Help - Search - Members - Calendar
Full Version: What just happened to Brainmeta?
BrainMeta.com Forum > Feedback, Announcements & FAQ > Feedback & Suggestions
Pages: 1, 2, 3
LifeMirage
The site was down at 2:45 pm central time with some other webpage was in it's place. I assume the site was hacked?
Shawn
yes, it was. A first for BrainMeta. Besides brainmeta.com, there are two other websites hosted on this server, but they were not effected. I'm looking into it.
code buttons
QUOTE(Shawn @ Dec 06, 2006, 01:03 PM) *

yes, it was. A first for BrainMeta. Besides brainmeta.com, there are two other websites hosted on this server, but they were not effected. I'm looking into it.

Mind-Brain.org wasn't affected, I noticed. Looked like someone was issuing a Jihad on BrainMeta.
Shawn
I believe I have fixed the issue. It involved, in part, a security hole in PHP.
Enki
It was something unbelievable.

Hope the hacker can be located by NSA soon.
Enki
Should we change passwords Shawn?
Shawn
I think it was someone with an IP address indicating they were from Dubai. You do not have to worry about changing passwords since they are encrypted on the server.
Enki
Hope some one will be able to teach them a good lesson!

It is a matter of honor to teach them a lesson. Though it looked liked as Jihad hacking but I guess it is another source. Hope 007 can locate them and punish properly.
Enki
QUOTE(Shawn @ Dec 06, 2006, 02:03 PM) *

I think it was someone with an IP address indicating they were from Dubai. You do not have to worry about changing passwords since they are encrypted on the server.


Interesting who from Dubai, at presence of such security measures can dare to hack a server in America. I really do wonder. What a trick.

It once again shows how vulnerable the civilization is to the cyber-terrorism.
maximus242
Cyber terrorism on brainmeta? what?!? Couldnt it just be come kid hacker from Dubai who has nothing better to do than hack websites?

..WTH did my avatar go

Edit: Fixed Avatar
Shawn
Ok. I have looked into it further and here is what happened. Someone from Cairo with IP 196.218.12.128 (they were not going through a proxy) used the file uploader to upload a file with a .php.gif extension. The file uploader thought it was a .gif file, so it uploaded it, but if you loaded the file in your browser, it would execute the .php script (which is what the file really was, not a .gif). The PHP script was a PHP shell script and directory browser, which enabled the user to delete and modify files. All files were recovered via backups (except for some recently uploaded pics) and the security hole in the file uploader was fixed. The attacker left a big trail, was sloppy, and could have done much worse, which suggests the person was an unsophisticated novice . Nonetheless, incidents like this underscore the fact that brainmeta.com is not invulnerable to attack, though I will do what I can to prevent further incidents.
Flex
Lol I do not get what motive the individual could possibly have... What could be gained from hacking Brain Meta?
maximus242
The biggest thing puzzling me is the Why, I suspect it is someone with just to much time on their hands or... the anti-christ of brain meta, dattaswami II.
Shawn
I'm glad they didn't do any real damage, and it was somewhat amusing while it lasted.... and I got to learn about a great PHP shell script and directory browser. Here's a screenshot of the hack for those who missed it.
Flex
Ok I have to admit--that is hardcore (except the layout looks pretty shody). Just curious, but why is Shawn member number 9 instead of 1?
Hey Hey
ameer atom in the universe of Brainmeta. laugh.gif

Well done Shawn for sorting it out so quickly.
Enki
QUOTE(Flex @ Dec 06, 2006, 08:03 PM) *

Ok I have to admit--that is hardcore (except the layout looks pretty shody). Just curious, but why is Shawn member number 9 instead of 1?



Good question. Why number 1 turned into number 9?

Shawn is that you? smile.gif
Enki
QUOTE(Hey Hey @ Dec 06, 2006, 08:56 PM) *

ameer atom in the universe of Brainmeta. laugh.gif

Well done Shawn for sorting it out so quickly.


Hahahahahah.

Irrationality in the Universe of Wisdom. laugh.gif

Btw, possibly he is one of the users on Brainmeta.

Ameer are you here? I can tell you a fantastic story about Archangel Jebrail and about a device Mohammed was using to fly on from Arabia to Jerusalem. Really. It is a fairy tale.

