The best way to punish hackers?

Alphawolf · 2004-03-10, 11:44 PM

Was hacked today. It was a good lesson.

In a way it was an ideal time to get hacked. Someone must have been running a sniffer on my forum and got my Admin account.

They stripped polls, and generally acted like a gremlin.

Deleted all but 1 photo gallery before I noticed this and changed the password.

Long story short- no serious damage was done.

I learned: never login with cookies.
change passwords often
Check who is in my admin group

The password is not a 'guessable' password, so it was some sort of 'sniffer'.

There is a system in place now that uses IP verification [no- not this one

] + proper password (not likely to get now) in order to login.

If they do not have the proper IP and/or password they will be redirected to wherever I chose after their IP is logged and e-mailed to me.

I would love to find the most fucked up broswer pop-up, circle jerk domain possible to send these SOB's to.

Or- perhaps create a page that delivers a payload of worms, viruses, scumware, you name it.

What is the worst (best) I can send them? Any fun ideas?

babymaker · 2004-03-11, 01:54 AM

the russians will take care of that for you

they will hijack their browser etc and totally fuck up their system not to mention geting re-directed 100 times! trust me a month or so ago i was re-learning the surfer side of porn for ideas and to see what seemed to work and attract my eye well i got caught in a russian cp trap unvoluntarily and i ended up with 38 viruses a hijacked browser twice the first was a scare tactic to buy some damn eliminaton software, once i got rid of that i got stuck with a BS search engine for a month. if i knew the url i would give it to you lol that would fix them |rasta| it also scared me from ever surfing porn again to damn dangerous.

spazlabz · 2004-03-11, 06:10 AM

the 'hacker' that did this to you was certainly not a very talented one. Just some kid with a mod brute forcer is my guess. If a real hacker wanted to mess with you or your site the protections you put in place really wouldn't do any good, they'd just slide in an open port on the server and crash your shit from there.
As for what you can do 'to' them there really isn't much. They have to know a little something to have accomplished what they did, so they are probably wise enough to not fall into any traps you may lay.
I know a couple of hackers and they say they like to practice on porn sites because they figure we can't follow them and we won't report it. The industry is 'low hanging fruit' to these people.

spaz

Alphawolf · 2004-03-11, 09:22 AM

Yeah- for now I just redirect to some cybercrime site. |raygun|

stev0 · 2004-03-15, 12:51 PM

Quote:

Originally posted by babymaker
i got caught in a russian cp trap unvoluntarily and i ended up with 38 viruses a hijacked browser twice the first was a scare tactic to buy some damn eliminaton software

I hate those never ending popup hells... I ran into one a while back and ended up having to reboot windows just to escape. I couldn't hit Alt-F4 fast enough...

Entreri · 2004-03-15, 09:07 PM

Quote:

Originally posted by Alphawolf
Was hacked today. It was a good lesson.

In a way it was an ideal time to get hacked. Someone must have been running a sniffer on my forum and got my Admin account.

They stripped polls, and generally acted like a gremlin.

Deleted all but 1 photo gallery before I noticed this and changed the password.

The password is not a 'guessable' password, so it was some sort of 'sniffer'.

Unlike spazlabs, I wouldn't jump to the brute force conclusion. You possibly have an open window somewhere that let the intruder in. I mean, many of the scripts used by adult webmasters that I've seen around aren't hardened security-wise. How many adult (pay and content) sites have blatant vulnerabilities just by looking at the home page? Many.

I wouldn't redirect to a harmful site. At best, I'd logged the attempt and show the attacker that it has been logged. Or I'd send the attacker to a banner page or pop-up hell (for your benefit). Scare him if you want but _don't_ try to seek revenge.

There are two risks if you follow this dark path :

1. You might unwittingly give added incentive to try to mess you up.

2. You might punish an overly curious but innocent user.

My word of advice : Be cool and remain professional, but harden your site.

Entreri.

p.s. I've worked as software quality assurance for awhile (2-3 years) and specialized in web application testing, including penetration testing...

venturi · 2004-03-16, 03:07 AM

"Vengence is mine, sayeth the lord" - as Entreri said, I wouldn't "go after them" unless you've got your shit wired tighter than a frog's ass in winter.

All you have to do is look at what "Deepsi" did to GFY and a couple other cocky WM sites on the planet. The best word of advice in these matters is "never take a knife to a gun fight".

|goodnight

urb · 2004-03-16, 04:28 AM

Alphawolf,

Can I ask what kind of forum script and version you are using?

Alphawolf · 2004-03-16, 05:06 PM

Thanks for the replies. I just decided to redirect to a generic website right now. I also believe whoever wanted to hack me has left me alone.

urb: I'm using http://www.aspplayground.net/ and the developer is *very* security conscious. Nobody has ever reported a break in to him until myself.

