Court case against my hackers.

Status
Not open for further replies.
WoodiE said:
No I'm sorry I'm not a hacking expert. Though I'm guessing by your comical reply that YOU are? haha

I'll leave this thread alone as I think I see where it's going now, especially being on a XF forum. Though I will say, it's much much easier to blame the "other guy" then to blame ourselves. It's the "other guys" fault for you not having secure passwords, for not securing your website, keeping your server hardened and uptodate.

The fact is there are thousands if not hundred of thousands of sites that use MD5 hashing in their logins. If this was so incredibly easy than they all would be hacked - but the fact is they aren't. The "script kiddies" have to get your hash somehow or another. The fact they got it, if that's how they even did it in the first place, shows the lack of security.

Anyways - glad to hear justice prevailed. Have a good day!
Click to expand...


I can't tell if this is an intentional attempt to troll or just ignorance?
 
WoodiE said:
No I'm sorry I'm not a hacking expert. Though I'm guessing by your comical reply that YOU are? haha

I'll leave this thread alone as I think I see where it's going now, especially being on a XF forum. Though I will say, it's much much easier to blame the "other guy" then to blame ourselves. It's the "other guys" fault for you not having secure passwords, for not securing your website, keeping your server hardened and uptodate.

The fact is there are thousands if not hundred of thousands of sites that use MD5 hashing in their logins. If this was so incredibly easy than they all would be hacked - but the fact is they aren't. The "script kiddies" have to get your hash somehow or another. The fact they got it, if that's how they even did it in the first place, shows the lack of security.

Anyways - glad to hear justice prevailed. Have a good day!
Click to expand...
Umm it is easy to crack them? People don't use them much anymore? People who use them assume no one with knowledge of how to use them will ever get a hold of them. I hope I haven't just fallen for a troll :/
 
WoodiE said:
No I'm sorry I'm not a hacking expert. Though I'm guessing by your comical reply that YOU are? haha

I'll leave this thread alone as I think I see where it's going now, especially being on a XF forum. Though I will say, it's much much easier to blame the "other guy" then to blame ourselves. It's the "other guys" fault for you not having secure passwords, for not securing your website, keeping your server hardened and uptodate.

The fact is there are thousands if not hundred of thousands of sites that use MD5 hashing in their logins. If this was so incredibly easy than they all would be hacked - but the fact is they aren't. The "script kiddies" have to get your hash somehow or another. The fact they got it, if that's how they even did it in the first place, shows the lack of security.

Anyways - glad to hear justice prevailed. Have a good day!
Click to expand...

There are such things as "rainbow tables" out there that can literally axe cut finding passwords down from hours to minutes, if not seconds :)
 
Slavik said:
Looks like something pissed them off,

They are currently ddosing the site :rolleyes:
Click to expand...
Should get the court to award you the costs of one of these: http://www.intruguard.com/IntruGuard-product-models-comparison.html :)

We have one and have been quite happy with it. Not a single DDoS attempt has been able to even slow down our site since we put it in place (it used to be quite common for us).

Events are the number of "attacks"... Some things like URL denied are like script kiddies hitting random URLs on our servers looking for exploits in installed software.

Image%202012.03.08%204:48:39%20PM.png


Simply drops packets into nothingness before they get to our equipment or servers.
 
digitalpoint said:
Should get the court to award you the costs of one of these: http://www.intruguard.com/IntruGuard-product-models-comparison.html :)

We have one and have been quite happy with it. Not a single DDoS attempt has been able to even slow down our site since we put it in place (it used to be quite common for us).

Events are the number of "attacks"... Some things like URL denied are like script kiddies hitting random URLs on our servers looking for exploits in installed software.

Image%202012.03.08%204:48:39%20PM.png


Simply drops packets into nothingness before they get to our equipment or servers.
Click to expand...

Would love to, but not all of us have a $25,000 a month budget to spend on hardware dp :D

Theyve switched from a tc flood to a slowloris flood, mod evasive seems to have killed the tcp off and am just waiting on mod qol to catch up with the slowloris :(
 
Not sure if the UK procedures work the same way, but I would ask the court for an injunction against attacks or even contacting your site. Then, if these continue, you have a pretty easy contempt of court case (which, in many places can result in them going to jail)...I could also see going after a forfeiture of their computer equipment. Would need a lot more details (and I am not the right guy to ask about the ins and outs of UK local court practice). But, methinks there are some additional tools available to you.

Good luck!
 
digitalpoint said:
Simply drops packets into nothingness before they get to our equipment or servers.
Click to expand...

Well apparently 1+1 servers come with a hardware firewall configured to help with Ddos, but they don't turn it on unless you manually do it!

So just turned it on, apparently will be active in about 5 minutes so lets see :)
 
The police have now taken an active interest in this as it is a repeat offence and are coming around later today to take my statement and hand it over to Wirral police for investigation.

I have already informed them we will be pressing charges.
 
Status
Not open for further replies.
Back
Top Bottom