Password sites

Collapse
X
 
  • Time
  • Show
Clear All
new posts
  • Compdoctor
    Confirmed User
    • Aug 2001
    • 1937

    #1

    Password sites

    So who is doing the take down of password sites? ICQ me at 60080709 I have some to add to your list
    Content By Compdoctor- Original 3D Cartoon Work

    3D Comics

    Anime Resource Accepting Toon/Hentai Links
  • woj
    <&(©¿©)&>
    • Jul 2002
    • 47882

    #2
    uh, damn it, I thought I would see some links in this thread :-/
    Custom Software Development, email: woj#at#wojfun#.#com to discuss details or skype: wojl2000 or gchat: wojfun or telegram: wojl2000
    Affiliate program tools: Hosted Galleries Manager Banner Manager Video Manager
    Wordpress Affiliate Plugin Pic/Movie of the Day Fansign Generator Zip Manager

    Comment

    • StarkReality
      Confirmed User
      • May 2004
      • 4444

      #3
      Password sites are so 1998...not really a threat.

      Comment

      • Compdoctor
        Confirmed User
        • Aug 2001
        • 1937

        #4
        Originally posted by StarkReality
        Password sites are so 1998...not really a threat.
        really!!! How about the password sites that have all your movies and have ripped your site clean to post it for their members?
        Content By Compdoctor- Original 3D Cartoon Work

        3D Comics

        Anime Resource Accepting Toon/Hentai Links

        Comment

        • Compdoctor
          Confirmed User
          • Aug 2001
          • 1937

          #5
          Oh well I tried, back to work
          Content By Compdoctor- Original 3D Cartoon Work

          3D Comics

          Anime Resource Accepting Toon/Hentai Links

          Comment

          • raymor
            Confirmed User
            • Oct 2002
            • 3745

            #6
            If anyone manages to actually do anything about password sites we have
            hundreds of thousands in our list.
            For historical display only. This information is not current:
            support&#64;bettercgi.com ICQ 7208627
            Strongbox - The next generation in site security
            Throttlebox - The next generation in bandwidth control
            Clonebox - Backup and disaster recovery on steroids

            Comment

            • D
              Confirmed User
              • Jan 2006
              • 7412

              #7
              Password sites are one thing.

              Content theft is another.

              Password sites are circumvented easily enough by having something like Strongbox installed on your servers.

              Content Theft is and continues to be an issue. If you see Shane's World or Hush Hush Entertainment content anywhere out there - please do me the favor of letting me know.

              ICQ or email.
              -D.
              ICQ: 202-96-31

              Comment

              • aico
                Moo Moo Cow
                • Mar 2004
                • 14748

                #8
                I make sales from password sites, why the fuck would I want to take them down?

                Comment

                • StarkReality
                  Confirmed User
                  • May 2004
                  • 4444

                  #9
                  Originally posted by Compdoctor
                  really!!! How about the password sites that have all your movies and have ripped your site clean to post it for their members?
                  That's bad, but it's not like in the old days. Many people use torrent/tube sites instead nowadays and countermeasures to detect and disable hacked/shared accounts have dramatically improved...and this protection is very affordable.

                  I didn't want to say these sites aren't a problem any more, but it has become alot easier to protected yourself effectively, most shared passwords die in minutes and are often even given out by owners themselves to promote the site.

                  The fact that paying members download whole sites and publish the stuff on rapidshare or other free filehosts or put them on the torrent networks is a much bigger problem.

                  Comment

                  • TeenCat
                    Too lazy to set a koala
                    • Jan 2007
                    • 16139

                    #10
                    m s g s e n t

                    6bot
                    / Coming again very soon!
                    Svit Zlin Radio 24/7!

                    Comment

                    • Iron Fist
                      Too lazy to set a custom title
                      • Dec 2006
                      • 23400

                      #11
                      Originally posted by StarkReality
                      Password sites are so 1998...not really a threat.
                      Yup.. if you've got strongbox....
                      i like waffles

                      Comment

                      • raymor
                        Confirmed User
                        • Oct 2002
                        • 3745

                        #12
                        Originally posted by D
                        Password sites are one thing.