So, now I NEVER save my login with a cookie, I change my passwords every couple days, and always check to make sure there are no accounts in Admin/Moderator that shouldn't be there.

Really, the only way to be more secure is to run it all on HTTPS but that would slow things down a good bit.

2004-03-10, 11:44 PM	#1
Alphawolf Don't come to Florida for vacation. We're closed. Join Date: Nov 2003 Location: Orlando, Florida Posts: 1,874	The best way to punish hackers? Was hacked today. It was a good lesson. In a way it was an ideal time to get hacked. Someone must have been running a sniffer on my forum and got my Admin account. They stripped polls, and generally acted like a gremlin. Deleted all but 1 photo gallery before I noticed this and changed the password. Long story short- no serious damage was done. I learned: never login with cookies. change passwords often Check who is in my admin group The password is not a 'guessable' password, so it was some sort of 'sniffer'. There is a system in place now that uses IP verification [no- not this one ] + proper password (not likely to get now) in order to login. If they do not have the proper IP and/or password they will be redirected to wherever I chose after their IP is logged and e-mailed to me. I would love to find the most fucked up broswer pop-up, circle jerk domain possible to send these SOB's to. Or- perhaps create a page that delivers a payload of worms, viruses, scumware, you name it. What is the worst (best) I can send them? Any fun ideas? __________________ Regards, AW Weekly Pay. Sites That Convert. Start Pimpin' Today!

2004-03-11, 01:54 AM	#2
babymaker Someone Turn Off The Damn Heat! Join Date: Aug 2003 Location: The Sewer....err.philly i mean Posts: 1,366	the russians will take care of that for you they will hijack their browser etc and totally fuck up their system not to mention geting re-directed 100 times! trust me a month or so ago i was re-learning the surfer side of porn for ideas and to see what seemed to work and attract my eye well i got caught in a russian cp trap unvoluntarily and i ended up with 38 viruses a hijacked browser twice the first was a scare tactic to buy some damn eliminaton software, once i got rid of that i got stuck with a BS search engine for a month. if i knew the url i would give it to you lol that would fix them \|rasta\| it also scared me from ever surfing porn again to damn dangerous. __________________ *Get ElevatedX W/Hosting 99MO!*

2004-03-11, 06:10 AM	#3
spazlabz You can now put whatever you want in this space :) Join Date: Apr 2003 Location: Bluegrass State Posts: 963	the 'hacker' that did this to you was certainly not a very talented one. Just some kid with a mod brute forcer is my guess. If a real hacker wanted to mess with you or your site the protections you put in place really wouldn't do any good, they'd just slide in an open port on the server and crash your shit from there. As for what you can do 'to' them there really isn't much. They have to know a little something to have accomplished what they did, so they are probably wise enough to not fall into any traps you may lay. I know a couple of hackers and they say they like to practice on porn sites because they figure we can't follow them and we won't report it. The industry is 'low hanging fruit' to these people. spaz __________________

2004-03-11, 09:22 AM	#4
Alphawolf Don't come to Florida for vacation. We're closed. Join Date: Nov 2003 Location: Orlando, Florida Posts: 1,874	Yeah- for now I just redirect to some cybercrime site. \|raygun\| __________________ Regards, AW Weekly Pay. Sites That Convert. Start Pimpin' Today!

2004-03-16, 03:07 AM	#7
venturi No offence Apu, but when they were handing out religions you must have been out taking a whizz Join Date: Apr 2003 Location: An Oasis atop a High Desert Mesa Posts: 282	"Vengence is mine, sayeth the lord" - as Entreri said, I wouldn't "go after them" unless you've got your shit wired tighter than a frog's ass in winter. All you have to do is look at what "Deepsi" did to GFY and a couple other cocky WM sites on the planet. The best word of advice in these matters is "never take a knife to a gun fight". \|goodnight __________________ Please Re-Read The Rules For Sig Files

2004-03-16, 04:28 AM	#8
urb All the way from Room 101 Join Date: Aug 2003 Posts: 3,557	Alphawolf, Can I ask what kind of forum script and version you are using? __________________

2004-03-16, 05:06 PM	#9
Alphawolf Don't come to Florida for vacation. We're closed. Join Date: Nov 2003 Location: Orlando, Florida Posts: 1,874	Thanks for the replies. I just decided to redirect to a generic website right now. I also believe whoever wanted to hack me has left me alone. urb: I'm using http://www.aspplayground.net/ and the developer is very security conscious. Nobody has ever reported a break in to him until myself. So, now I NEVER save my login with a cookie, I change my passwords every couple days, and always check to make sure there are no accounts in Admin/Moderator that shouldn't be there. Really, the only way to be more secure is to run it all on HTTPS but that would slow things down a good bit. __________________ Regards, AW Weekly Pay. Sites That Convert. Start Pimpin' Today!