So do not do that again with Bainmeta, otherwise the “Gods” from Brainmeta may punish you.
Hey Hey
QUOTE(Enki @ Dec 07, 2006, 07:03 AM) *

QUOTE(Flex @ Dec 06, 2006, 08:03 PM) *

Ok I have to admit--that is hardcore (except the layout looks pretty shody). Just curious, but why is Shawn member number 9 instead of 1?



Good question. Why number 1 turned into number 9?

Shawn is that you? smile.gif

Also, interestingly, who is number 1?
Trip like I do
Hey.... my avatar mysteriously changed again. What's up with that?

code buttons
QUOTE(Trip like I do @ Dec 07, 2006, 01:57 PM) *

Hey.... my avatar mysteriously changed again. What's up with that?

I think there was another hack attempt. About 12 or so today BM was not available. I was logged-in at the time and when I hit refresh it dissapeared and I got an error message instead. There was no webpage in place this time, like yesterday, though.
Shawn, what if yesterday's "sloppy" hack , as you put it, was some kind of test before a bigger or more organized attepmpt?
Rick
BrainMeta is a natural target for jihadist attack for the same reason that I come here. Any place of free exchange of ideas and thoughtful free deliberation is a threat to monotheistic certainty.
Shawn
unfortunately there was another attack earlier today. I have not been able to confirm that it was the same person, and this time they attempted to delete as much as they could. I have increased the security on the server, with the result that uploading files has been disabled for the time being, at least until a better solution is put into place.
Flex
Well I guess that explains why I could not upload a screen shot from the attack...
Trip like I do
.... and explains why I now have no avatar.
Flex
QUOTE(Trip like I do @ Dec 07, 2006, 05:08 PM) *

.... and explains why I now have no avatar.


I see your new avatar (or lack there of) as a form of modern art--it is very beautiful wink.gif
Rick
Minimalism? I see no avatar now (at this exact momen) when a while ago I was his very nice abstract artwork in a horizontal position with Trip standing by it.
maximus242
Seems we also have a spammer who keeps on posting nonsense, this could be the same person. I just deleted one of his spamming topics and moderators will have already seen the reports from HeyHey. It cant be coincidence that there is a spammer and a hacker at the same time, can it?

Any ideas, thoughts on the connection and how to combat our new found internet assailants?
Hey Hey
QUOTE(maximus242 @ Dec 08, 2006, 04:29 AM) *

Seems we also have a spammer who keeps on posting nonsense, this could be the same person. I just deleted one of his spamming topics and moderators will have already seen the reports from HeyHey. It cant be coincidence that there is a spammer and a hacker at the same time, can it?

Any ideas, thoughts on the connection and how to combat our new found internet assailants?

QUOTE(maximus242 @ Dec 08, 2006, 04:29 AM) *

Seems we also have a spammer who keeps on posting nonsense, this could be the same person. I just deleted one of his spamming topics and moderators will have already seen the reports from HeyHey. It cant be coincidence that there is a spammer and a hacker at the same time, can it?

Any ideas, thoughts on the connection and how to combat our new found internet assailants?

I have been deleting lots of rubbish (not not yours laugh.gif) on boards where I can moderate and passing on others to other moderators. The perps were all new members (so registered, posted then disappeared).

We could have a ?? dollar registration fee to all new members, refunded after a ??. Or more registration information required. I know this could be false but the time it would take might put them off. Do they presently need to have a verifiable email address that would mean their ISP could take action. Oh I don't know, let's form a hit squad and take them out! Perhaps we could post replies with recommendations of medication for their condition ... could include suicide pills.
LifeMirage
E-mail confirmation and enabling moderators to view and block the IP from spammers should help greatly.


Not sure about offering donation/registration fees again based on what happened last time.
code buttons
QUOTE(LifeMirage @ Dec 07, 2006, 09:13 PM) *

E-mail confirmation and enabling moderators to view and block the IP from spammers should help greatly.


Not sure about offering donation/registration fees again based on what happened last time.

Ha! Ha! You're right :
BM + $$ = (BI)2

Where BI = Bad Idea...

Any questions?

Flex
QUOTE(LifeMirage @ Dec 07, 2006, 09:13 PM) *

E-mail confirmation and enabling moderators to view and block the IP from spammers should help greatly.


Not sure about offering donation/registration fees again based on what happened last time.


