kenster
New member
What i have found odd, is that Rich has not yet been to this site or to cornsnakes.com either. He must be trying to figure out what the heck happened! That or he is busy tending to his breeding corns
-
Responding to email notices you receive.
**************************************************
In short, DON'T! Email notices are to ONLY alert you of a reply to your private message or your ad on this site. Replying to the email just wastes your time as it goes NOWHERE, and probably pisses off the person you thought you replied to when they think you just ignored them. So instead of complaining to me about your messages not being replied to from this site via email, please READ that email notice that plainly states what you need to do in order to reply to who you are trying to converse with.
-
IMPORTANT! PLEASE READ!! About the Google Adsense ads being displayed
=====================
Posted 08/15/2025
=====================
Yeah, I know. They are a pain in the butt. But they pay the bills to keep my server running. Just a fact of life, I am afraid.
Want to get rid of them? Simple. Just become a Contributor level member or above and they will be gone. -> Please click HERE."
Is that too much for me to ask of you to keep this site running? Well, sorry about that. I too wish I could get everything for free. But alas.....
=====================
Addendum: 01/10/2026
=====================
Google Adsense ad revenue for December, 2025 was just $30 over the cost of the lease for the server running this site. So, in effect, the money providing the incentive for me to continue running this site is coming SOLELY from the paid memberships and sponsorships here. Which honestly ain't much....
Fauna HACKED!
- Thread starter Corey Sawyer
- Start date
- Status
kenster
New member
BTW, anyone wanting to go to cornsnakes.com click on this link:
http://www.cornsnakes.com/forums/
it goes straight into the forums and not to the front page...
http://www.cornsnakes.com/forums/
it goes straight into the forums and not to the front page...
Damn!
I just rolled in from Tampa and found this nonsense that someon had done.
It appears that someone somehow overwrote all of the indecx.html files on my server's domains. I have no idea how this could have happened, but I have initiated some queries to try to find out. If it turns out that this new server I am now on is not at all secure and this happens again, I'll be moving to a new server DAMNED QUICK!.
But it only looks like the main index file got changed and nothing else, so it was an easy matter to recover. The stats for FaunaTopSites certainly lost a day, but that is no big deal.
Probably just some pointy headed cretin with too much time on his/her hands.
I just rolled in from Tampa and found this nonsense that someon had done.
It appears that someone somehow overwrote all of the indecx.html files on my server's domains. I have no idea how this could have happened, but I have initiated some queries to try to find out. If it turns out that this new server I am now on is not at all secure and this happens again, I'll be moving to a new server DAMNED QUICK!.
But it only looks like the main index file got changed and nothing else, so it was an easy matter to recover. The stats for FaunaTopSites certainly lost a day, but that is no big deal.
Probably just some pointy headed cretin with too much time on his/her hands.
I just got notification from a tech that he completed a security update on my server, after I notified them about the problem. Not sure if there was actually a hack done, since it was a pretty weak one if it was in fact a hack attack.
Nothing else on the system could have been compromised, as it appeared that only the index.html file in each of my domains got overwritten. It took me all of 5 minutes to fix the problem on all of my domains.
Certainly NOTHING within this message board system got compromised, as there is no way for even myself to get the passwords out of it for the members.
Sorry about that.
Nothing else on the system could have been compromised, as it appeared that only the index.html file in each of my domains got overwritten. It took me all of 5 minutes to fix the problem on all of my domains.
Certainly NOTHING within this message board system got compromised, as there is no way for even myself to get the passwords out of it for the members.
Sorry about that.
OK, I found out a little more about this.
Apparently this was a known exploit with an older version of WHM/Cpanel5. This is the front panel I use on my servers.
It has been fixed in the latest version and my server has now been updated with this version. I am having my domain hosting server updated now as well.
From what I have heard, there is a group of hackers in Italy and Greece that have been playing with this exploit, and randomly seeking out servers using the older version of Cpanel and hacking in to replace those index files. It has been relatively harmless, but I would imagine that a server with a LOT of domains on it might not find it very amusing at all.
But from what I have been able to gather, there is no real harm done by this prank.
If I find out more, I'll let you all know what I find.
Apparently this was a known exploit with an older version of WHM/Cpanel5. This is the front panel I use on my servers.
It has been fixed in the latest version and my server has now been updated with this version. I am having my domain hosting server updated now as well.
From what I have heard, there is a group of hackers in Italy and Greece that have been playing with this exploit, and randomly seeking out servers using the older version of Cpanel and hacking in to replace those index files. It has been relatively harmless, but I would imagine that a server with a LOT of domains on it might not find it very amusing at all.
But from what I have been able to gather, there is no real harm done by this prank.
If I find out more, I'll let you all know what I find.
HerpVenue
New member
Who is this guy and what is his role?
He is not a member here that I can see.
He is not a member here that I can see.
mycurlylocks
New member
Not the only place
Saturday I had received a security email that pay pal had been under attack for a couple of days. They claimed no breach was made, but someone was also emailing people claiming to be pay pal and asking the user to resend all information via the email link.
Last April may checking account was cleaned out through a breach in pay pal.
Saturday afternoon I received another email notice that reports were coming in that sites with pay pal links were being attacked.
