|
|
|
|
||||
|
Welcome to the GoFuckYourself.com - Adult Webmaster Forum forums. You are currently viewing our boards as a guest which gives you limited access to view most discussions and access our other features. By joining our free community you will have access to post topics, communicate privately with other members (PM), respond to polls, upload content and access many other special features. Registration is fast, simple and absolutely free so please, join our community today! If you have any problems with the registration process or your account login, please contact us. |
 |
|
|||||||
| Discuss what's fucking going on, and which programs are best and worst. One-time "program" announcements from "established" webmasters are allowed. |
|
|
Thread Tools |
02-23-2004, 07:19 AM
|
#1 |
|
Confirmed User
Industry Role:
Join Date: Apr 2003
Posts: 1,070
|
Verotel hacked passes?...
We use Verotel on 4 of our paysites along with Pennywize and a few other billers.
This morning we've have an unusually high amount of Pennywize emails informing us of abused accounts - all Verotel ID's and from all 4 different sites. We get a few abused accounts most days but as i say, today is getting a lot from only Verotel ID's - more than we've had in the last few months. Anyone else getting this? |
|
|
|
02-23-2004, 07:52 AM
|
#2 |
|
Confirmed User
Join Date: Jan 2004
Location: Canada
Posts: 793
|
Hey, hey...
Chances are it's Verotel. On their end. I dumped those cheeseheads last week. Or, it could be on your end. I know 100% for sure that mine were hacked, somehow, on their end. http://www.gofuckyourself.com/showth...hreadid=235941 |
|
|
|
|
02-23-2004, 08:58 AM
|
#3 |
|
Confirmed User
Join Date: Oct 2002
Posts: 3,745
|
It is possible to hack the older version of Verotels' add/remove password
scripts (verotelrum.pl). People do actively scan for that script, as evidenced by server logs of sites I have seen. It is quite possible that the breach occurred through verotelrum.pl on your server. Also, due to the way Vertoel chooses usernames, Verotel usernames and good targets for brute force attacks. Pennywize's brute force detection is broken in so far as it does not acount for open proxies, which most brute force attackers use nowadays. For optimal security, you should update verotelrum.pl to the latest version and have a security aware tech take a look at your script configuration and related items. Also you may wish to replace pennydumb's suckurity based on 1998 methods with something up to date and far more secure, such as Strongbox.
__________________
For historical display only. This information is not current: support@bettercgi.com ICQ 7208627 Strongbox - The next generation in site security Throttlebox - The next generation in bandwidth control Clonebox - Backup and disaster recovery on steroids |
|
|
|
|
02-23-2004, 08:58 AM
|
#4 |
|
Confirmed User
Industry Role:
Join Date: Apr 2003
Posts: 1,070
|
Interesting link - thanks
|
|
|
|
|
02-23-2004, 08:59 AM
|
#5 | |
|
Confirmed User
Join Date: Feb 2003
Posts: 6,040
|
Quote:
 |
|
|
|
|
