Author Topic: Cactus Website attacked  (Read 7160 times)

Offline Red Dragon Thorn

  • Covenant Games
  • Global Moderator
  • Trade Count: (+10)
  • *****
  • Posts: 5373
    • -
    • North Central Region
    • Covenant Games
Re: Cactus Website attacked
« Reply #25 on: March 16, 2010, 12:53:00 PM »
0
Hey Rob,

With the attack, was it simply a brute force attack to shut the boards down, or was there ulterior motive, I.E. gaining access to passwords and such? Just wondering if I should go and change some of my passwords for email accounts and such that used the same as the boards.

Thanks,

John.
www.covenantgames.com

Offline Cameron the Conqueror

  • Trade Count: (+5)
  • Hero Member
  • *****
  • Posts: 6586
  • Post # doesn't reflect personal theology. Retired.
    • -
    • Southwest Region
Re: Cactus Website attacked
« Reply #26 on: March 16, 2010, 02:21:15 PM »
0
The odd thing about the attack was that it was not a DDOS, at least on the front end.  When we tried to get to the boards, we didn't get a 404, but a SMF error.  That means the website was up ut had a database error (files missing.)  That would suggest an ulterior motive like database access, not a brute force attack.

Offline Red

  • Tournament Host
  • Trade Count: (+2)
  • *****
  • Posts: 4791
  • It takes time to build the boat.
    • LFG
    • Southeast Region
Re: Cactus Website attacked
« Reply #27 on: March 16, 2010, 02:25:49 PM »
0
guys fill me in:what is the diffence why would we be attacked? i'm ???
Ironman 2016 and 2018 Winner.
3rd T1-2P 2018, 3rd T2-2P 2019
I survived the Flood twice.

Offline Korunks

  • Tournament Host
  • Trade Count: (+11)
  • *****
  • Posts: 2271
    • -
    • Northeast Region
Re: Cactus Website attacked
« Reply #28 on: March 16, 2010, 02:41:40 PM »
0
I think you guys might be right about the attack, I think changing all passwords that are the same as this one would be a wise precaution.
In AMERICA!!

Offline Red

  • Tournament Host
  • Trade Count: (+2)
  • *****
  • Posts: 4791
  • It takes time to build the boat.
    • LFG
    • Southeast Region
Re: Cactus Website attacked
« Reply #29 on: March 16, 2010, 02:48:52 PM »
0
good cuz my  password on the email is deffent.
« Last Edit: March 16, 2010, 04:05:00 PM by RED »
Ironman 2016 and 2018 Winner.
3rd T1-2P 2018, 3rd T2-2P 2019
I survived the Flood twice.

Offline Cameron the Conqueror

  • Trade Count: (+5)
  • Hero Member
  • *****
  • Posts: 6586
  • Post # doesn't reflect personal theology. Retired.
    • -
    • Southwest Region
Re: Cactus Website attacked
« Reply #30 on: March 16, 2010, 02:50:14 PM »
0
guys fill me in:what is the diffence why would we be attacked? i'm ???
A DDOS (brute force) attack is basically where a botnet (collection of virus controlled computers) all ping (visit) a website at the same time.  It overloads the server, causing a web site to go down.  When this happens, loading times will be either REALLY long or you will get a 404.  In another type, someone could try to guess the password or exploit a hole in the server, gain access to the root directory, and simply delete the files.  That would result (most often) in an error message similar to the one we saw in this case.

Offline Red

  • Tournament Host
  • Trade Count: (+2)
  • *****
  • Posts: 4791
  • It takes time to build the boat.
    • LFG
    • Southeast Region
Re: Cactus Website attacked
« Reply #31 on: March 16, 2010, 03:01:34 PM »
0
i think we'v been DDOS'd before, like last week.(i think)
Ironman 2016 and 2018 Winner.
3rd T1-2P 2018, 3rd T2-2P 2019
I survived the Flood twice.

Offline TheKarazyvicePresidentRR

  • Trade Count: (+4)
  • Hero Member
  • *****
  • Posts: 15781
  • Currently undead
    • -
    • Southeast Region
Re: Cactus Website attacked
« Reply #32 on: March 16, 2010, 03:04:18 PM »
0
i think we'v been DDOS'd before, like last week.(i think)
The boards didn't crash last week did they?
Not quite a ghost...but not quite not.

Offline Cameron the Conqueror

  • Trade Count: (+5)
  • Hero Member
  • *****
  • Posts: 6586
  • Post # doesn't reflect personal theology. Retired.
    • -
    • Southwest Region
Re: Cactus Website attacked
« Reply #33 on: March 16, 2010, 03:20:26 PM »
0
They were experiencing some troubles, but I would not see that as a DDOS attack, but instead the hacker figuring out the way the boards work.


In an unofficial answer to RDT's question, it depends how the boards are set up.  Some systems allow admins to access passwords.  Some encrypt them so the admin cannot assess them (to prevent this problem.)  I don't know how SMF does it; you'll need an admin's knowledge on that.

Offline The Guardian

  • Playtester, Redemption Elder
  • Global Moderator
  • Trade Count: (+96)
  • *****
  • Posts: 12344
  • The Stars are coming out...
    • -
    • North Central Region
Re: Cactus Website attacked
« Reply #34 on: March 16, 2010, 03:46:45 PM »
0
If I understand you correctly, as long as the password I use for this site is not used for anything else, I should be okay?

Should I change my password for this site?

Thanks for the advice Cam.
Fortress Alstad
Have you checked the REG?
Have you looked it up in ORCID?

Offline Professoralstad

  • Tournament Host, Redemption Elder
  • Trade Count: (+47)
  • Hero Member
  • *****
  • Posts: 10841
  • Everything is Awesome!
    • -
    • North Central Region
Re: Cactus Website attacked
« Reply #35 on: March 16, 2010, 03:51:30 PM »
0
If I understand you correctly, as long as the password I use for this site is not used for anything else, I should be okay?

Should I change my password for this site?

Thanks for the advice Cam.

It's probably never a bad idea to change your password for everything once in awhile, as long as you don't forget it. Fortunately, my password for my University account was just changed recently from the one I have on here.

And since the only thing that could be done with the password for this site is posting/changing your account, I'm not sure if I'd worry too much. But it still couldn't hurt.
Press 1 for more options.

Offline Cameron the Conqueror

  • Trade Count: (+5)
  • Hero Member
  • *****
  • Posts: 6586
  • Post # doesn't reflect personal theology. Retired.
    • -
    • Southwest Region
Re: Cactus Website attacked
« Reply #36 on: March 16, 2010, 04:13:26 PM »
0
If I understand you correctly, as long as the password I use for this site is not used for anything else, I should be okay?

Should I change my password for this site?

Thanks for the advice Cam.
Well, I don't know if there was a security breach as I don't know what was compromised/how SMF works.

I would probably recommend changing your password anyway, but it isn't a big deal if that password is unique to these forums.

Offline Kor

  • Trade Count: (0)
  • Sr. Member
  • ****
  • Posts: 756
    • -
    • North Central Region
Re: Cactus Website attacked
« Reply #37 on: March 16, 2010, 04:23:47 PM »
0
Personally, I would be more worried for people that Cactus had the credit card information of, as he said the shopping cart was down as well.
Life is what you make of it.

Offline Cameron the Conqueror

  • Trade Count: (+5)
  • Hero Member
  • *****
  • Posts: 6586
  • Post # doesn't reflect personal theology. Retired.
    • -
    • Southwest Region
Re: Cactus Website attacked
« Reply #38 on: March 16, 2010, 04:26:48 PM »
0
That information is almost always encrypted, but hackers like this can often break it.  I would be worried about that too.

The Schaef

  • Guest
  • Trade Count: (0)
Re: Cactus Website attacked
« Reply #39 on: March 16, 2010, 06:20:27 PM »
0
SMF, the forum software for this website, converts passwords to an MD5 hash.  I can reset a user's password but I do not have the ability to read the information, because it is encrypted.

The shopping cart is probably more secure, as most programs worth their salt (pun to be intended momentarily) add a "salt" to the password, usually one or more numbers or characters, at some point in the password (usually the end), and then generate an MD5 hash of THAT.  So even if someone could hack the MD5, which is difficult but not impossible, the salted password adds an extra layer of protection for sensitive information.
« Last Edit: March 16, 2010, 06:24:01 PM by The Schaef »

Offline The Warrior

  • Trade Count: (0)
  • Hero Member
  • *****
  • Posts: 2407
  • Resident of The Internet.
    • -
    • Midwest Region
Re: Cactus Website attacked
« Reply #40 on: March 16, 2010, 06:33:19 PM »
0
SMF, the forum software for this website, converts passwords to an MD5 hash.  I can reset a user's password but I do not have the ability to read the information, because it is encrypted.

