Hacking Threat

[sheeny (Al)]

Just a heads up guys.


We recently had a member's account hacked, and the hackers then began spamming from that account. The member hasn't been active for a while, and we weren't able to contact him to change his password before we had to delete the account to stop the hackers from spamming.


I, myself, have just received notification from google security that I had a password breach. On investigation, I found it was my IIS password, so I've now changed my IIS password.


Please be aware, that it appears hackers are attacking the site trying to find a way in. It's not an issue if you have a secure password, but if you have a simple password it might be worth changing it to something harder to crack.


Please keep an eye out for any unusual activity, and spam posts, and report them ASAP.


Al.

[PeterM]

Thanks for this Al,

The site is Not Secure, so I am left wondering does this make it more attractive to hackers? I don't know so maybe someone in the know can explain to members just exactly what the potential issues might be?
If IceMan has no intention of making it secure then what does that mean for IIS long term? Well someone had to ask the question.....

Actually, Website feedback has a very good discussion on this.... my simple take from that is... It's 2021, not 2005 and to make the site secure is fairly straightforward, if the owner wants to.

Hey Mike hows about a comment?

[RB (Andrew)]

I’ve just changed mine to Al’s old one.
Can never be too careful.

[lazjen (Chris)]

It is quite poor that this site hasn't been updated to be secure. It's been asked for before and will probably be asked for again. Unfortunately it probably will eventually be hacked and ruined.

I would recommend for your own safety that you use a password manager and get it to generate a decent password for this site completely different to everything else.

[Merlin66 (Ken)]

Help me...
How does making the forum “secure” prevent password theft and disruption???

[multiweb (Marc)]

Quote:

Originally Posted by RB

I’ve just changed mine to Al’s old one.
Can never be too careful.

Taking one for the team.

[sheeny (Al)]

It's got to be a good move, RB. The hackers know its no longer valid so no one else would use it would they?





Al.

[RB (Andrew)]

Quote:

Originally Posted by multiweb

Taking one for the team.

Yep!
You can do your bit too Marc, swap with Lewis.

Quote:

Originally Posted by sheeny

It's got to be a good move. The hackers know its no longer valid so no one else would use it would they?





Al.

i


Did you get that from the Snowden documentary I sent you Al?
It was very informative wasnt it.

[TrevorW]

the URL for this site is - https://www.iceinspace.com.au/



Hypertext Transfer Protocol Secure (HTTPS) or “HTTP Secure,” is an application specific implementation that is a combination of the Hypertext Transfer Protocol (HTTP) with the SSL/TLS. HTTPS is used to provide encrypted communication and secure identification of a server, so that no middle man can intercept the data easily.


This still does not stop a determined hacker


A password containing upper & lower case alpha, numbers and a special character being 10 characters or more in length has around 3,051,925,477,389,360 combinations whereas a simple password of 5 characters with alpha numeric such may only have around 1 million combinations, so the more complex the password the harder to hack.

[gary]

Quote:

Originally Posted by PeterM

Thanks for this Al,

The site is Not Secure, so I am left wondering does this make it more attractive to hackers? I don't know so maybe someone in the know can explain to members just exactly what the potential issues might be?
If IceMan has no intention of making it secure then what does that mean for IIS long term? Well someone had to ask the question.....

Hi Peter,

When you see the "Not Secure" message and an open padlock icon
next to the URL field on your browser, it means you accessed it
via a URL of the form http://www.iceinspace.com.au

If you have an existing bookmark, you might want to edit it to
be of the form https://www.iceinspace.com.au

As TrevorW pointed out, HTTPS stands for HTTP Secure.

So, what, you may ask, does accessing the site using https do?

Unfortunately, not all the magic you may have been hoping.
The browser's use of the term "Not Secure" and its implied opposite,
"Secure", are somewhat of a misnomer.

And this applies to all web sites, not just IceInSpace.

Back at the server there is a digital certificate that has been signed by a
"trusted" certification authority (CA).

In a nutshell, when you enter https://www.iceinspace.com, your browser
requests the certificate and it checks that, indeed, the certificate
corresponds to https://www.iceinspace.com and not some other web site.

