DNForum - Domain Sales, Domain Forum, Domain Appraisals, Domain Registrars
HomeRegisterMembershipsGetting StartedDomain Tools Domain EbooksSEO Software Domain Resellers Advertise

Go Back   DNForum - Domain Sales, Domain Forum, Domain Appraisals, Domain Registrars > Domain News, Beginners Guides and Legal Stuff! > Domain Name News
Register Search Today's Posts Mark Forums Read

Closed Thread
 
LinkBack Thread Tools Display Modes
Old 10-28-2006, 03:46 AM   #81 (permalink)
Platinum Lifetime Member
 
Chelsea's Avatar
 
Last Online: 09-23-2009 12:09 PM
iTrader: (26)
Join Date: Jan 2003
Posts: 821
DNF$: 279
Location: Lower Saxony
Country:


Re: DNF is back!

When I just logged in I was told that my password had expired (some 13000 days).

I therefor had no chance but changing it as I could not to to any other site of DNForum, always came back to the "your password has expired site".

Can anybody please confirm that this is correct???????
__________________
JJH.EU - DAA.MOBI - KOA.EU ... Make offer ...
Chelsea is offline  
Sponsored Ads
Old 10-28-2006, 03:49 AM   #82 (permalink)
Platinum Lifetime Member
 
typist's Avatar
 
Last Online: 03-20-2009 08:02 AM
iTrader: (10)
Join Date: Mar 2006
Posts: 987
DNF$: 2,067
Location: Vienna
Country:


Re: DNF is back!

it's ok, don't worry.
__________________
always buying domains with type-in traffic. all tlds.
typist is offline  
Old 10-28-2006, 09:49 AM   #83 (permalink)
Administrator
 
DotComGod's Avatar
 
Name: Adam Dicker
Last Online: Yesterday 09:07 PM
iTrader: (39)
Join Date: Feb 2003
Posts: 10,765
DNF$: 4,589,587
Location: Toronto, Canada
Country:

Send a message via MSN to DotComGod

Re: DNF is back!

Ok, I just arrived back from Traffic in Ft. Lauderdale.

It was a long week.

All passwords were set to force people to change them within 5 days.

The VB database was not ever comprimised or accessible to the wrong hands.

Give me a few days to get things back to normal.

-=DCG=-
__________________
sm.com - Sports Maniacs!
The Ultimate Sports Website!
Official Launch December 1st, 2009
DotComGod is offline  
Old 10-28-2006, 10:32 AM   #84 (permalink)
Exclusive Lifetime Member
 
Luke4u's Avatar
 
Last Online: Yesterday 12:42 PM
iTrader: (10)
Join Date: Sep 2006
Posts: 275
DNF$: 116
Location: EU
Country:


Re: DNF is back!

Thanks for info ...
__________________
Luke4u is offline  
Old 10-28-2006, 10:45 AM   #85 (permalink)
Exclusive Lifetime Member
 
Provider's Avatar
 
Last Online: Yesterday 12:20 PM
iTrader: (81)
Join Date: Jan 2005
Posts: 2,192
DNF$: 13,469


Re: DNF is back!

I worked for one of the largest Canadian security company for 5 years, and my full time job was testing firewalls. Basically I had to hack personal desktop firewalls, compare them, and present result. I know some things about security and I wanted to give you
some input here.
As we all saw few days ago DNForum was taken down/hacked call it anything you want.
For online community like ours it is a very bad thing that the forum was hacked, our
personal information was compromised. What most of the people don’t realize is that
it is actually very good that the site was defaced, and I will explain you in more detail why it is very very good that defacing of the site actually occurred without going into details how it was done.
When actual unauthorized activity happens and a bad guy has access to your server there are three scenarios that apply:

a. Hacker keeps low profile - he will have access to all the information on the server including private records, this information will be used against the users. hacker wants to gain as much as possible information in order to use this information for as long as possible to his advantage. Hacker will never try to give any hint that he is actually present on the server, he doesn’t want anybody to know that he is present

b. Hacker accesses the server, and instead of keeping low profile this person announces to the world that he exists by destroying information

c. Combination of a and b – hacker kept low profile for some time, he has information
and all the records downloaded to his storage device, and now he is loosing control of the
future malicious activity by choosing to announce to the world his existence by defacing the site.

We all witnessed that DNforum.com was defaced 2 days ago. At this point we don’t know for sure, and may never know what scenario applies to this particular malicious case. At this point we are very lucky that scenario A doesn’t apply to dnforum.com. Scenario A is very dangerous, because the guy could have our records and passwords for a very long time and we would never know about that activity because he would never deface the site.

When hackers deface the site is good because it gives 100% indication to the site management that unauthorized access actually took place. After defacing administrators reinstall all the software, and check all security settings. At this point everyone 100% sure that there is no parts of the server compromised and organization can start operations.

My understanding that we have case b here, which is the best, but I might be wrong and hacker might have our records. If this is the case we will hear pretty soon about hacked paypal, and registrar accounts. In any case we all have to go and change our passwords. Adam says that non of the DB files were accessed.
Provider is offline  
Old 10-28-2006, 10:47 AM   #86 (permalink)
DNF Addict
 
Domagon's Avatar
 
Name: Ron Bennett
Last Online: 07-14-2009 02:31 PM
iTrader: (26)
Join Date: Oct 2003
Posts: 1,372
DNF$: 7,978
Location: Wyomissing, PA
Country:


Re: DNF is back!

If the forum database was never compremised, then why the sudden forced password change?

Lets be honest here ... the database could have in part or as a whole been compremised; the hacker could have run queries against the db as opposed to trying to copy it as a whole, the former being difficult to ever determine.

With that said, in all likelyhood, you're right, but to say all data is secure and no need to worry is a bit overstating it ... heck, yesterday it came out that at least one file left by the hacker was still on here after the "recovery" ... not reassuring.

Anyways, it's great to see DNForum running again.

Ron
__________________
Domagon Consulting Services - Business Help and Problem Solving
SeedCash.com - sow those economic green shoots. Make An Offer!
Domagon is offline  
Old 10-28-2006, 10:52 AM   #87 (permalink)
NameIntell.com
 
Johnn's Avatar
 
Last Online: Yesterday 10:49 PM
iTrader: (326)
Join Date: Apr 2004
Posts: 11,606
DNF$: 41,853
Location: Pennsylvania
Country:



Re: DNF is back!

I don't think anyone would know for sure that if the database was comrpomised or not. The only person would know is the hacker.
Johnn is offline  
Old 10-28-2006, 10:52 AM   #88 (permalink)
Exclusive Lifetime Member
 
Provider's Avatar
 
Last Online: Yesterday 12:20 PM
iTrader: (81)
Join Date: Jan 2005
Posts: 2,192
DNF$: 13,469


Re: DNF is back!

I am not sure, I don't have any server logs to see. Changing password is a good idea. I think any hacker will attempt to save same data. The biggest mistake of users is using the same password for many online resources.
We will see pretty soon if the db was actually compromised
Provider is offline  
Old 10-28-2006, 10:56 AM   #89 (permalink)
Platinum Lifetime Member
 
denny007's Avatar
 
Last Online: Yesterday 02:06 PM
iTrader: (40)
Join Date: Oct 2004
Posts: 3,445
DNF$: 10,356
Country:


Re: DNF is back!

As per "Provider's" post: we don't know if a.) actually happened. This guy was threatening hacking DNF more than one year ago. So either he is lame and had to wait for some exploit for long OR he is good and scenario a.) was happening in past year.

Actually writing this I am remembering some strange thing happenning - like admins terminated some scammers account and second day he was back as an exclusive. And probably happened many more things which nobody found out or made public...
__________________
I have PM disabled. You can email me: denny startseek com
ThankYouDHL.com
denny007 is offline  
Old 10-28-2006, 11:01 AM   #90 (permalink)
Exclusive Lifetime Member
 
Provider's Avatar
 
Last Online: Yesterday 12:20 PM
iTrader: (81)
Join Date: Jan 2005
Posts: 2,192
DNF$: 13,469


Re: DNF is back!

Denny, i agree with you. He could inflict so much more damage by keeping low profile, but it is possible that he was connected to the database for a long time prior to defacing the site. The good thing about it is that it finally over. DNforum probably has some tech people that take care of the logs and monitor activity.
Provider is offline  
Old 10-28-2006, 11:21 AM   #91 (permalink)
JMJ
DNF Addict
No Avatar
 
Name: John J.
Last Online: Yesterday 06:05 PM
iTrader: (74)
Join Date: Feb 2003
Posts: 3,332
DNF$: 4,424
Location: Neither here nor there
Country:


Re: DNF is back!