The shopping cart is probably more secure, as most programs worth their salt (pun to be intended momentarily) add a "salt" to the password, usually one or more numbers or characters, at some point in the password (usually the end), and then generate an MD5 hash of THAT.  So even if someone could hack the MD5, which is difficult but not impossible, the salted password adds an extra layer of protection for sensitive information.
so thats a yes or a no to ppl stealing info?
Wanderer of the Web.

Offline Cameron the Conqueror

  • Trade Count: (+5)
  • Hero Member
  • *****
  • Posts: 6586
  • Post # doesn't reflect personal theology. Retired.
    • -
    • Southwest Region
Re: Cactus Website attacked
« Reply #41 on: March 16, 2010, 06:35:29 PM »
0
That's a no.  I'd say that's safe enough.  Not impossible to hack like Schaef said, but very difficult and time consuming. 

Offline Master KChief

  • Trade Count: (+9)
  • Hero Member
  • *****
  • Posts: 6963
  • Greatness, at any cost.
    • -
    • North Central Region
    • GameStop
Re: Cactus Website attacked
« Reply #42 on: March 16, 2010, 07:50:43 PM »
0
and who has more time...than a hacker. :)

better safe than sorry, i say.
"If it weren't for people with bad decision making skills, I'd have to get a real job." - Reynad

Offline BubbleBoy

  • Trade Count: (+11)
  • Hero Member
  • *****
  • Posts: 8014
    • -
    • North Central Region
Re: Cactus Website attacked
« Reply #43 on: March 16, 2010, 08:09:48 PM »
0
Well, I don't even use this password for anything else anyway.

(Pssst, everyone say this so that the hacker will leave us alone. ;))
Use the Mad Bomber to rescue his Province.

Warrior_Monk

  • Guest
  • Trade Count: (0)
Re: Cactus Website attacked
« Reply #44 on: March 17, 2010, 12:34:52 AM »
0
possibly a follow  up to the xCaLeBx and Redemption Rulez deletings? and now Clarinet is gone... maybe the hacker is gonna hack and delete your account!  :o

anyway, I don't care if my account is hacked, the password I use on this is simple and only used for my internet gaming sites that I know I won't continue using...

Offline RTSmaniac

  • Tournament Host
  • Trade Count: (+5)
  • *****
  • Posts: 4289
    • LFG
    • Southeast Region
    • ROOT Online
Re: Cactus Website attacked
« Reply #45 on: March 17, 2010, 12:53:32 AM »
0
Ive paid for tournaments with credit before. Do i need to be worried?
This is the way Lackey gave it to me. All hail the power of Lackey!

Offline Crashfach2002

  • Global Moderator
  • Trade Count: (+145)
  • *****
  • Posts: 3058
    • -
    • East Central Region
Re: Cactus Website attacked
« Reply #46 on: March 17, 2010, 10:16:27 AM »
0
Ive paid for tournaments with credit before. Do i need to be worried?

Nope!  I'm only going to use your credit card number every once in a while!   ;) :P

Offline lightningninja

  • Trade Count: (+19)
  • Hero Member
  • *****
  • Posts: 5397
  • I'm Watchful Servant, and I'm broken.
Re: Cactus Website attacked
« Reply #47 on: March 17, 2010, 01:54:32 PM »
0
I don't use this password for anything else, thankfully. However... almost everything else uses the same password.  ;D I also don't have a credit card or anything worth hacking. I think I'm safe.

...Unless it's me.  ;)
As a national champion, I support ReyZen deck pouches.

Offline Cameron the Conqueror

  • Trade Count: (+5)
  • Hero Member
  • *****
  • Posts: 6586
  • Post # doesn't reflect personal theology. Retired.
    • -
    • Southwest Region
Re: Cactus Website attacked
« Reply #48 on: March 17, 2010, 02:01:32 PM »
0

 


SimplePortal 2.3.3 © 2008-2010, SimplePortal