DNF Hacked

[pertosda]

DNF hacked???

Have you seen this?

http://www.DNF

Wow, Im shocked!

 

[Ray]

im glad the staff got it all back!!

 

[chelsea]

Thanks Denny! Much appreciated your help.

 

[blackwizard]

Wow! THe site is back! Good news to hear

 

[Billy!]

hehe .. how long for?

 

[PoorDoggie]

is that the same site as before? It looks a bit bare ??? maybe its just me - i've never been there before, but it just dosen't look like a professional domain forum.

 

[denny007]

is that the same site as before? It looks a bit bare ??? maybe its just me - i've never been there before, but it just dosen't look like a professional domain forum.

Pictures was missing now its fixed

 

[Peter]

Because MD5 can be cracked.

it is not cracked as such it is called md5 collision. A collision occurs when a different string ends up with the same md5 hash. Depending on the password it can take a matter of hours to days to find a collision it all depends on the strength of the password. The best defence is to use a password that is not a dictionary word, that is quite long, has different cases of letters and preferably contains numbers as well.

There are sites that have a database of strings and there md5 hash and you can use that to search but for them to have the phrase and password they would have had to of course already have the hash in the database for you to do a search on the hash. If you follow the above guidelines for passwords then it is unlikely that is would be in the database as they are manually entered into the system and for someone to have entered that phrase is unlikely.

 

[Matt_H]

Little update,

Forum now running (smoothly it seems :D)

We dont belive the hacker copied the mysql db (seemed abit trigger happy trying to remove it).

But to be on the safe side we recommend to change your passwords.

Also, there were no demands from the hacker (it was quite funny reading the reported randsoms) and we had control of the server the moment the hackers message was removed.

But yes DNF back and running, we are investigating further how the hacker actually managed to gain access to the server and how we can prevent this further.

Matt

 

[Billy!]

NamePros being discriminated still > http://www.DNF/showthread.php?t=186661 ... look at my post

Well done ... maybe the owners need to thank ********.com N A M E P R O S .COM for their support and getting behind DNF whilst you were down!

Namepros is ******** .... (blanked out) yet the owners of namepros are happy to support DNF.... grrr! Maybe DNF will fix it.

Why cant we all be one happy family!


Arrggghhh Competition!

 

[Matt_H]

NamePros being discriminated still > http://www.DNF/showthread.php?t=186661 ... look at my post



Namepros is ******** .... yet the owners of namepros are happy to support DNF.... grrr!

Why cant we all be one happy family!

I will bring this up and see if I can get this removed,

I will agree that namepros are happy to support DNF to a certain level (which is acceptable).

Matt

 

[Billy!]

I understand its early days too, they have more to worry about ... than my silly post!

 

[Genialnames]

I have no noticed anything wrong

I had few sites hacked this year and it is very hurting to wake up one morning and to find a stupid message instead of your home page.
Then also you get an advice from the hosting provider that invite you to solve the problem asap, if you want to reopen the site again, the problem it is: what to fix? that "what to look for?". WOW, it is a nightmare.

Anyway I have learned that usually these "so called " hackers (but these are usually "crackers")they do not steal sensible data, they only break up things.

It is very difficult to catch them , at least this is what the authority let us to intend, because they go by proxy to proxy and other hacked servers, and also there are servers all around the world that have specific open doors that allow such kind of traffic....so that there is no way to know the starting IP......

Again I send to all those sick minded people my anthem.

 

[Isaac1]

NamePros being discriminated still > http://www.DNF/showthread.php?t=186661 ... look at my post



Namepros is ******** .... (blanked out) yet the owners of namepros are happy to support DNF.... grrr! Maybe DNF will fix it.

Why cant we all be one happy family!


Arrggghhh Competition!

Is it really that big of a deal?

 

[Billy!]

I understand its early days too, they have more to worry about ... than my silly post!

No

 

[Ben]

Also, there were no demands from the hacker (it was quite funny reading the reported randsoms) and we had control of the server the moment the hackers message was removed.

Why did they remove the legal issues section then?

 

[Billidn]

Still not getting DNF site on internet. Just their message on the landing page.
Anyone else?

 

[Genialnames]

did you cleaned the cache of your browser?

 

[Billidn]

did you cleaned the cache of your browser?

Thanks...up and running

 

[labrocca]

Yeah it's up and running but who is to say the hacker doesn't still have control. Odd the legal section is removed. I am not gonna change my password their yet either. For all we know the hacker has changed the script or is in control. It would be INCREDIBLY easy to change VB so that when a new password was created he would get an email or the unhashed password would be saved in a different table.

You have to consider worse case scenario here.

 

[Mark]

Matt_H - Thanks for the updates :tu: Good to hear ....

I'm going to close this thread for now as it seems to keep going off subject -

If you , Adam , or any Staff needs to add anything - Please let us know

 

[greggish]

DNF password expired

When I go to DNF I get the following message...

vBulletin Message
Your password is 13449 days old, and has therefore expired.

Please change your password using this page.

That's like 37 years. I don't trust the site enough after the hacking to enter my password, and in the Site News forum they don't mention anything about the hacking or this problem. I guess they just want to pretend nothing happened. Well, anyway, I don't feel comfortable using their site anymore, not because they were hacked, but because of how they dealt with it afterwards.

 

[Damion]

You are not the only one that received that message. I received it also plus other people that visit DNF.
What is it that you feel they have done wrong in your opinion that you decided not to go there anymore?

 

[greggish]

What is it that you feel they have done wrong in your opinion that you decided not to go there anymore?

As I said, a simple post in their "Site News" forum explaining about the hacking and this problem would be nice. It seems like they are content to leave their users in the dark and not even mention it.

 

[angisson]

As I said, a simple post in their "Site News" forum explaining about the hacking and this problem would be nice. It seems like they are content to leave their users in the dark and not even mention it.

I thought I was not looking in he right place for the "big post" I just don't get it.. on my site if my site is off line for a day it becomes into a big topic.. and everyone wans to know so I make a post.. seems they woulddo the same... =\ oh well guess you will never see me over there again

 

[Damion]

Most users where aware of the hack (It was the talk of the day) and i think if that is a reason for you to stay away from a forum then i think you´re a bit exaggerating IMO.
It´s not something that was entirely hidden from the public and their users.



:lol:

You´re making an issue of a non issue here Greg.