                        Content theft is another.

                        Password sites are circumvented easily enough by having something like Strongbox installed on your servers.

                        Content Theft is and continues to be an issue. If you see Shane's World or Hush Hush Entertainment content anywhere out there - please do me the favor of letting me know.

                        ICQ or email.
                        Indeed, while password sites slowly evolve their tactics, modern
                        protection systems pretty much take care of it. We have a new release of
                        Strongbox coming out to stay ahead of the game, but as long as a webmaster
                        has a modern system I think they are pretty well taken care of. Content theft
                        seems to be the next big problem, so that's where we're turnign our attention
                        for some new systems. The issue StarkReality brought up of having the whole
                        site ripped is taken care of by Throttlebox and our new tracking system which
                        has yet to be named will let you fins stolen content and track down the thief.
                        Hmm, what kind of "box" name might be good for the new content tracking
                        system? Trackbox? TraxBox? IDbox?
                        For historical display only. This information is not current:
                        support&#64;bettercgi.com ICQ 7208627
                        Strongbox - The next generation in site security
                        Throttlebox - The next generation in bandwidth control
                        Clonebox - Backup and disaster recovery on steroids

                        Comment

                        • tcsfounder
                          Registered User
                          • May 2006
                          • 28

                          #13
                          Originally posted by raymor
                          ....and our new tracking system which
                          has yet to be named will let you fins stolen content and track down the thief.
                          Hmm, what kind of "box" name might be good for the new content tracking
                          system? Trackbox? TraxBox? IDbox?
                          BlackBox should be the name of the new product, or maybe package the suite under the name BlackBox, KillBox is another suggestion. BTW, i should get a hookup on a copy if you use the name, lol

                          Don't know what you are planning, but I would be happy to have something like apple does with their drm-free music files, info is embedded into the file at download that has the id of the purchaser. I don't know why nobody has come up with a solution to offer content providers that does something like this.

                          Comment

                          • mrwilson
                            mrwilson 2.0
                            • Jul 2007
                            • 5122

                            #14
                            Originally posted by StarkReality
                            Password sites are so 1998...not really a threat.
                            I cant ohnestly see how they are not really a threat.

                            It's the password sites that are the problem, people bitch about tube sites posting there content but where do you think the tube site owners/uploaders get the content from?

                            I can almost guarantee they are getting access to it through password forum sites and using cracked passwords.

                            Password sites are the main problem, stop them and stop alot of content being stolen.


                            Edit: Strongbox is good, dont get me wrong, but its certainly not all that. go to lawinanet . com and see for yourself.
                            Last edited by mrwilson; 01-22-2008, 08:25 AM.

                            Comment

                            • pip
                              So Fucking Banned
                              • Nov 2005
                              • 468

                              #15
                              People that still use htaccess for authentication are dumb, you are just asking for it

                              Comment

                              • mrwilson
                                mrwilson 2.0
                                • Jul 2007
                                • 5122

                                #16
                                An example.


                                Comment

                                • Violetta
                                  Affiliate
                                  • Jul 2004
                                  • 28735

                                  #17
                                  We should all donate some money to programmers or hackers or whatever, so that they could spend some time taking them down, or ddos, or just fuck with them...
                                  M&A Queen

                                  Comment

                                  • mrwilson
                                    mrwilson 2.0
                                    • Jul 2007
                                    • 5122

                                    #18
                                    Something should be done, but what exactly i dont know.

                                    Perhaps taking doing things legally would be the better option considering the majority of the pass crackers are hackers i would imagine there sites are infact pretty secure.

                                    Comment

                                    • gmr324
                                      Confirmed User
                                      • Aug 2006
                                      • 1199

                                      #19
                                      It's the password sites that are the problem, people bitch about tube sites posting there content but where do you think the tube site owners/uploaders get the content from?

