Page 2 of 2
Re: Texas Gun Talk Hacked
Posted: Fri Sep 13, 2013 5:00 pm
by T E X
I hope that it comes back soon. I've been a member over there and here for a while but not active. I was just trying to get more active on there and this happens...
Re: Texas Gun Talk Hacked
Posted: Fri Sep 13, 2013 8:04 pm
by RJGold
Re: Texas Gun Talk Hacked
Posted: Fri Sep 13, 2013 8:46 pm
by benenglishtx
The board was down for less than 2 hours. That's amazingly fast compared to the last couple of times this happened.
Re: Texas Gun Talk Hacked
Posted: Fri Sep 13, 2013 8:57 pm
by OldCannon
The Annoyed Man wrote:It is disgusting to me that these vandals act as if they are performing a public service. If they were truly white-hats, they would contact the site owner and say, "We have discovered the following vulnerabilities in your CMS. If you would like consultation, we are security experts, and we are available for a fee. Phone 800-555-1234."
I certainly agree with the principle here. However, have you ever contacted the admin? Let's just say there's a reputation of delayed responsiveness
Frankly, these kind of things (benign, but public, hacks) create an urgency of action, rather than something buried in the million admin emails from users complaining that another user insulted him and would the admin please ban that person immediately.
(Yeah, I've run major forum systems before. There's a reason I don't volunteer to do it again)
Re: Texas Gun Talk Hacked
Posted: Sat Sep 14, 2013 6:05 pm
by sunny beach
TheCytochromeC wrote:I think TGT just got hacked. Any one seen this before?
It has happened before. I don't go there any more so I don't know if now is like before.
Re: Texas Gun Talk Hacked
Posted: Mon Sep 16, 2013 11:30 am
by LAYGO
cb1000rider wrote:
If you have a server up, people are scanning looking for holes 24/7/365.. It's just the nature of our wild west internet.
This is true. I run a webserver at home for personal development & the logs show repeated attempts at various packages I might've installed & attempts at logging in via SSH as well. So far so good, but they get logged & autoblocked.
Re: Texas Gun Talk Hacked
Posted: Mon Sep 16, 2013 5:53 pm
by 92f-fan
attack attempts happen all day every day
the server and software needs to be setup and maintained to prevent them ...
here is log entry from earlier today an attempt on one of my servers a linux based webserver hosting forums
this is a malaysian IP address trying random usernames and passwords hoping to get lucky
in this case looking for email access ....
After a few bad attempts they are blocked for 5 min - slows them down pretty good - after a certain number of temp blocks they are perm blocked...
BUT often the people behind it are using dozens of compromised PCs to launch the attacks so blocking one IP only stops one attack vector
Time: Mon Sep 16 07:57:59 2013 -0500
IP: 120.139.151.121 (MY/Malaysia/Selangor/Petaling Jaya/-)
Failures: 10 (pop3d)
Interval: 300 seconds
Blocked: Yes
Log entries:
Sep 16 07:57:44 entropy pop3d: LOGIN FAILED, user=test, ip=[::ffff:120.139.151.121] Sep 16 07:57:44 entropy pop3d: LOGIN FAILED, user=test, ip=[::ffff:120.139.151.121] Sep 16 07:57:45 entropy pop3d: LOGIN FAILED, user=test, ip=[::ffff:120.139.151.121] Sep 16 07:57:45 entropy pop3d: LOGIN FAILED, user=test, ip=[::ffff:120.139.151.121] Sep 16 07:57:49 entropy pop3d: LOGIN FAILED, user=test, ip=[::ffff:120.139.151.121] Sep 16 07:57:49 entropy pop3d: LOGIN FAILED, user=test, ip=[::ffff:120.139.151.121] Sep 16 07:57:50 entropy pop3d: LOGIN FAILED, user=test, ip=[::ffff:120.139.151.121] Sep 16 07:57:50 entropy pop3d: LOGIN FAILED, user=test, ip=[::ffff:120.139.151.121] Sep 16 07:57:54 entropy pop3d: LOGIN FAILED, user=test, ip=[::ffff:120.139.151.121] Sep 16 07:57:54 entropy pop3d: LOGIN FAILED, user=test, ip=[::ffff:120.139.151.121]
keep a decent firewall and maintain the server kernel version and the application versions and you can avoid most of these...
Re: Texas Gun Talk Hacked
Posted: Wed Sep 18, 2013 6:00 pm
by GTRich94
TGT was hacked? How did that eTrade commercial with the baby go. "This is my shocked face."
I stopped going there last year after the 3rd or 4th successful hack. I just got tired of having to change my password every other week on all the various web forums I use this ID on.
