratch since we were having an issue with it before the attack anyways.

People can look at this attack against us in a number of ways, and none of their views on it are incorrect. I chose to take a positive look at it and considered it a lesson and because of that lesson we are a lot more secure then we have ever been before. :)

I have been told that a number of people have been having issues with our SatelliteGuys app on the iphone/ipad platform. I have not been able to test of check on this issue as I can not update my apps on the cruise ship. Every time I try it just times out. This issue is due to the release of a new version of the SatelliteGuys app and nothing at all to do with this attack. If you are having any issues with the new app PLEASE go to http://www.forumrunner.net and report the issue there in their support forum! When reporting issues with the app PLEASE mention that you are using the custom SatelliteGuys app and not their generic ForumRunner app. Again this issue is due to the new app update they released not anything to do with what happened here on Wednesday night.

Thanks again for everyone's support and understanding!
 
Status
Not open for further replies.

Forums very slow

OTA Forum

Users Who Are Viewing This Thread (Total: 0, Members: 0, Guests: 0)

Who Read This Thread (Total Members: 1)