                                      I can almost guarantee they are getting access to
                                      it through password forum sites and using cracked passwords.
                                      We at PhantomFrog have always maintained that the ONLY TRUE litmus test of a password protection system (whether its ProxyPass, Pennywize, Strongbox) is whether the stolen passes
                                      that are published on password trading sites are WORKING!!! If you can find working passes there, then the password protection system you're using
                                      is failing to do its job. Period.

                                      Just go to wt50.com and you'll find a well
                                      organized index of password trading forums. And those are just the public ones. There are also private paid membership ones as well where
                                      leechers pay so the stolen passwords have a longer lifetime. Many of these forums have been closed only to re-open under a different domain and host with their entire leecher membership intact. So, closing them down only makes the snake rear its ugly head in a different spot. The solution is to
                                      block and change the stolen passwords. If the hackers and leechers who frequent these trading forums only find dead passwords, they will become frustrated and turn their attention to improperly protected sites.

                                      I have personally observed discussion threads between hackers who are tearing their hair out about why previously wide open sites have
                                      suddenly become unexploitable for stealing passwords. Those sites had recently installed Phantom Frog. Its nice to turn the tables and have the hackers, instead of the webmasters, be the ones who are losing sleep!!!

                                      The next reply in this thread will outline the capabilities of Phantom Frog and how you can
                                      install a Free Trial version of the system to
                                      evaluate it for yourself.
                                      Last edited by gmr324; 01-22-2008, 12:48 PM.

                                      Comment

                                      • gmr324
                                        Confirmed User
                                        • Aug 2006
                                        • 1199

                                        #20
                                        Phantom Frog Info

                                        Phantom Frog that is setting a new standard for
                                        password security. Our product uses Geo-IP tracking
                                        technology which will not even allow 2 people to
                                        share the same password let alone a whole trading
                                        forum with hundreds of leechers!

                                        Our Hi-Resolution Geo-IP Tracking offers the most
                                        accurate password abuse detection available anywhere.
                                        It tracks all visits to the members area of a site
                                        down to the city level. Furthermore, it takes
                                        latitudal and longitudal data into consideration.
                                        Therefore, Frog detects the fact that the same
                                        password was used in L.A. and NYC. We pinpoint the
                                        abuse instantly, allowing for the possibility of
                                        legitimate travel. That level of resolution is
                                        unique to Phantom Frog.

                                        Our system is based upon the premise of providing
                                        24/7 uninterrupted access to the legitimate members
                                        while blocking out the leechers. This is accomplished
                                        automatically through our Automated Member Support
                                        (AMS) feature. When password abuse is detected, the
                                        password is changed. The next time the valid member
                                        trys to login, Frog uses their email address to
                                        validate their identity and issues them a new password
                                        directly via email. This strategy breaks the cycle of
                                        password abuse and frees up the webmasters to do more
                                        important work.

                                        Our product is integrated with CCBill, NetBilling,
                                        Paycom, NATS, MPA3, Verotel, 2000Charge, SegPay, Jettis,
                                        and 365Billing. Phantom Frog has a simple FREE Trial
                                        Version which installs by adding one html tag or we
                                        can handle the installation completely for you for.
                                        In fact, we recommend that you leave ProxyPass or
                                        Pennywize activated during our Trial to witness
                                        first-hand all the abuse being missed by them!

                                        Most of customers were motivated to purchase our
                                        password protection only 3 days after installing the
                                        Free Trial! We also offer Automated Member Support,
                                        Brute Force Attack Protection, and Bandwidth Abuse
                                        Protection.

                                        Phantom Frog has stellar webmaster testimonials which
                                        are listed on our site. A high percentage of our clients
                                        are ex-ProxyPass/Pennywize clients. A casual scan of
                                        our webmaster testimonials page will reveal how unaware
                                        they were of the password abuse which was being allowed
                                        and overlooked by their current protection system.


                                        Please feel free to contact me with any questions or feedback.