In a similar vain, if you intentionally go to a hypothetical web site called
https://nastywebsite.com that exploits a security flaw in the browser,
if that web site also has a valid certificate for https://nastywebsite.com
that is signed by a "trusted" CA, then your browser will show it too
is "Secure".

So beware.

When running the https protocol, the communications between you
and the web site are encrypted to try and prevent a "man-in-the-middle"
attack.

However, if, for example, someone has installed a key logger on your
computer through some other piece of malware, encryption isn't
going to do you much good, because they are logging the key presses
before they are encrypted.

Additionally, if a web site itself has a security flaw, for example some
way to access the member database and edit the passwords, then
whether you run http or https matters not.

I like to think of those browser padlock icons like the "Sanitised For
Your Protection" paper bands they leave on hotel toilet seats.
From a professional computer science perspective, they don't mean s**t.

[blindman]

I, for one, have a strong password which cannot be forgotten.
It is: Wrong password, please try again.

[Rerouter (Ryan)]

Most account hacking issues stem from already released datasets, so they have a big list of all the existing leaks, poke around for where on the internet shares the same usernames / emails / phone numbers, and then tries all the known passwords against those accounts, +- some common variations if a site is too relaxed about its number of attempts,

[leon]

Well you have lost me with all that, but it doesn't take much when it comes to this sort of stuff.
And my password is that short and easy the hackers would just say, "that cant be right, who would have such and easy password, this must be a trick:

Leon

[PeterM]

Quote:

Originally Posted by gary

Hi Peter,

When you see the "Not Secure" message and an open padlock icon
next to the URL field on your browser, it means you accessed it
via a URL of the form http://www.iceinspace.com.au

If you have an existing bookmark, you might want to edit it to
be of the form https://www.iceinspace.com.au

As TrevorW pointed out, HTTPS stands for HTTP Secure.

So, what, you may ask, does accessing the site using https do?

Unfortunately, not all the magic you may have been hoping.
The browser's use of the term "Not Secure" and its implied opposite,
"Secure", are somewhat of a misnomer.

And this applies to all web sites, not just IceInSpace.

Back at the server there is a digital certificate that has been signed by a
"trusted" certification authority (CA).

In a nutshell, when you enter https://www.iceinspace.com, your browser
requests the certificate and it checks that, indeed, the certificate
corresponds to https://www.iceinspace.com and not some other web site.

In a similar vain, if you intentionally go to a hypothetical web site called
https://nastywebsite.com that exploits a security flaw in the browser,
if that web site also has a valid certificate for https://nastywebsite.com
that is signed by a "trusted" CA, then your browser will show it too
is "Secure".

So beware.

When running the https protocol, the communications between you
and the web site are encrypted to try and prevent a "man-in-the-middle"
attack.

However, if, for example, someone has installed a key logger on your
computer through some other piece of malware, encryption isn't
going to do you much good, because they are logging the key presses
before they are encrypted.

Additionally, if a web site itself has a security flaw, for example some
way to access the member database and edit the passwords, then
whether you run http or https matters not.

I like to think of those browser padlock icons like the "Sanitised For
Your Protection" paper bands they leave on hotel toilet seats.
From a professional computer science perspective, they don't mean s**t.

Well thank you indeed Gary this gives me way better understanding than I had before. Sincerely appreciated. So new password it is. I guess changing passwords and making them more complex is more 2021 than 2005.

[multiweb (Marc)]

What Gary said.

[LewisM]

Quote:

Originally Posted by RB

Yep!
You can do your bit too Marc, swap with Lewis.

Why the hell do I want the password "VertVertVertVertVertVertFroggy "?

[RB (Andrew)]

Quote:

Originally Posted by LewisM

Why the hell do I want the password "VertVertVertVertVertVertFroggy "?

Isn’t it obvious???
He can then lower the price on any of your icetrade ads.

[LewisM]

Nefarious.


Typical Frenchman

[RB (Andrew)]

Quote:

Originally Posted by LewisM

Nefarious.


Typical Frenchman

You’re lucky he’s French and not Greek...
You’d never see your money,

[LewisM]

You have a point.


Or pointy ears.


Either eether