He didn't threaten he took DNF offline back then from what I remember. Aswell as Namepros and a few others. It seems to happen when there is a rash of stolen names floating around and he/they get caught selling them on the boards. If I had my guess I would say he/they were involved somehow with the social.com deal. The big payoff got screwed and he/they got ticked off.
__________________
"No tyranny is so irksome as petty tyranny: the officious demands of policemen, government clerks, and electromechanical gadgets." - Edward Abbey

Last edited by NameMogul.com; 10-28-2006 at 11:32 AM..
JMJ is offline  
Old 10-28-2006, 11:30 AM   #92 (permalink)
David
No Avatar
 
Last Online: Today 02:37 AM
iTrader: (78)
Join Date: Apr 2002
Posts: 4,691
DNF$: 9,495


Re: DNF is back!

Quote:
Originally Posted by DotComGod View Post
Ok, I just arrived back from Traffic in Ft. Lauderdale.

It was a long week.

All passwords were set to force people to change them within 5 days.

The VB database was not ever comprimised or accessible to the wrong hands.

Give me a few days to get things back to normal.

-=DCG=-

I can see why you had a very tough week.

I changed my paswrd when asked but every time I visit since then the cookies are not working, requiring usrname/paswrd to be renentered each visit.
trader is online now  
Old 10-28-2006, 11:36 AM   #93 (permalink)
JMJ
DNF Addict
No Avatar
 
Name: John J.
Last Online: Yesterday 06:05 PM
iTrader: (74)
Join Date: Feb 2003
Posts: 3,332
DNF$: 4,424
Location: Neither here nor there
Country:


Re: DNF is back!

Quote:
Originally Posted by trader View Post
but every time I visit since then the cookies are not working, requiring usrname/paswrd to be renentered each visit.
It's been doing this to me for weeks now.
__________________
"No tyranny is so irksome as petty tyranny: the officious demands of policemen, government clerks, and electromechanical gadgets." - Edward Abbey
JMJ is offline  
Old 10-28-2006, 11:41 AM   #94 (permalink)
Platinum Lifetime Member
 
denny007's Avatar
 
Last Online: Yesterday 02:06 PM
iTrader: (40)
Join Date: Oct 2004
Posts: 3,445
DNF$: 10,356
Country:


Re: DNF is back!

Quote:
Originally Posted by NameMogul.com View Post
He didn't threaten he took DNF offline
When was DNjournal hacked last year there was text there: "if do not stopping reports domain hijackers , i will hack dnforum.com too"
http://www.threadwatch.org/node/3665
__________________
I have PM disabled. You can email me: denny startseek com
ThankYouDHL.com
denny007 is offline  
Old 10-28-2006, 11:45 AM   #95 (permalink)
JMJ
DNF Addict
No Avatar
 
Name: John J.
Last Online: Yesterday 06:05 PM
iTrader: (74)
Join Date: Feb 2003
Posts: 3,332
DNF$: 4,424
Location: Neither here nor there
Country:


Re: DNF is back!

Yeah but I'm pretty sure he made through with his threat but may be mistaken. I know he took down this one, NP, or both. But it's been awhile and my memory isn't what it use to be..
__________________
"No tyranny is so irksome as petty tyranny: the officious demands of policemen, government clerks, and electromechanical gadgets." - Edward Abbey
JMJ is offline  
Old 10-28-2006, 02:46 PM   #96 (permalink)
Platinum Lifetime Member
 
ColdGin's Avatar
 
Name: Daniel
Last Online: 09-08-2009 09:26 AM
iTrader: (23)
Join Date: May 2006
Posts: 1,657
DNF$: 2,568
Location: NoWayOut
Country:

Send a message via MSN to ColdGin Send a message via Skype™ to ColdGin

Re: DNF is back!

Happy that everything is going back to normal..