                                        Visit out site to learn more: http://www.PhantomFrog.com/g

                                        Visit this link to try our FREE demo: http://phantomfrog.com/g?ft=1

                                        Thanks

                                        George

                                        Comment

                                        • mrwilson
                                          mrwilson 2.0
                                          • Jul 2007
                                          • 5122

                                          #21
                                          Hi george, i spoke to you a while back, i met you in another topic similar to this..lol

                                          And yes Phantom frog is the way to go

                                          Comment

                                          • gmr324
                                            Confirmed User
                                            • Aug 2006
                                            • 1199

                                            #22
                                            Yes, I remember that too! I sent you an ICQ message.
                                            Shoot me an email and let's see if we can get you
                                            lined up with a Free Trial of Frog.

                                            Thanks Again

                                            George

                                            Comment

                                            • ladida
                                              Confirmed User
                                              • Nov 2005
                                              • 2179

                                              #23
                                              Originally posted by gmr324
                                              I have personally observed discussion threads between hackers who are tearing their hair out about why previously wide open sites have suddenly become unexploitable for stealing passwords.
                                              Your other things might hold water, this doesn't. Hackers don't do bruteforcing of usernames, they simply take them from the database/file. Installing phantomfrog doesn't make a site unexploitable. Exploitable != getting a valid pass. The toplist you linked to is mainly led by 1 guy, who is a webmaster himself and is profiting off of stolen passwords (he's seling memberships both to his sites and to paysites), but he does have valid passes to sites that were infact not given to him.
                                              agentGFY *at* gmail.com

                                              Comment

                                              • tony299
                                                lurker
                                                • Aug 2002
                                                • 57021

                                                #24
                                                Originally posted by raymor
                                                Indeed, while password sites slowly evolve their tactics, modern
                                                protection systems pretty much take care of it. We have a new release of
                                                Strongbox coming out to stay ahead of the game, but as long as a webmaster
                                                has a modern system I think they are pretty well taken care of. Content theft
                                                seems to be the next big problem, so that's where we're turnign our attention
                                                for some new systems. The issue StarkReality brought up of having the whole
                                                site ripped is taken care of by Throttlebox and our new tracking system which
                                                has yet to be named will let you fins stolen content and track down the thief.
                                                Hmm, what kind of "box" name might be good for the new content tracking
                                                system? Trackbox? TraxBox? IDbox?
                                                this product is going to make u rich.

                                                Comment

                                                • gmr324
                                                  Confirmed User
                                                  • Aug 2006
                                                  • 1199

                                                  #25
                                                  Hackers don't do bruteforcing of usernames, they
                                                  simply take them from the database/file. Installing
                                                  phantomfrog doesn't make a site unexploitable.
                                                  Exploitable != getting a valid pass.
                                                  Your point is well taken. That was an unfortunate
                                                  choice of words. There are two seperate issues here.
                                                  Webmasters who voluntarily plant passwords to entice
                                                  leechers to join their site. Any webmaster doing this
                                                  would obviously ignore or exempt his planted passes
                                                  from being blocked.

                                                  The second issue concerns malicious hackers who use
                                                  one of two methods to extract stolen passwords from
                                                  a site with the intent of publishing them on trading
                                                  forums for free-for-all use. There are the so-called
                                                  script kiddies who use programs like AD and Sentry
                                                  via brute force methods to expose stolen passwords
                                                  using themed wordlists. Then there are the more
                                                  serious infractions by malicious, misguided but more
                                                  technically oriented hackers who can locate entire
                                                  password files. No password protection system will
                                                  prevent this kind of password theft.

                                                  However, what a truly effective system WILL do is
                                                  ensure that those stolen (not planted) passwords
                                                  have no lifetime! The longer a stolen password is
                                                  working, the more exposure the webmaster has
                                                  to potential content theft and bandwidth abuse.
                                                  That is the point I was emphasizing about Phantom
                                                  Frog. Early detection is your best protection!
                                                  Frog's Geo-IP Tracking will detect pass abuse down
                                                  to the city level increasing the resolution of your
                                                  radar for catching this abuse.

                                                  Those are the hacker discussion threads I was referring
                                                  to where they are dumbfounded by how quickly their
                                                  stolen passes die due to the intervention of Frog!

                                                  Thanks for Your Insight

                                                  George

                                                  Comment

                                                  Working...