Shendemiar
Morkin Admin
Mmmm, free goo!
Posts: 6,751
|
Post by Shendemiar on Dec 4, 2007 16:54:36 GMT
Well i guess i could set up a new forum to corleth.com... to enviroment im god in...
|
|
SkulkrinBait
Morkin Admin
Haxx0rs == Suxx0rs! v4
Posts: 6,680
|
Post by SkulkrinBait on Dec 4, 2007 16:58:59 GMT
If you do make sure there is very good security in place, is it worth installing a SMF or PHPBB etc?
|
|
Arminius
Morkin Admin
Ich bin Bl?cher
Posts: 4,148
|
Post by Arminius on Dec 4, 2007 17:07:24 GMT
really unless there are items in here that look suspect to their OWNERS.. some of this information is lending more towards a leak rather than a hack. There were no noticable TOR ip's amongst morkin'ers But don't forget that this is the DB, not the forum; I assume they haven't had access to the DB then.
|
|
Aesir
Luxor Member
The Wolf
Posts: 200
|
Post by Aesir on Dec 4, 2007 17:10:54 GMT
ah thats true.
|
|
Natmus
Morkin Admin
Fight the power!
Posts: 4,518
|
Post by Natmus on Dec 4, 2007 19:10:44 GMT
Well, we have an exact time for the hack now, in the "buffalomulti.jpg" pic: Nov 24th, 2:03 pm. Assuming it's still Bait's account (and I do), maybe the friendly people at proboards can supply the IPs for that time
|
|
SkulkrinBait
Morkin Admin
Haxx0rs == Suxx0rs! v4
Posts: 6,680
|
Post by SkulkrinBait on Dec 4, 2007 20:28:56 GMT
I changed my password as soon as I knew it was my account, I assume they can't keep the session open as you can with IK? I've been logging off here everytime I login.
|
|
SkulkrinBait
Morkin Admin
Haxx0rs == Suxx0rs! v4
Posts: 6,680
|
Post by SkulkrinBait on Dec 4, 2007 20:39:42 GMT
User Last Activity 82.69.108.27 Today at 8:32pm 213.139.161.102 Today at 8:29pm 66.254.250.149 Today at 8:26pm 82.95.252.221 Today at 8:24pm
We just had the above 4 "guests" - what do the IPs say oh mystics?
;D
|
|
Arminius
Morkin Admin
Ich bin Bl?cher
Posts: 4,148
|
Post by Arminius on Dec 4, 2007 20:49:25 GMT
User Last Activity 82.69.108.27 Today at 8:32pm 213.139.161.102 Today at 8:29pm 66.254.250.149 Today at 8:26pm 82.95.252.221 Today at 8:24pm We just had the above 4 "guests" - what do the IPs say oh mystics? ;D IP Information for 82.69.108.27 Hey, that's me! Probably prior to logging in... IP Information for 213.139.161.102 IP Location: Finland Finland Oulu Oulu Telephone Company IP Information for 66.254.250.149 IP Location: United States United States Notre Dame University Of Notre Dame IP Information for 82.95.252.221 IP Location: Netherlands Netherlands Lelystad Xs4all Internet Bv
|
|
|
Post by ashimar on Dec 5, 2007 0:43:45 GMT
This cannot be mine. I use tiscali.nl when I'm in Holland and the 212.xxxxxxx is probably the one I have when in Luxembourg.
About all those "Too many connections open" messages, it's getting quite bad now, I would say that we are under constant ping attck or soething OR someone has a session open and is doing constant refreshes or something to keep it active. Does that sound remotely credulous ?
|
|
Sol
Luxor Member
I pledge alligeance to the corn-growers.
Posts: 1,610
|
Post by Sol on Dec 5, 2007 0:49:35 GMT
Why cant we just go to a new forum now?
|
|
Aesir
Luxor Member
The Wolf
Posts: 200
|
Post by Aesir on Dec 5, 2007 0:50:05 GMT
6:51CST
4 Staff Members, 4 Members, 0 Guests. Most users online was 22, Nov 1, 2007, 5:25pm Aesir, RapSO, Sol, genadmission, McGoogus, Warliter, Ashimar, Shendemiar
major "too many connections" errors.
i think we need to silently move these boards elsewhere.
|
|
Clausewitz
Luxor Member
Veni. Vidi. Vici. Mori.
Posts: 1,437
|
Post by Clausewitz on Dec 5, 2007 1:01:50 GMT
About all those "Too many connections open" messages, it's getting quite bad now, I would say that we are under constant ping attck or soething OR someone has a session open and is doing constant refreshes or something to keep it active. Does that sound remotely credulous ? You will note that in my remarks about DIGG vulnerabilities, I cited a DoS attack on woofcats.com would castrate their warfighting coordination. Incidentally, scoots of DIGG caught wind that Pantheon might be trying such a tactic, and sent a scathing IGM to Dasneal, warning him that such a tactic is "criminal" and would be prosecuted to the fullest extent of the law. Irony makes me horny
|
|
Clausewitz
Luxor Member
Veni. Vidi. Vici. Mori.
Posts: 1,437
|
Post by Clausewitz on Dec 5, 2007 1:06:50 GMT
David, do you recognize this IP? 81.157.39.143 10:02 Sat 24.Nov 8 skulkrinbait
It was used about 2 hours prior to Mads identified time of one of the breeches...
|
|
SkulkrinBait
Morkin Admin
Haxx0rs == Suxx0rs! v4
Posts: 6,680
|
Post by SkulkrinBait on Dec 5, 2007 7:27:36 GMT
Yes, that probably is me, it's BTCentralPlus, my ISP is BT.
|
|
|
Post by WhiteHat on Dec 8, 2007 22:48:14 GMT
There has been a major security breach. Guests can now view private sections of the forum. Morkin, this is for your own good, lock this access now. Leave the forums, they are compromised.
|
|