Tweet
Oh, no, Brian... I didn't think you were objecting to me particularly, or even doing anything but offering another point of view...
That's fine.
But you ought to know by now that I never pass up an opportunity to tell you lot
what your Mod thinks about issues facing the forums.
<hr>
Andrew-- sorry to have alarmed you. It's one of my charming quirks
to make sweeping generalizations like "Blasted Minis" while at the same time meaning only a few. The few "minis" of the type that get on my nerves are in fact easy to identify-- and would get on your nerves too, I bet. You know the kind-- don't listen, don't take instruction, a lot of loud bluster-- basically bulls in a china shop.
Not only are you personally not like that, but you all should know, if you don't, that I would <u>never, ever, ever</u> "talk about you" behind your back. If I had a problem with you in my capacity as a Moderator, if somehow you didn't already know it in the thread we were in, I would email you. These forums were not built on, and would not survive with, the kind of sneaky, backstabbing behaviour you see on <shudder> Usenet...
<hr>
<font size=6><center>Thanks, Pauly!!!
</center></font><hr>
And since the thread is down (as is MHW), here's the summary of what happened.
Some joker posted a new thread (called "hacked") in MHW Sunday...as the admin. Ant was out (having fun in his regular life!) for the day, but Kruzin was there immediately, and Jorden and I (speaking of mods involved) showed up shortly after. So did a LOT of members.
This guy had broken into our UBB and given himself Admin privileges, in order-- he said-- to "help" us. He felt that this hard proof that our site was not secure would ensure that the hole in UBB was fixed.
We said, "You know, you could have flippin' emailed Ant and told him, you didn't have to hack our site, dammit!" He said he had emailed Ant but that Ant hadn't responded.
Meanwhilst, several members were backtracking him to find out who he was... he had made no attempt to hide his identity, nor had he damaged the site, because, in his words, he's a "decent guy", who "respects other people's property". People started posting his info: he's a 17 year old Dutch guy who had (at the time the info we found was posted) a small computer shop (later closed). A small argument began among the members as to whether he was a bad guy or not; apparently a few people felt that this was a good tactic to inspire Ant to take greater security measures. Most of us did not agree.
Then the hacker admitted that he had <u>downloaded all our passwords</u>!!!
This was a horse of a different color, obviously. Now the tone changed, as we (almost) all-- most of his "supporters" here fell away at this news-- tried to explain to him why what he had done was completely wrong. He did not get it. Somewhere in there was when I posted this thread in The 'Box, knowing that he probably was paying no attention to such a *cough*useless*cough* forum... and I posted nothing under my mod nick-- though he had my mod password, I hoped that he wasn't bothering to pull files on anyone who didn't "get in his face". So I figured that he didn't know who I was, since he had only found out about the forums the day before and had no experience with us. I've since heard that that dodge didn't work. Mostly I hoped that the longer we kept him online and talking, the more info we could get on him for any later prosecution-- and afaik, that <u>did</u> work.
The fight went on. Our new friend was shocked at the massive resistance he encountered (Long live the MURC!!! ), and his facade of "decency" began to crack. He <u>locked the thread</u> and demanded that we contact him by ICQ or email if we wanted to "debate 'ethical hacking'", as he called it.
Kruzinn reopened the thread, and we both blasted him for his actions, reminding him that these were our forums and we could discuss any damn thing we chose.
Sometime late in page 3 (the thread ultimately made it to 4 pages, some 116 posts), Ant came home, banned the guy and started cleaning up. Don't know when the threads were deleted, nor when MHW was taken down (Jord has since told me that MHW was locked at 15:29 GMT +1), nor who did so.
I do know that a number of people (so far I've heard of at least 5) who found attacks in their firewall logs from IP addresses near his. Apparently he called some unethical friends and attacked some of us. Poor dZeus, who had asked him to help with security on his own server (when we thought he was a "nice" guy) was taken completely out of play and had to go to a friend's house to use their PC.
So as Jord says, don't change your PW yet until we know that this ---blasted mini-- is locked out of our house and keep an eye on your firewall logs. Change other passwords, if they're the same as your MURC pw-- wouldn't want him reading your mail . Take whatever other security measures you see fit.
Oh and remember: if you find any such problems on the forum-- hackers, downtime, those damn slow ads-- we are each and all allowed and advised to <u>email GA</u> (our hosts) at admin@gagames.com. Naturally, you can also email Ant or the mods and we'll forward it as well.
<font size=5>If you posted on the forums (thereby logging your IP, which he had access to), and there was an attempted hack on your PC after the 20th (the date he said he emailed Ant), email Ant, any moderator, or GA with the IP you were hacked from!!!!</font>
It was a hell of a day, frankly. Blows that whole "Aureal/Real/Netscape is spying on you" thing right out of the water, huh?
