URL: http://www.softwarespecialties.com/cgi-bin/rpgforum/dcboard.cgi
Forum: DCForumID2
Thread Number: 214
[ Go back to previous page ]

Original Message
"Secuity breach"

Posted by Llevram on May-17-01 at 08:12 PM
Yesterday (5-17-01) a hacker broke into the forum. There appeared to be no damage as they were caught right away (within a few minutes). It was kind of obvious, since the genius used a login name of EvilHacker (duh!). They used a security loophole (which has been fixed) and made themselves an administrator. No files appeared to have been tampered with or deleted.

I reviewed my web site access logs and it appears the only thing they did was register (probably planned on coming back later, if they thought it was safe).

Please direct any conerns you may have to me.

Tools for your Wizardry(r) toolkit


Table of contents

Messages in this discussion
"RE: Secuity breach"
Posted by Jay on May-18-01 at 07:00 AM
Why would someone hack into a message board? That seems pretty dumb. Why not something really challenging like FBI, CIA, Microsoft (Ha Ha)? What would one do with admin privileges on a message board anyway? Maybe they could change the content of some of the messages. (Oh no!)

Rick I hope you can catch the guy.

Jay


"I've got their IP address"
Posted by Llevram on May-18-01 at 07:36 AM
But, ya, I had the same thought - why? Apparently just to see if they could. About the only thing the admin can do is make mischief (go in and change everyone's passwords, delete message and whole forums, send out the subscriptions early, ...).

The only thing I was (kind of) concerned over, was that the admin can see anyone's email. But short of going to the user admin screens, listing all users, then making screen prints of each page, that doesn't seem a feasible way to harvest email addresses. Besides, based on the access logs, I don't think they tried that.

Tools for your Wizardry(r) toolkit


"It's not STC at all, is it?"
Posted by Jimbo on May-19-01 at 02:03 AM
Attempting to locate and destory any negative comment about Wiz8?

"As if Microsoft is a challenge?"
Posted by Joebob on May-19-01 at 05:32 AM
The FBI and CIA a little harder of course if your good enough and you get caught you might just get a full time job working for them
JB

"RE: As if Microsoft is a challenge?"
Posted by Asrial on May-19-01 at 11:18 PM
..if your good enough and you get caught..

~~~~~

If you were good in the first place, you wouldn't get caught ;)


"RE: As if Microsoft is a challenge?"
Posted by Joebob on May-20-01 at 05:15 AM
..if your good enough and you get caught..

Remember grasshopper no matter how good you are there is always someone better.

What i was refering to was there have been people who were very good who got caught after many hacks who were offered jobs with the government or the private sector. I buddy of mine got a job with the government after hacking some of their more secure mainframes.

JB


"Usually that job ..."
Posted by Llevram on May-20-01 at 06:04 AM
... involves wearing a striped suit (or sometimes orange) and breaking rocks.

Tools for your Wizardry(r) toolkit


"RE: Usually that job ..."
Posted by Joebob on May-25-01 at 05:07 PM

JB