|
|
|
|
||||
|
Welcome to the GoFuckYourself.com - Adult Webmaster Forum forums. You are currently viewing our boards as a guest which gives you limited access to view most discussions and access our other features. By joining our free community you will have access to post topics, communicate privately with other members (PM), respond to polls, upload content and access many other special features. Registration is fast, simple and absolutely free so please, join our community today! If you have any problems with the registration process or your account login, please contact us. |
 |
|
|||||||
| Discuss what's fucking going on, and which programs are best and worst. One-time "program" announcements from "established" webmasters are allowed. |
|
|
Thread Tools |
11-25-2005, 08:42 AM
|
#1 |
|
Confirmed User
Industry Role:
Join Date: Jan 2004
Posts: 2,169
|
HELP: Pennywize blocked over 45 members today!!!
Today I received over 45 emails from pennywize, about blocked accounts to my paysite...every account got blocked after 4-5 different subnets was used on the same account.
My best guess right now is that someone stole my password file from my server...what can I do? Help... I don't know how to stop it.... Screenshot: http://img376.imageshack.us/my.php?image=fuck7ei.jpg
__________________
Fuck it dude, lets go bowling 
|
|
|
|
11-25-2005, 10:12 AM
|
#2 |
|
So Fucking Banned
Join Date: Nov 2005
Location: Juicy's House! Icq: 265529404
Posts: 2,266
|
damn yes you need some help!
|
|
|
|
|
11-25-2005, 10:28 AM
|
#3 |
|
So Fucking Banned
Industry Role:
Join Date: May 2001
Location: Your mom's front hole
Posts: 40,906
|
ahh man thats what a hate about pennywize...
Did you just install it? How long have you been using pennywize? To fix that just bump the subnets up a bit. |
|
|
|
|
11-25-2005, 10:29 AM
|
#4 |
|
So Fucking Banned
Industry Role:
Join Date: May 2001
Location: Your mom's front hole
Posts: 40,906
|
also it's probably aol users... they can go thru 2 -10 subnets in a session.
|
|
|
|
|
11-25-2005, 10:31 AM
|
#5 | |
|
sex dwarf
Join Date: May 2002
Posts: 17,860
|
Quote:
__________________
/(bb|[^b]{2})/ |
|
|
|
|
|
11-25-2005, 10:46 AM
|
#6 | |
|
Confirmed User
Industry Role:
Join Date: Jan 2004
Posts: 2,169
|
Quote:
besides subnets are completely different and comes from different countries...
__________________
Fuck it dude, lets go bowling
|
|
|
|
|
|
11-25-2005, 10:48 AM
|
#7 |
|
Confirmed User
Industry Role:
Join Date: Nov 2000
Location: Oakville, Ontario, Canada
Posts: 9,287
|
I set my threshhold to 10 subnets and just watch them very carefully
|
|
|
|
|
11-25-2005, 10:49 AM
|
#8 |
|
Confirmed User
Industry Role:
Join Date: Nov 2000
Location: Oakville, Ontario, Canada
Posts: 9,287
|
It's pretty easy to tell which ones get out
|
|
|
|
|
11-25-2005, 10:50 AM
|
#9 |
|
Confirmed User
Industry Role:
Join Date: Jan 2004
Posts: 2,169
|
I don't see any solution on this problem, I just have to wait a couple of days or weeks until its over.
And deal with my angry members.... But how can I protect the password file better? To avoid this in the future?
__________________
Fuck it dude, lets go bowling
|
|
|
|
|
11-25-2005, 10:52 AM
|
#10 | |
|
Confirmed User
Industry Role:
Join Date: Jan 2004
Posts: 2,169
|
Quote:
The problem here is that someone stole/hacked my password file on the server and past the whole list on some forum or something..
__________________
Fuck it dude, lets go bowling
|
|
|
|
|
|
11-25-2005, 10:54 AM
|
#11 | |
|
►SouthOfHeaven
Join Date: Jun 2004
Location: PlanetEarth MyBoardRank: GerbilMaster My-Penis-Size: extralarge MyWeapon: Computer
Posts: 28,609
|
Quote:
__________________
hatisblack at yahoo.com |
|
|
|
|
|
11-25-2005, 10:56 AM
|
#12 | |
|
Confirmed User
Industry Role:
Join Date: Jan 2004
Posts: 2,169
|
Quote:
__________________
Fuck it dude, lets go bowling
|
|
|
|
|
|
11-25-2005, 11:04 AM
|
#13 | |
|
sex dwarf
Join Date: May 2002
Posts: 17,860
|
Quote:
1. Make sure your server hasn't been hacked. If it has been, fix the problem. 2. Make sure your password file isn't accessible. Check for (known?) security issues with any scripts you are using, and implement any common sense security measures you haven't implemented yet (e.g. placing your password file in a directory that isn't web-accessible, etc.) 3. Start checking signups and existing username/password combos against common wordlists. Respectively, change them and stop allowing them. 4. If the problem doesn't stop... (this will hurt) get all your members to change their passwords. 5. Try and make unhappy hacked members happy again by giving them a free week of access or whatever.
__________________
/(bb|[^b]{2})/ |
|
|
|
|
|
11-25-2005, 11:28 AM
|
#14 | |
|
Confirmed User
Industry Role:
Join Date: Jan 2004
Posts: 2,169
|
Quote:
__________________
Fuck it dude, lets go bowling
|
|
|
|
|
|
11-25-2005, 01:48 PM
|
#15 |
|
Confirmed User
Join Date: Sep 2003
Posts: 1,553
|
also a good idea to stop letting members chose their own login and password (if you do) and let CCBill generate a random one - presuming you are using ccbill
__________________
Paul L - OnlyTease / Only-Opaques / Only-Secretaries / OnlySilkandSatin / Art-Lingerie / Layered-Nylons Sponsor program at www.otcash.com 
|
|
|
|
|
11-25-2005, 01:51 PM
|
#16 |
|
Strength and Honor
Join Date: Jul 2004
Location: Europe
Posts: 16,540
|
get strongboxxx
|
|
|
|
|
11-25-2005, 02:05 PM
|
#17 |
|
Confirmed User
Join Date: Sep 2005
Posts: 942
|
get strong box
|
|
|
|
|
11-25-2005, 03:12 PM
|
#18 |
|
Confirmed User
Join Date: Oct 2002
Location: Southcoast, Mass.
Posts: 1,521
|
If the password file was stolen -- what processor do you use? Shared or dedicated server? Up-to-date php software? phpBB running on the box?
Check server logs to see specifically what files were accessed, and how.
__________________
Make bank by giving your surfers free pics every day and it costs you NOTHING! Use POTD Sponsors to find adult sponsors in more than 75 niches who offer a POTD feature! |
|
|
|
