DNF is back!

[Chelsea]

When I just logged in I was told that my password had expired (some 13000 days).

I therefor had no chance but changing it as I could not to to any other site of DNForum, always came back to the "your password has expired site".

Can anybody please confirm that this is correct???????

[typist]

it's ok, don't worry.

[Adam Dicker]

Ok, I just arrived back from Traffic in Ft. Lauderdale.

It was a long week.

All passwords were set to force people to change them within 5 days.

The VB database was not ever comprimised or accessible to the wrong hands.

Give me a few days to get things back to normal.

-=DCG=-

[Luke]

Thanks for info ...

[Provider]

I worked for one of the largest Canadian security company for 5 years, and my full time job was testing firewalls. Basically I had to hack personal desktop firewalls, compare them, and present result. I know some things about security and I wanted to give you
some input here.
As we all saw few days ago DNForum was taken down/hacked call it anything you want.
For online community like ours it is a very bad thing that the forum was hacked, our
personal information was compromised. What most of the people don’t realize is that
it is actually very good that the site was defaced, and I will explain you in more detail why it is very very good that defacing of the site actually occurred without going into details how it was done.
When actual unauthorized activity happens and a bad guy has access to your server there are three scenarios that apply:

a. Hacker keeps low profile - he will have access to all the information on the server including private records, this information will be used against the users. hacker wants to gain as much as possible information in order to use this information for as long as possible to his advantage. Hacker will never try to give any hint that he is actually present on the server, he doesn’t want anybody to know that he is present

b. Hacker accesses the server, and instead of keeping low profile this person announces to the world that he exists by destroying information

c. Combination of a and b – hacker kept low profile for some time, he has information
and all the records downloaded to his storage device, and now he is loosing control of the
future malicious activity by choosing to announce to the world his existence by defacing the site.

We all witnessed that DNforum.com was defaced 2 days ago. At this point we don’t know for sure, and may never know what scenario applies to this particular malicious case. At this point we are very lucky that scenario A doesn’t apply to dnforum.com. Scenario A is very dangerous, because the guy could have our records and passwords for a very long time and we would never know about that activity because he would never deface the site.

When hackers deface the site is good because it gives 100% indication to the site management that unauthorized access actually took place. After defacing administrators reinstall all the software, and check all security settings. At this point everyone 100% sure that there is no parts of the server compromised and organization can start operations.

My understanding that we have case b here, which is the best, but I might be wrong and hacker might have our records. If this is the case we will hear pretty soon about hacked paypal, and registrar accounts. In any case we all have to go and change our passwords. Adam says that non of the DB files were accessed.

[Domagon]

If the forum database was never compremised, then why the sudden forced password change?

Lets be honest here ... the database could have in part or as a whole been compremised; the hacker could have run queries against the db as opposed to trying to copy it as a whole, the former being difficult to ever determine.

With that said, in all likelyhood, you're right, but to say all data is secure and no need to worry is a bit overstating it ... heck, yesterday it came out that at least one file left by the hacker was still on here after the "recovery" ... not reassuring.

Anyways, it's great to see DNForum running again.

Ron

[Johnn]

I don't think anyone would know for sure that if the database was comrpomised or not. The only person would know is the hacker.

[Provider]

I am not sure, I don't have any server logs to see. Changing password is a good idea. I think any hacker will attempt to save same data. The biggest mistake of users is using the same password for many online resources.
We will see pretty soon if the db was actually compromised

[denny007]

As per "Provider's" post: we don't know if a.) actually happened. This guy was threatening hacking DNF more than one year ago. So either he is lame and had to wait for some exploit for long OR he is good and scenario a.) was happening in past year.

Actually writing this I am remembering some strange thing happenning - like admins terminated some scammers account and second day he was back as an exclusive. And probably happened many more things which nobody found out or made public...

[Provider]

Denny, i agree with you. He could inflict so much more damage by keeping low profile, but it is possible that he was connected to the database for a long time prior to defacing the site. The good thing about it is that it finally over. DNforum probably has some tech people that take care of the logs and monitor activity.

[JMJ]

He didn't threaten he took DNF offline back then from what I remember. Aswell as Namepros and a few others. It seems to happen when there is a rash of stolen names floating around and he/they get caught selling them on the boards. If I had my guess I would say he/they were involved somehow with the social.com deal. The big payoff got screwed and he/they got ticked off.

[David G]

Ok, I just arrived back from Traffic in Ft. Lauderdale.

It was a long week.

All passwords were set to force people to change them within 5 days.

The VB database was not ever comprimised or accessible to the wrong hands.

Give me a few days to get things back to normal.

-=DCG=-

I can see why you had a very tough week.

I changed my paswrd when asked but every time I visit since then the cookies are not working, requiring usrname/paswrd to be renentered each visit.

[JMJ]

but every time I visit since then the cookies are not working, requiring usrname/paswrd to be renentered each visit.

It's been doing this to me for weeks now.

[denny007]

He didn't threaten he took DNF offline

When was DNjournal hacked last year there was text there: "if do not stopping reports domain hijackers , i will hack dnforum.com too"
http://www.threadwatch.org/node/3665

[JMJ]

Yeah but I'm pretty sure he made through with his threat but may be mistaken. I know he took down this one, NP, or both. But it's been awhile and my memory isn't what it use to be..

[ColdGin]

Happy that everything is going back to normal..

I still don´t understand the part of Adam ´that the hacker has part of helping the site going back to normal´...can anyone explain that part for me? thanks....

[dewd]

maby the hacker was lookin at the DNF bank? heh

[Domagon]

ColdGin- I missed that comment before ... wow, that certainly explains a few things.

DCG wrote:
"The person who was responsible for bringing the forum down was also instrumental in helping us bring it back up. We have learned a lot from this experience."

And reaffirms what some thought based on various events including the deletion of a select thread, and then the entire removal (currently hidden read-only) of the Legal section - DNF and the hacker (cracker) made a deal - yikes!

That pretty much shoots the credibility of this site ...

With that said, DNF will continue to be useful and worthwhile to visit, but over time people, including myself, will be very wary of what they discuss here unless DNF chooses to stand up to the hacker (cracker) ...

I honestly don't expect DNF to do that because they will need to spend a lot more on security and hire some outside security professionals to secure things properly; change Hosting / network provider to a more managed solution than what DNF has now - costs much more, but is well worth it when things go wrong.

Sure hope this all works out for DNF - on the bright side, it's nice to read in another thread that DNF has removed the linking censorship for NamePros.com - we need to work together ... that will grow DNF and help the overall business grow

Ron

[elearningtoys]

it was really odd to come and it was not here! glad it is back!

[malmar2]

And reaffirms what some thought based on various events including the deletion of a select thread, and then the entire removal (currently hidden read-only) of the Legal section - DNF and the hacker (cracker) made a deal - yikes!

That's a big mistake if true and not just from a credibility view point.

The reason why Governments don't give in to hostage/terrorist demands is if they give in just once they then get targeted by every nutter on the planet with a grievance. In this case it's the legal forum, what will be next?:greensigh: