GoFuckYourself.com - Adult Webmaster Forum

GoFuckYourself.com - Adult Webmaster Forum (https://gfy.com/index.php)
-   Fucking Around & Business Discussion (https://gfy.com/forumdisplay.php?f=26)
-   -   HELP: Pennywize blocked over 45 members today!!! (https://gfy.com/showthread.php?t=544383)

mrgica 11-25-2005 08:42 AM
HELP: Pennywize blocked over 45 members today!!!
 
Today I received over 45 emails from pennywize, about blocked accounts to my paysite...every account got blocked after 4-5 different subnets was used on the same account.

My best guess right now is that someone stole my password file from my server...what can I do? Help...

I don't know how to stop it....

Screenshot: http://img376.imageshack.us/my.php?image=fuck7ei.jpg

JoeMeca 11-25-2005 10:12 AM
damn yes you need some help!

OneHungLo 11-25-2005 10:28 AM
ahh man thats what a hate about pennywize...

Did you just install it? How long have you been using pennywize? To fix that just bump the subnets up a bit.

OneHungLo 11-25-2005 10:29 AM
also it's probably aol users... they can go thru 2 -10 subnets in a session.

Libertine 11-25-2005 10:31 AM
Quote:
Originally Posted by OneHungLo
ahh man thats what a hate about pennywize...

Did you just install it? How long have you been using pennywize? To fix that just bump the subnets up a bit.
It now becomes clear why exploitedteens.com was always a big favourite on password sites :winkwink:

mrgica 11-25-2005 10:46 AM
Quote:
Originally Posted by OneHungLo
also it's probably aol users... they can go thru 2 -10 subnets in a session.
its not aol users...I have been using pennywize for a couple of months now and it usually blocks 1-2 accounts per day...
besides subnets are completely different and comes from different countries...

Tanker 11-25-2005 10:48 AM
I set my threshhold to 10 subnets and just watch them very carefully

Tanker 11-25-2005 10:49 AM
It's pretty easy to tell which ones get out

mrgica 11-25-2005 10:50 AM
I don't see any solution on this problem, I just have to wait a couple of days or weeks until its over.
And deal with my angry members....

But how can I protect the password file better? To avoid this in the future?

mrgica 11-25-2005 10:52 AM
Quote:
Originally Posted by Tanker
It's pretty easy to tell which ones get out
all of those accounts logged in with different subnets and from different countries.
The problem here is that someone stole/hacked my password file on the server and past the whole list on some forum or something..

SmokeyTheBear 11-25-2005 10:54 AM
Quote:
Originally Posted by mrgica
But how can I protect the password file better? To avoid this in the future?
Find out who took it and poke large holes in him with an icepick until he promises never to use a computer again :)

mrgica 11-25-2005 10:56 AM
Quote:
Originally Posted by SmokeyTheBear
Find out who took it and poke large holes in him with an icepick until he promises never to use a computer again :)
:evil-laug

Libertine 11-25-2005 11:04 AM
Quote:
Originally Posted by mrgica
I don't see any solution on this problem, I just have to wait a couple of days or weeks until its over.
And deal with my angry members....

But how can I protect the password file better? To avoid this in the future?
Here's a step by step list of what to do:

1. Make sure your server hasn't been hacked. If it has been, fix the problem.
2. Make sure your password file isn't accessible. Check for (known?) security issues with any scripts you are using, and implement any common sense security measures you haven't implemented yet (e.g. placing your password file in a directory that isn't web-accessible, etc.)
3. Start checking signups and existing username/password combos against common wordlists. Respectively, change them and stop allowing them.
4. If the problem doesn't stop... (this will hurt) get all your members to change their passwords.
5. Try and make unhappy hacked members happy again by giving them a free week of access or whatever.

mrgica 11-25-2005 11:28 AM
Quote:
Originally Posted by punkworld
Here's a step by step list of what to do:

1. Make sure your server hasn't been hacked. If it has been, fix the problem.
2. Make sure your password file isn't accessible. Check for (known?) security issues with any scripts you are using, and implement any common sense security measures you haven't implemented yet (e.g. placing your password file in a directory that isn't web-accessible, etc.)
3. Start checking signups and existing username/password combos against common wordlists. Respectively, change them and stop allowing them.
4. If the problem doesn't stop... (this will hurt) get all your members to change their passwords.
5. Try and make unhappy hacked members happy again by giving them a free week of access or whatever.
Thanks man, much appreciated. :thumbsup

onlytease 11-25-2005 01:48 PM
also a good idea to stop letting members chose their own login and password (if you do) and let CCBill generate a random one - presuming you are using ccbill

Dalai lama 11-25-2005 01:51 PM
get strongboxxx :thumbsup

John69 11-25-2005 02:05 PM
get strong box

HairToStay 11-25-2005 03:12 PM
If the password file was stolen -- what processor do you use? Shared or dedicated server? Up-to-date php software? phpBB running on the box?

Check server logs to see specifically what files were accessed, and how.


All times are GMT -7. The time now is 01:15 PM.

Powered by vBulletin® Version 3.8.8
Copyright ©2000 - 2025, vBulletin Solutions, Inc.
©2000-, AI Media Network Inc123