Now I mean I suck with computers, but if you just block the IP couldn't they just use a proxy server?
LifeMirage
QUOTE
Now I mean I suck with computers, but if you just block the IP couldn't they just use a proxy server?


Of course. However it would slow them down.
Trip like I do
QUOTE(Flex @ Dec 07, 2006, 08:25 PM) *

QUOTE(Trip like I do @ Dec 07, 2006, 05:08 PM) *

.... and explains why I now have no avatar.


I see your new avatar (or lack there of) as a form of modern art--it is very beautiful wink.gif



Ha.... more like a form of port-modern revolt.... anti art.

Nice tunes by thw way.... a real OC mix.
Trip like I do
QUOTE(Rick @ Dec 07, 2006, 08:33 PM) *

Minimalism? I see no avatar now (at this exact momen) when a while ago I was his very nice abstract artwork in a horizontal position with Trip standing by it.


Yes.... extreme minimalism.

It makes me sad.... not being able to showcase my art.
Hey Hey
QUOTE(LifeMirage @ Dec 08, 2006, 05:13 AM) *

Not sure about offering donation/registration fees again based on what happened last time.
Fair point.

What about a credit/debit card registration (without any debit taken - I trust Shawn). Clutching at straws - but we need some imaginative input here.

Isn't there some computer buff on brainmeta who could reverse hack them and explode their computer. Or is that just the CIA who can do that? laugh.gif

Ideas everyone - except the spamming/hacking ***ards! To you, I send a tongue.gif .
Enki
QUOTE(Hey Hey @ Dec 08, 2006, 03:22 AM) *

QUOTE(LifeMirage @ Dec 08, 2006, 05:13 AM) *

Not sure about offering donation/registration fees again based on what happened last time.
Fair point.

What about a credit/debit card registration (without any debit taken - I trust Shawn). Clutching at straws - but we need some imaginative input here.

Isn't there some computer buff on brainmeta who could reverse hack them and explode their computer. Or is that just the CIA who can do that? laugh.gif

Ideas everyone - except the spamming/hacking ***ards! To you, I send a tongue.gif .


I guess good forces (and/or relatively good forces smile.gif ) should be more active in matters related with protection of forums backing cultural and intellectual heritage of Mankind, Western World and Judo-Christian civilization in particular. It is absolutely unacceptable that somebody is able to hack this forum.

Otherwise we will send agent 001 to find the hacker. laugh.gif
Trip like I do
kay.... someone needs to enable my uploading abilities. I feel invisible without an avatar.

Is someone on this or should I give up trying to upload.... as I've tried about 15 damn times to no avail.
Enki
QUOTE(Trip like I do @ Dec 08, 2006, 12:13 PM) *

kay.... someone needs to enable my uploading abilities. I feel invisible without an avatar.

Is someone on this or should I give up trying to upload.... as I've tried about 15 damn times to no avail.


Trip do not get so upset, it is needed for security reasons. BTW when I log to Brainmeta the server with IP 128.120.134.31 tries to attack my computer:

Search results for: 128.120.134.31
OrgName: University of California, Davis
OrgID: UCD-1
Address: One Shields Avenue
City: Davis
StateProv: CA
PostalCode: 95616
Country: US

So you see somebody dislikes or is curious about Enki in the University of California. Guys you do not know what you are doing, I am the most dangerous creature on this planet, believe me. laugh.gif I will ping your brains. Do not force me to go down to a shop and buy Mozzarella. Hehehehehehehe.
maximus242
My avatar is gone again! grrrrr

We need to do some brainstorming on how to deal with hackers and spammers.

For HeyHey's question about computers and causing them to malfunction, yes it is possible to reverse hack and melt their hard-drive or destroy their internal processor. Basically you can render the computer useless, its called nuking by the hacking community.

P.S. Are these people that stupid? Brainmeta is basically filled with knowlegable people who can squash them.
Enki
QUOTE(Trip like I do @ Dec 08, 2006, 01:53 AM) *

QUOTE(Rick @ Dec 07, 2006, 08:33 PM) *

Minimalism? I see no avatar now (at this exact momen) when a while ago I was his very nice abstract artwork in a horizontal position with Trip standing by it.


Yes.... extreme minimalism.

It makes me sad.... not being able to showcase my art.


