Welcome, Guest. Please login or register.

Author Topic: Change your passwords  (Read 17119 times)

Description:

0 Members and 1 Guest are viewing this topic.

Offline orange

  • Hero Member
  • *****
  • Join Date: Dec 2003
  • Posts: 2794
    • Show only replies by orange
Re: Change your passwords
« Reply #14 on: January 14, 2012, 01:11:05 PM »
thank God its not Doomy, or this would have turned into amiga2000.org ! :D
Better sorry than worry.
 

Offline KarlosTopic starter

  • Sockologist
  • Global Moderator
  • Hero Member
  • *****
  • Join Date: Nov 2002
  • Posts: 16867
  • Country: gb
  • Thanked: 4 times
    • Show only replies by Karlos
Re: Change your passwords
« Reply #15 on: January 14, 2012, 01:18:25 PM »
All joking aside, this is a very serious issue.

The individual responsible has a tendency to change the email address associated with the account such that any attempts by the legitimate owner to request a new password will be in vain. Consequently, accounts that have been compromised will have their passwords and email addresses totally reset. The legitimate owners of any such account will have to contact us directly to have their email address restored. After which, they will be able to request a new password via the regular mechanism.

We are still investigating the possibility that this site was compromised directly though I so far nothing untoward has been spotted.
int p; // A
 

Offline Buzzfuzz

  • Sr. Member
  • ****
  • Join Date: Apr 2010
  • Posts: 377
    • Show only replies by Buzzfuzz
Re: Change your passwords
« Reply #16 on: January 14, 2012, 01:31:03 PM »
My EAB account is gone, so I have changed them all so far.
I must point out that EAB's VB version is pretty out dated, so maybe it started their.
Wishlist: A3500, A2500UX
 

Offline ChaosLord

  • Hero Member
  • *****
  • Join Date: Nov 2003
  • Posts: 2608
    • Show only replies by ChaosLord
    • http://totalchaoseng.dbv.pl/news.php
Re: Change your passwords
« Reply #17 on: January 14, 2012, 01:49:57 PM »
I was on Amiga.org then went to write an email then pressed the back button and got this:





Internal Server Error

 The server encountered an internal error or misconfiguration and was unable to complete your request.
 Please contact the server administrator,  webmaster@amiga.org and inform them of the time the error occurred, and anything you might have done that may have caused the error.
 More information about this error may be available in the server error log.
 Additionally, a 404 Not Found error was encountered while trying to use an ErrorDocument to handle the request.
  Apache mod_qos/9.69 mod_fcgid/2.3.6 mod_auth_passthrough/2.1  mod_bwlimited/1.4 FrontPage/5.0.2.2635 Server at www.amiga.org Port 80
Wanna try a wonderfull strategy game with lots of handdrawn anims,
Magic Spells and Monsters, Incredible playability and lastability,
English speech, etc. Total Chaos AGA
 

Offline KarlosTopic starter

  • Sockologist
  • Global Moderator
  • Hero Member
  • *****
  • Join Date: Nov 2002
  • Posts: 16867
  • Country: gb
  • Thanked: 4 times
    • Show only replies by Karlos
Re: Change your passwords
« Reply #18 on: January 14, 2012, 01:59:38 PM »
That could be down to load. I've just been recursively checksumming all the files on the site against their last known state. It's an expensive operation.
int p; // A
 

Offline Matt_H

Re: Change your passwords
« Reply #19 on: January 14, 2012, 03:53:30 PM »
Quote from: Karlos;675735
:lol:

For those not following, see: http://bash.org/?244321


Very funny, thanks :)
 

Offline Matt_H

Re: Change your passwords
« Reply #20 on: January 14, 2012, 03:58:03 PM »
Quote from: Karlos;675751
We are still investigating the possibility that this site was compromised directly though I so far nothing untoward has been spotted.


Maybe it was an inside job! Cue the melodramatic music and unusual zoom-in effects! :lol:
 

Offline Buzzfuzz

  • Sr. Member
  • ****
  • Join Date: Apr 2010
  • Posts: 377
    • Show only replies by Buzzfuzz
Re: Change your passwords
« Reply #21 on: January 14, 2012, 04:07:45 PM »
No I don't think so, seeing my EAB account is hacked and not here and also not on Amibay, I guess it started their.
 