I still don´t understand the part of Adam ´that the hacker has part of helping the site going back to normal´...can anyone explain that part for me? thanks....
__________________
Baby Wipes Israel Maps
"It´s better to keep your mouth closed and let people think you are a fool than open it and remove all doubt" Mark Twain
ColdGin is offline  
Old 10-28-2006, 05:59 PM   #97 (permalink)
Platinum Lifetime Member
 
dewd's Avatar
 
Last Online: 11-13-2009 12:24 AM
iTrader: (10)
Join Date: Mar 2005
Posts: 249
DNF$: 0
Location: Canada


Re: DNF is back!

maby the hacker was lookin at the DNF bank? heh
dewd is offline  
Old 10-28-2006, 10:31 PM   #98 (permalink)
DNF Addict
 
Domagon's Avatar
 
Name: Ron Bennett
Last Online: 07-14-2009 02:31 PM
iTrader: (26)
Join Date: Oct 2003
Posts: 1,372
DNF$: 7,978
Location: Wyomissing, PA
Country:


Re: DNF is back!

ColdGin- I missed that comment before ... wow, that certainly explains a few things.

Quote:
DCG wrote:
"The person who was responsible for bringing the forum down was also instrumental in helping us bring it back up. We have learned a lot from this experience."
And reaffirms what some thought based on various events including the deletion of a select thread, and then the entire removal (currently hidden read-only) of the Legal section - DNF and the hacker (cracker) made a deal - yikes!

That pretty much shoots the credibility of this site ...

With that said, DNF will continue to be useful and worthwhile to visit, but over time people, including myself, will be very wary of what they discuss here unless DNF chooses to stand up to the hacker (cracker) ...

I honestly don't expect DNF to do that because they will need to spend a lot more on security and hire some outside security professionals to secure things properly; change hosting / network provider to a more managed solution than what DNF has now - costs much more, but is well worth it when things go wrong.

Sure hope this all works out for DNF - on the bright side, it's nice to read in another thread that DNF has removed the linking censorship for NamePros.com - we need to work together ... that will grow DNF and help the overall business grow

Ron
__________________
Domagon Consulting Services - Business Help and Problem Solving
SeedCash.com - sow those economic green shoots. Make An Offer!
Domagon is offline  
Old 10-28-2006, 10:37 PM   #99 (permalink)
Platinum Lifetime Member
 
elearningtoys's Avatar
 
Name: Anne
Last Online: 05-27-2009 01:54 PM
iTrader: (2)
Join Date: Jan 2005
Posts: 252
DNF$: 7,611
Location: Calgary, AB Canada
Country:

Send a message via AIM to elearningtoys Send a message via MSN to elearningtoys

Re: DNF is back!

it was really odd to come and it was not here! glad it is back!
__________________
Toys on Sale - 70% off
elearningtoys is offline  
Old 10-29-2006, 05:23 AM   #100 (permalink)
Platinum Lifetime Member
No Avatar
 
Last Online: 11-15-2009 09:47 AM
iTrader: (9)
Join Date: Feb 2004
Posts: 223
DNF$: 953


Re: DNF is back!

Quote:
Originally Posted by Domagon View Post
And reaffirms what some thought based on various events including the deletion of a select thread, and then the entire removal (currently hidden read-only) of the Legal section - DNF and the hacker (cracker) made a deal - yikes!
That's a big mistake if true and not just from a credibility view point.

The reason why Governments don't give in to hostage/terrorist demands is if they give in just once they then get targeted by every nutter on the planet with a grievance. In this case it's the legal forum, what will be next?:greensigh:
malmar2 is offline  
Closed Thread


Currently Active Users Viewing This Thread: 1 (0 members and 1 guests)
 
Thread Tools
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off
Trackbacks are On
Pingbacks are On
Refbacks are On


Similar Threads
Thread Thread Starter Forum Replies Last Post
NameMob.com DNF 2.99 a mo Expirepro Advertising and Related Offers 0 07-19-2005 02:16 AM
Hosting Packages for DNF BCata DNF$ Sales/Domain Auctions 7 03-08-2005 01:37 PM
Hosting for DNF BCata DNF$ Sales/Domain Auctions 0 02-23-2005 10:40 AM
The Big DNF $ Fraud !!Resolution!! Latic Gold Cafe 18 03-06-2004 09:27 AM
Quick Answer DNF room system0 Suggestions and Feedback 3 12-11-2002 07:50 PM


All times are GMT -5. The time now is 02:39 AM.
Copyright @2001-2009 DNForum.com