Shawn, Trip is right, his Art is good and should be promoted, maybe some specific access to Trip can be granted for showcasing his works?


BTW Trip you can upload things on some FTP server and then provide a link here.
Enki
QUOTE(maximus242 @ Dec 08, 2006, 12:26 PM) *

My avatar is gone again! grrrrr

We need to do some brainstorming on how to deal with hackers and spammers.

For HeyHey's question about computers and causing them to malfunction, yes it is possible to reverse hack and melt their hard-drive or destroy their internal processor. Basically you can render the computer useless, its called nuking by the hacking community.

P.S. Are these people that stupid? Brainmeta is basically filled with knowlegable people who can squash them.


Interesting idea. We should ask Shawn to indicate the location of the Hackers more precisely. Earthquakes, Hurricanes, Tornadoes, Tsunamis.

What we think about the collective punishment? Old traditions die hard. wink.gif

Maybe power Outages will be apt to place?
maximus242
Thing is that most of things you describe are possible. The ***** base in Alaska can do most of those things, the earthquakes can be caused by harmonics at certain points in the earth.

Anyone notice that dattaswami is back? Notice how this all happened at the same time? Could this be the Acopolypse?
Enki
QUOTE(maximus242 @ Dec 08, 2006, 12:39 PM) *

Thing is that most of things you describe are possible. The ***** base in Alaska can do most of those things, the earthquakes can be caused by harmonics at certain points in the earth.

Anyone notice that Satan (dattaswami) is back? Notice how this all happened at the same time? Could this be the Acopolypse?


I know. smile.gif Many things are possible I guess. But there is nothing better than peace, construction, gardening, contemplation etc.

Really? Where? What happened? I think not.
maximus242
Its just wierd, first BrainMeta gets hacked.

Then it gets spammed by some unknown jihad.

People start loosing their avatars.

Then one of BrainMetas biggest spammers returns.

This has all happened within 48 hours, a bit unusual activity if you ask me..
Enki
QUOTE(maximus242 @ Dec 08, 2006, 12:50 PM) *

Its just wierd, first BrainMeta gets hacked.

Then it gets spammed by some unknown jihad.

People start loosing their avatars.

Then one of BrainMetas biggest spammers returns.

This has all happened within 48 hours, a bit unusual activity if you ask me..


It is hard to find the clue. I have other ideas about that, but let me keep silence.
Hey Hey
QUOTE(maximus242 @ Dec 08, 2006, 08:26 PM) *

Brainmeta is basically filled with knowlegable people who can squash them.
I have just sent brainmeta waves at very high frequency towards Spam Town and Hackerland. The weather is good so there should be little fallout, except their hair, or falloff, except their naughty bits, hopefully.

Shawn, is anything happening to put up another force field to protect our wonderland?
Trip like I do
nuke the mtf's....

Wormholes used for negative actions.... such a shame there are such ignorant and malnourished individuals in the world.
Shawn
sorry about the lost avatars. The second hack that occurred yesterday was more insidious than the first, and compelled me to increase server security and turn off uploading for the time being. Some of the recently uploaded pics were lost (hence the lost avatars). Until a better solution is worked out, I would recommend, instead of trying to upload pics, using an alternative site for uploading and pointing your profile avatar towards the external url.

For the spamming, blocking by IP address is not a good option because it is very easy to go through a proxy (and change IP address) nowadays. In fact, there are modified versions of firefox that automatically change your IP address (by going through a proxy) on each page reload. The best way to filter spamming is by having increased moderation and, I believe, the implementation of post filters that disallow the posting of certain content. Having email verification for account creation is also an excellent idea, but that is currently not implemented though it may be soon.

The inability to upload pics is probably a temporary precaution. I have increased server security and am adopting a wait-and-see approach to see whether the security can be breached, and if it can, then I know that I need to take additional security measures. In the worst case scenario, I can always move BrainMeta to a different and more secure server. Everything is backed up, so moving to a different server will probably not even be noticed by forum users. I will let you all know if this occurs.

Enki
Thank you Shawn, may the Force be with you.
This is a "lo-fi" version of our main content. To view the full version with more information, formatting and images, please click here.


Home     |     About     |    Research     |    Forum     |    Feedback  


Copyright BrainMeta. All rights reserved.
Terms of Use  |  Last Modified Tue Jan 17 2006 12:39 am