-----------------------------
Holly
[This message has been edited by motub (edited 24 July 2000).]
That's fine.
But you ought to know by now that I never pass up an opportunity to tell you lot
what your Mod thinks about issues facing the forums.<hr>
Andrew-- sorry to have alarmed you. It's one of my charming quirks
to make sweeping generalizations like "Blasted Minis" while at the same time meaning only a few. The few "minis" of the type that get on my nerves are in fact easy to identify-- and would get on your nerves too, I bet. You know the kind-- don't listen, don't take instruction, a lot of loud bluster-- basically bulls in a china shop.Not only are you personally not like that, but you all should know, if you don't, that I would <u>never, ever, ever</u> "talk about you" behind your back. If I had a problem with you in my capacity as a Moderator, if somehow you didn't already know it in the thread we were in, I would email you. These forums were not built on, and would not survive with, the kind of sneaky, backstabbing behaviour you see on <shudder> Usenet...
<hr>
<font size=6><center>Thanks, Pauly!!!
</center></font><hr>And since the thread is down (as is MHW), here's the summary of what happened.
Some joker posted a new thread (called "hacked") in MHW Sunday...as the admin. Ant was out (having fun in his regular life!) for the day, but Kruzin was there immediately, and Jorden and I (speaking of mods involved) showed up shortly after. So did a LOT of members.
This guy had broken into our UBB and given himself Admin privileges, in order-- he said-- to "help" us. He felt that this hard proof that our site was not secure would ensure that the hole in UBB was fixed.
We said, "You know, you could have flippin' emailed Ant and told him, you didn't have to hack our site, dammit!" He said he had emailed Ant but that Ant hadn't responded.
Meanwhilst, several members were backtracking him to find out who he was... he had made no attempt to hide his identity, nor had he damaged the site, because, in his words, he's a "decent guy", who "respects other people's property". People started posting his info: he's a 17 year old Dutch guy who had (at the time the info we found was posted) a small computer shop (later closed). A small argument began among the members as to whether he was a bad guy or not; apparently a few people felt that this was a good tactic to inspire Ant to take greater security measures. Most of us did not agree.
Then the hacker admitted that he had <u>downloaded all our passwords</u>!!!
This was a horse of a different color, obviously. Now the tone changed, as we (almost) all-- most of his "supporters" here fell away at this news-- tried to explain to him why what he had done was completely wrong. He did not get it. Somewhere in there was when I posted this thread in The 'Box, knowing that he probably was paying no attention to such a *cough*useless*cough* forum... and I posted nothing under my mod nick-- though he had my mod password, I hoped that he wasn't bothering to pull files on anyone who didn't "get in his face". So I figured that he didn't know who I was, since he had only found out about the forums the day before and had no experience with us. I've since heard that that dodge didn't work. Mostly I hoped that the longer we kept him online and talking, the more info we could get on him for any later prosecution-- and afaik, that <u>did</u> work
.The fight went on. Our new friend was shocked at the massive resistance he encountered (
Long live the MURC!!! ), and his facade of "decency" began to crack. He <u>locked the thread</u> and demanded that we contact him by ICQ or email if we wanted to "debate 'ethical hacking'", as he called it.Kruzinn reopened the thread
, and we both blasted him for his actions, reminding him that these were our forums and we could discuss any damn thing we chose.Sometime late in page 3 (the thread ultimately made it to 4 pages, some 116 posts), Ant came home, banned the guy and started cleaning up. Don't know when the threads were deleted, nor when MHW was taken down (Jord has since told me that MHW was locked at 15:29 GMT +1), nor who did so.
I do know that a number of people (so far I've heard of at least 5) who found attacks in their firewall logs from IP addresses near his. Apparently he called some unethical friends and attacked some of us. Poor dZeus, who had asked him to help with security on his own server (when we thought he was a "nice" guy) was taken completely out of play and had to go to a friend's house to use their PC.
So as Jord says, don't change your PW yet until we know that this ---blasted mini
-- is locked out of our house and keep an eye on your firewall logs. Change other passwords, if they're the same as your MURC pw-- wouldn't want him reading your mail . Take whatever other security measures you see fit.Oh and remember: if you find any such problems on the forum-- hackers, downtime, those damn slow ads-- we are each and all allowed and advised to <u>email GA</u> (our hosts) at admin@gagames.com. Naturally, you can also email Ant or the mods and we'll forward it as well.
<font size=5>If you posted on the forums (thereby logging your IP, which he had access to), and there was an attempted hack on your PC after the 20th (the date he said he emailed Ant), email Ant, any moderator, or GA with the IP you were hacked from!!!!</font>
It was a hell of a day, frankly. Blows that whole "Aureal/Real/Netscape is spying on you" thing right out of the water, huh
?-----------------------------
Holly
[This message has been edited by motub (edited 24 July 2000).]
Comment