Saturday, March 1, 1997 4:00:01 AM Message From: The Hotline Users Mailing,Hotline@lists.fwparker.org,Internet Subject: The Hotline Users Digest #48 - 03/01/97 To: Geoff Le Feuvre The Hotline Users Mailing List ,Internet The Hotline Users Digest #48 - Saturday, March 1, 1997 Re: I got hacked. by Kevin Ballard Re: The Hotline Users Digest #47 - 02/28/97 by ---------------------------------------------------------------------- Subject: Re: I got hacked. From: Kevin Ballard Date: Thu, 27 Feb 97 19:08:50 -0500 >Well, to keep users from being able to delete all your files do not even >give the admin access the ability to delete files... It really makes no >sense to have this access unless you are not at the computer where the >server is located (which could be true in some circumstances...) In this >case, if no user (not even yourself) has the privileges to delete files >then when/if the server is hacked the worst they can do is change log-in >preferences... and the sort... Just an idea... People that can hack your server can also change the abilities so that's useless. Maybe the person hacked your server by guessing the Admin Password. That is the most likely thing. Next time use a VERY obscure password like maybe your name and then a huge number (Kevin8596). That would be hard to hack. Or maybe they hacked your computer and stole the bookmark (If your have one) that had your server and account saved and then used it to hack. The world of computers is always hackable but it is getting more and more secure. Well, so long. Hope your don't get hacked again. -Kevin Ballard -------------------------------------------------------------------------- KEVIN BALLARD Internet Email-Kevin@sb.org AOL Email-Kevinmunk@aol.com Internet web page-http://www.sb.org/kevin/ Hotline Server-Slartibartfast.sb.org OR 207.60.167.130 -------------------------------------------------------------------------- ---------------------------------------------------------------------- Subject: Re: The Hotline Users Digest #47 - 02/28/97 From: Date: Fri, 28 Feb 97 23:52:40 -0500 >How many people knew the admin password? Or rather, how many people had >access to Open User? New User? ie, could the password have leaked? > >I have discovered that you only need to tell a very small number of >"trusted" people a password, and within days hundreds of people know it. >Example: "powertok" !!!!! > >Also, how many characters long was your password? Could it have been >guessed? Since you don't need to type the password in when you connect >(use a bookmark), I suggest making the password really long - eg, make it >20 characters long. > >As a matter of fact, I think I'll make it so that when you hit New User, >it fills in a default random 20 character password consisting of letters >and numbers. his handle is Kinetico . I talked to him briefly on Pagehaus. Hes an immature prankster. Hes doing it to multiple systems, so I dont think its guesswork. His MO is to trash everything, or encourage others to do so. Its some sort of bug i think. ---------------------------------------------------------------------- End of The Hotline Users Digest --- Internet Message Header Follows --- Received: from www.fwparker.org by bertrand.ccs.carleton.ca (SMI-8.6/SMI-4.0) id EAA14002; Sat, 1 Mar 1997 04:01:12 -0500 Message-Id: <199703010901.EAA14002.14002@bertrand.ccs.carleton.ca> From: The Hotline Users Mailing List To: The Hotline Users Mailing List Subject: The Hotline Users Digest #48 - 03/01/97 Date: Sat, 1 Mar 97 03:00:01 -0600 Mime-Version: 1.0 Content-Type: text/plain Precedence: Bulk X-List-Software: LetterRip 1.0.2 by Fog City Software, Inc.