Serious Spam

[Anonymous]

"Posted: Jul 6, 2004 8:43 PM  (by a guy named infa-red)

ummm guys..... u do know there are ways of simply accessing the ftp and server stats of ur little webby

i suggest u shud improve security as i managed to get a number of user names and passwords just by trying to complete ur challenge, and only with the use of flash gets ftp site explorer,

all you need is one arsehole to come along and your done for,

last time i cecked i want one but u know for future"
 
I didn't know if there was any weight to this statement.  Thought maybe this could use some attention, even if it's only a little bit... :?

[Anonymous]

Perhaps I sholud clarify - this was, again, in our Recruitment Thread.

[likwidtek]

I'll tell you what I told tbone.  Until I see proof, it's bull.

[Anonymous]

Hmm...this is disconcerting....but I think it's best uf we follow Likwid's idea...no need getting all worked up if nothing has happened already. I do suggest though that we look into ways to secure ourselves better just in case.

[Anonymous]

I think I agree with both of you, but just wanted to make sure this info was at least known.

[Anonymous]

way to be on top of things kairos

[likwidtek]

I do thank you Kairos.

[Anonymous]

Well, after taking a look at the challenge, from what I can tell and from what i've gathered from a white hat friend of mine, it actually wouldnt be that hard to hack our site or the ventrilo server, if your using a brute forcer.

[likwidtek]

again... enough with the speculation and make with the proof.  Of course you could brute force any of our passwords...  but whoever that yahoo was... was making it sound like there was a vulnerable exploit.

Being able to "actually not that hard to hack" isn't an exploit or a vulnerability.  Unless one of the users has a very weak password.

Which is why passwords should be a mix of numbers and letters and lower and upper case.

[likwidtek]

Anything and everything is hackable.  ANYTHING.  It's just a matter of how easy it is that prevents people from doing it.

[Anonymous]

Hmmm....unlike the other guy, I never stated for sure that you could hack into our site. Again, I was pseculating and pointing out that, with the help of a brute forcer of cours,e it wouldnt be that hard to hack.

I succomb to your knowledge likwidtek, as I truly dont know as much about how the site runs as you do, of course.

[likwidtek]

lol honestly I wanna see someone do it!  So that I can learn the vulnerabilities of the site.  If there are any white or grey hats out there... then by all means hack away... leave 2 things.  Proof, and a fix.  

[Anonymous]

Hmmm.....i'll see if my friend would think about doing it.

[Anonymous]

ill change my password *whistle whistle* it is rather easy to figure out

edited: Changed

[Anonymous]

Brute forcing shouldn't even be considered "hacking" It can be done on anything, and requires no thought whatsoever....