BBS where newbies get passes to sites

[Andy S]

I was checking my counter when I saw i was receiving hits from
http://www.pornoboard.de/cgi-bin/ult...ubb=forum&f=30

Saw my paysite listed there and someone requested a password for it. Just wanted to let you know there is such bullshit.

[Gemini]

There are egroups owned by password hackers that take requests for specific sites to be hacked, then the pw's are posted and y'all get slammed by the members of the groups too.

[wiZd0m]

Whats your paysite ?

------------------
wiZd0m
Fortune Pussy Adult Links

[Andy S]

Gemini,

whats a good way to protect yourself?

[Susan]

Its been going on for years. The regular hackers and traders use another place to make contact - not going to say where. Stolen public announced passwords don't usually last long , depends how well you are prepared to detect them. Lots of trade goes on between guys who have already paid for memberships.


Guys using logins like steve / steve1234 don't help either, not all systems make a good test for bad password choice.

[Gemini]

They supposedly have software or scripts or something that will kill pw hackers by readingt he IP that keeps hitting the site. Hackers use different utilities that will hit your paysite with random access-pw codes and they run pretty fast.

The script or whatever senses that IP hitting say 50 times a minute with different attempts and locks out the IP. This may not be *exactly* correct in detail but its the general idea. lol

Wizdom probably knows the scripts that will do it if he'd cough them up.

[ldinternet]

Password Cop.

[Andy S]

Well, i was reading this pornoboard and this is what i figured out so far. They list the passwords to all kinds of sites, including voyerdorm, lolitasex, and so on but theres a trick here. The members area is packed with ads and blind links so if you think you're in a members are, you're not. Its a fake page with ads. Probably another way to promote yourself, you list a password to ur site and make a fake page with ads. Get traffic straight to your sponsors. Dont know how well it works though..

[Hypo]

Susan, why wont you say where? Any reason for protecting those hackers?

[ldinternet]

Andy S, you wouldn't be the guy from "Guru-O-Gif's Trix" would you?

[Susan]

Hypo

Me have reason to protect hackers hell no, have too much to lose from them. Just that people wander in here and I don't want to give them any ideas. I dont really agree with the posting of that BBS either, would prefer if the guy edit it out.

[Theo]

if i read right someone asked a password for private.amateurpages.com It seems that Lensman's sponsor is popular even on password boards :-0 By the way, this is the 1st day I'm promoting AP, i didn't know that they have such a variery of models :-)))

------------------
Great Money Makers! Top Sponsors

[TFCash]

Gemini =

another good prog to protect yourself is iprotect. It is actually built into apache, so it is running 24 x 7, and has no system overhead, so it won't slow down your site.


Tim

[Andy S]

ldinternet:

no, dont know why you assumed that..

I'm not a big guy, just making a lil $ on the side with this. I didnt mean to spam that board in any way by posting it. feel free to edit it out, just wanted to let webmasters know that its there and to watch out.

[Andy S]

hardcorehosting: i use iprot

[Gemini]

You'll have to email me info on how to access that HCH. Still trying to figure out htaccesses ability to black out a state in toto. One of our hosters doesn't seem to want to tell us and just refer us to apaches site, the jerks

[ldinternet]

Andy S,

Just that you mentioned that some sites make fake member areas, and I remember reading about it (a looooong time ago) at http://trix.sexswap.com/ which is owned by an Andy.

[Corpsie]

To protect yourself from people using hacked passwords.

1. watch your refferrer logs daily (that's how I can tell who hotlinks my images)
2. if you find the URL of a PW hack site, set up your .htaccess file to redirect http_reffers from that site to thousandsofpopups.html.

thousandsofpopups.html should be a page that just goes buttfucking crazy on the bad person's browser and crashes their system.

There are some urls you can forward to that will bring up the blue screen. I think one is
c:\com\com <-- yes, as in the hard drive directory. It will crash Windoze systems.

hopefully that helps.

[Mr Docter]

Quote:

Originally posted by Corpsie:
To protect yourself from people using hacked passwords.

1. watch your refferrer logs daily (that's how I can tell who hotlinks my images)
2. if you find the URL of a PW hack site, set up your .htaccess file to redirect http_reffers from that site to thousandsofpopups.html.

thousandsofpopups.html should be a page that just goes buttfucking crazy on the bad person's browser and crashes their system.

There are some urls you can forward to that will bring up the blue screen. I think one is
c:\com\com <-- yes, as in the hard drive directory. It will crash Windoze systems.

hopefully that helps.

I dont think that will help much. Most of those sights write the Url's down in text format. So the link whould have to be copy and pasted into a seperate browser.

Best thing you can do is get a good defence and be able to stop the rush of users from the bbs with the hack's before it really busts out..

[wolfshade]

Not intended to spam my url, but this type of thing can be turned into your advantage like this: http://www.resourcevault.com/pwd.html

Have fun

Wolfshade


------------------
Get paid per minute!
Dialerclopedia

[This message has been edited by wolfshade (edited 05-14-2001).]

[DarkJedi]

Best way to protect paysites:

1: use a password system that assigns random passes, like: user: steve pass: 38hd72fgh
2: use a program that bans IP (or proxy) after 3 bad retires.

thats it.


[This message has been edited by DarkJedi (edited 05-14-2001).]

[Animal]

I have been EATEN!

http://www.stormfront.org/forum/