Quote from: Matt_H;675769
Maybe it was an inside job! Cue the melodramatic music and unusual zoom-in effects! :lol:
Wishlist: A3500, A2500UX
 

Offline number6

Re: Change your passwords
« Reply #22 on: January 14, 2012, 04:32:50 PM »
Quote from: Buzzfuzz;675771
No I don't think so, seeing my EAB account is hacked and not here and also not on Amibay, I guess it started their.



Recently? And with similar wording?

#6
 

Offline Buzzfuzz

  • Sr. Member
  • ****
  • Join Date: Apr 2010
  • Posts: 377
    • Show only replies by Buzzfuzz
Re: Change your passwords
« Reply #23 on: January 14, 2012, 05:20:59 PM »
Yep, AmiNeo is also hacked, he can't get in either, post count is also on n/a, just like me.
 
Quote from: number6;675773
Recently? And with similar wording?
 
#6
Wishlist: A3500, A2500UX
 

Offline Iggy

  • Hero Member
  • *****
  • Join Date: Aug 2009
  • Posts: 5348
    • Show only replies by Iggy
Re: Change your passwords
« Reply #24 on: January 14, 2012, 05:41:08 PM »
Thank you Karlos.
Done.
 
Who the hell attacks Amiga sites?
"Not making any hard and fast rules means that the moderators can use their good judgment in moderation, and we think the results speak for themselves." - Amiga.org, terms of service

"You, got to stem the evil tide, and keep it on the the inside" - Rogers Waters

"God was never on your side" - Lemmy

Amiga! "Our appeal has become more selective"
 

Offline Matt_H

Re: Change your passwords
« Reply #25 on: January 14, 2012, 05:45:00 PM »
Quote from: bbond007;675707
Who is trying to hack Amiga sites anyway? Atari ST users?


No, unfortunately this is most likely one of our own homegrown nutcases.
 

Offline Buzzfuzz

  • Sr. Member
  • ****
  • Join Date: Apr 2010
  • Posts: 377
    • Show only replies by Buzzfuzz
Re: Change your passwords
« Reply #26 on: January 14, 2012, 06:10:07 PM »
You might want to turn on your log functions, although it gives quite a load, this would show anything suspicious.
 
Quote from: Karlos;675751
All joking aside, this is a very serious issue.
 
We are still investigating the possibility that this site was compromised directly though I so far nothing untoward has been spotted.
Wishlist: A3500, A2500UX
 

Offline Zac67

  • Hero Member
  • *****
  • Join Date: Nov 2004
  • Posts: 2890
    • Show only replies by Zac67
Re: Change your passwords
« Reply #27 on: January 14, 2012, 06:20:27 PM »
I hope a.org doesn't store the password hashes unsalted? Reasonably salted hashes are next to impossible to crack (reverse).
 

Offline KarlosTopic starter

  • Sockologist
  • Global Moderator
  • Hero Member
  • *****
  • Join Date: Nov 2002
  • Posts: 16867
  • Country: gb
  • Thanked: 4 times
    • Show only replies by Karlos
Re: Change your passwords
« Reply #28 on: January 14, 2012, 06:25:10 PM »
Quote from: Zac67;675781
I hope a.org doesn't store the password hashes unsalted? Reasonably salted hashes are next to impossible to crack (reverse).

We're using a salted hashing algorithm for passwords.
int p; // A
 

Offline Buzzfuzz

  • Sr. Member
  • ****
  • Join Date: Apr 2010
  • Posts: 377
    • Show only replies by Buzzfuzz
Re: Change your passwords
« Reply #29 from previous page: January 14, 2012, 06:27:31 PM »
VB doesn't anyway, they are salted MD5, unless your not up to date with patches that have security issues.
 
Quote from: Zac67;675781
I hope a.org doesn't store the password hashes unsalted? Reasonably salted hashes are next to impossible to crack (reverse).
Wishlist: A3500, A2500UX