Author Topic: Cactus Website attacked (Read 5792 times)

Red Dragon Thorn · « **Reply #25 on:** March 16, 2010, 12:53:00 PM »

Hey Rob,

With the attack, was it simply a brute force attack to shut the boards down, or was there ulterior motive, I.E. gaining access to passwords and such? Just wondering if I should go and change some of my passwords for email accounts and such that used the same as the boards.

Thanks,

John.

Cameron the Conqueror · « **Reply #26 on:** March 16, 2010, 02:21:15 PM »

The odd thing about the attack was that it was not a DDOS, at least on the front end. When we tried to get to the boards, we didn't get a 404, but a SMF error. That means the website was up ut had a database error (files missing.) That would suggest an ulterior motive like database access, not a brute force attack.

Red · « **Reply #27 on:** March 16, 2010, 02:25:49 PM »

guys fill me in:what is the diffence why would we be attacked? i'm

Korunks · « **Reply #28 on:** March 16, 2010, 02:41:40 PM »

I think you guys might be right about the attack, I think changing all passwords that are the same as this one would be a wise precaution.

Red · « **Reply #29 on:** March 16, 2010, 02:48:52 PM »

good cuz my password on the email is deffent.

Cameron the Conqueror · « **Reply #30 on:** March 16, 2010, 02:50:14 PM »

Quote from: RED on March 16, 2010, 02:25:49 PM

guys fill me in:what is the diffence why would we be attacked? i'm

A DDOS (brute force) attack is basically where a botnet (collection of virus controlled computers) all ping (visit) a website at the same time. It overloads the server, causing a web site to go down. When this happens, loading times will be either REALLY long or you will get a 404. In another type, someone could try to guess the password or exploit a hole in the server, gain access to the root directory, and simply delete the files. That would result (most often) in an error message similar to the one we saw in this case.

Red · « **Reply #31 on:** March 16, 2010, 03:01:34 PM »

i think we'v been DDOS'd before, like last week.(i think)

TheKarazyvicePresidentRR · « **Reply #32 on:** March 16, 2010, 03:04:18 PM »

Quote from: RED on March 16, 2010, 03:01:34 PM

i think we'v been DDOS'd before, like last week.(i think)

The boards didn't crash last week did they?

Cameron the Conqueror · « **Reply #33 on:** March 16, 2010, 03:20:26 PM »

They were experiencing some troubles, but I would not see that as a DDOS attack, but instead the hacker figuring out the way the boards work.

In an unofficial answer to RDT's question, it depends how the boards are set up. Some systems allow admins to access passwords. Some encrypt them so the admin cannot assess them (to prevent this problem.) I don't know how SMF does it; you'll need an admin's knowledge on that.

The Guardian · « **Reply #34 on:** March 16, 2010, 03:46:45 PM »

If I understand you correctly, as long as the password I use for this site is not used for anything else, I should be okay?

Should I change my password for this site?

Thanks for the advice Cam.

Professoralstad · « **Reply #35 on:** March 16, 2010, 03:51:30 PM »

Quote from: The Guardian on March 16, 2010, 03:46:45 PM

If I understand you correctly, as long as the password I use for this site is not used for anything else, I should be okay?

Should I change my password for this site?

Thanks for the advice Cam.

It's probably never a bad idea to change your password for everything once in awhile, as long as you don't forget it. Fortunately, my password for my University account was just changed recently from the one I have on here.

And since the only thing that could be done with the password for this site is posting/changing your account, I'm not sure if I'd worry too much. But it still couldn't hurt.

Cameron the Conqueror · « **Reply #36 on:** March 16, 2010, 04:13:26 PM »

Quote from: The Guardian on March 16, 2010, 03:46:45 PM

If I understand you correctly, as long as the password I use for this site is not used for anything else, I should be okay?

Should I change my password for this site?

Thanks for the advice Cam.

Well, I don't know if there was a security breach as I don't know what was compromised/how SMF works.

I would probably recommend changing your password anyway, but it isn't a big deal if that password is unique to these forums.

Kor · « **Reply #37 on:** March 16, 2010, 04:23:47 PM »

Personally, I would be more worried for people that Cactus had the credit card information of, as he said the shopping cart was down as well.

Cameron the Conqueror · « **Reply #38 on:** March 16, 2010, 04:26:48 PM »

That information is almost always encrypted, but hackers like this can often break it. I would be worried about that too.

The Schaef · « **Reply #39 on:** March 16, 2010, 06:20:27 PM »

SMF, the forum software for this website, converts passwords to an MD5 hash. I can reset a user's password but I do not have the ability to read the information, because it is encrypted.

The shopping cart is probably more secure, as most programs worth their salt (pun to be intended momentarily) add a "salt" to the password, usually one or more numbers or characters, at some point in the password (usually the end), and then generate an MD5 hash of THAT. So even if someone could hack the MD5, which is difficult but not impossible, the salted password adds an extra layer of protection for sensitive information.

The Warrior · « **Reply #40 on:** March 16, 2010, 06:33:19 PM »

Quote from: The Schaef on March 16, 2010, 06:20:27 PM

SMF, the forum software for this website, converts passwords to an MD5 hash. I can reset a user's password but I do not have the ability to read the information, because it is encrypted.

The shopping cart is probably more secure, as most programs worth their salt (pun to be intended momentarily) add a "salt" to the password, usually one or more numbers or characters, at some point in the password (usually the end), and then generate an MD5 hash of THAT. So even if someone could hack the MD5, which is difficult but not impossible, the salted password adds an extra layer of protection for sensitive information.

so thats a yes or a no to ppl stealing info?

Cameron the Conqueror · « **Reply #41 on:** March 16, 2010, 06:35:29 PM »

That's a no. I'd say that's safe enough. Not impossible to hack like Schaef said, but very difficult and time consuming.

Master KChief · « **Reply #42 on:** March 16, 2010, 07:50:43 PM »

and who has more time...than a hacker.

better safe than sorry, i say.

BubbleBoy · « **Reply #43 on:** March 16, 2010, 08:09:48 PM »

Well, I don't even use this password for anything else anyway.

(Pssst, everyone say this so that the hacker will leave us alone.

)

Warrior_Monk · « **Reply #44 on:** March 17, 2010, 12:34:52 AM »

possibly a follow up to the xCaLeBx and Redemption Rulez deletings? and now Clarinet is gone... maybe the hacker is gonna hack and delete your account!

anyway, I don't care if my account is hacked, the password I use on this is simple and only used for my internet gaming sites that I know I won't continue using...

RTSmaniac · « **Reply #45 on:** March 17, 2010, 12:53:32 AM »

Ive paid for tournaments with credit before. Do i need to be worried?

Crashfach2002 · « **Reply #46 on:** March 17, 2010, 10:16:27 AM »

Quote from: RTSmaniac on March 17, 2010, 12:53:32 AM

Ive paid for tournaments with credit before. Do i need to be worried?

Nope! I'm only going to use your credit card number every once in a while!

lightningninja · « **Reply #47 on:** March 17, 2010, 01:54:32 PM »

I don't use this password for anything else, thankfully. However... almost everything else uses the same password.

I also don't have a credit card or anything worth hacking. I think I'm safe.

...Unless it's me.

Cameron the Conqueror · « **Reply #48 on:** March 17, 2010, 02:01:32 PM »

News:

Author Topic: Cactus Website attacked (Read 5792 times)

The Schaef

Warrior_Monk