I didn't think anything of it at the time.
Friday when I tried to access my web banking, my account had been disabled because of someone trying to access my account too many times. I had the account reset, and guess what, the same thing happened again yesterday.
I have a checking verified pay pal account. I have used it to send money to this site and a couple of others. If those who receive money from pay pal through their sites; store the information on the same server, then the pay pal info can be retrieved.
Just a warning to check your pay pal accounts closely and for those of you who have checking verified accounts, watch them close.
I really didn't worry about it until I had the second reset on my web banking account and seeing that this site was hacked. Don't count on it being innocent! Wish I had saved the emails now!
Candy King
Saturday I had received a security email that pay pal had been under attack for a couple of days. They claimed no breach was made, but someone was also emailing people claiming to be pay pal and asking the user to resend all information via the email link.
Last April may checking account was cleaned out through a breach in pay pal.
Saturday afternoon I received another email notice that reports were coming in that sites with pay pal links were being attacked.
I didn't think anything of it at the time.
Friday when I tried to access my web banking, my account had been disabled because of someone trying to access my account too many times. I had the account reset, and guess what, the same thing happened again yesterday.
I have a checking verified pay pal account. I have used it to send money to this site and a couple of others. If those who receive money from pay pal through their sites; store the information on the same server, then the pay pal info can be retrieved.
Just a warning to check your pay pal accounts closely and for those of you who have checking verified accounts, watch them close.
I really didn't worry about it until I had the second reset on my web banking account and seeing that this site was hacked. Don't count on it being innocent! Wish I had saved the emails now!
Candy King
I'd assume anyone with the knowledge to discover an exploit such as this might also have the capability of decrypting the password files... Rich do you have any way of verifying if their was any unauthorized access to any critical files such as that? You said nothing was changed, but that doesn't mean nothing was downloaded...
Good to have you back, regardless.
Good to have you back, regardless.
mycurlylocks
New member
Quickly found one link
Just found one quick link in case anyone is interested:
http://zdnet.com.com/2100-1105-991639.html
So far no one I know has received an official warning email from pay pal!
Candy King
Just found one quick link in case anyone is interested:
http://zdnet.com.com/2100-1105-991639.html
So far no one I know has received an official warning email from pay pal!
Candy King
Stardust
human
Good to hear it was an annoying but small problem.
I can get on my normal ways today. I had one heck of a time yesterday until Ritchie told me how to get on. Very frustrating.
Glad it is back to normal.
I can get on my normal ways today. I had one heck of a time yesterday until Ritchie told me how to get on. Very frustrating.
Glad it is back to normal.
mycurlylocks
New member
OOPS! Just read more of my emails
AOL, Earthlink and others have been dealing with email scams.
Just read my Earthlink notice.
http://www.msnbc.com/news/882316.asp?0cv=TB10&cp1=1
Candy King
AOL, Earthlink and others have been dealing with email scams.
Just read my Earthlink notice.
http://www.msnbc.com/news/882316.asp?0cv=TB10&cp1=1
Candy King
Axe
New member
WebSlave said:
Cpanel? Everything I read says it's an insecure version of OpenSSL on Cobalt RAQs - although probably not just limited to RAQ boxes.
[Cobalt-Security] Bug-Travel.
Axe
New member
WaxWormFan said:
If it's MD5 hashed passwords, it's going to be impossible to reverse the process, although brute-force password cracking can reveal some of the more common passwords. But, you don't even need to try & decrypt the password files if you have a couple of Linux boxes laying around with BIND installed.
BIND is the software that runs the DNS records. Making sure that hostnames resolve to the correct IPs. Without it, typing in "www.something.com" wouldn't work. If you can fake out software on a LAN, you can tell your machine that everything points to your machine's IP address. Then you get your fake vB installation to E-Mail you the password, and it gets E-Mailed to an account you have access to. That's why so many sites these days randomly generate a new password for you when you lose your old one, to help thwart this possibility - if somebody generates a new password for your account on their fake copy of a site, it doesn't change a thing on the real-site.
I can't remember if vBulletin generates a new password, or just sends you what's stored in the database, but if it's the latter, then it's definitely possible to retrieve them, although far more hassle than it's worth.
bmm
New member
WaxWormFan but what if they DID get password files?
They spend a whole day of their time here writing posts under other peoples names? LOL
I highly doubt these hackers care about anyones reptile website password. Nor could anything drastically terrible happen if they did view them. They couldn't go through each member and use each members password. LOL. It would be time consuming and pointless. And they certainly have no way of knowing what other websites you use the same password on.
there is no need to worry.
bmm
They spend a whole day of their time here writing posts under other peoples names? LOL
I highly doubt these hackers care about anyones reptile website password. Nor could anything drastically terrible happen if they did view them. They couldn't go through each member and use each members password. LOL. It would be time consuming and pointless. And they certainly have no way of knowing what other websites you use the same password on.
there is no need to worry.
bmm
Let's say they were able to access the passwords, it wouldn't be difficult to pick targets- just look at the active members on the BOI. Let's say we have some business savvy but not net savvy members that use the same password for all of their accounts.. well say goodbye to any assets that can be accessed through paypal, etc...
It's a longshot, and it doesn't sound like it's the case here, but it's a possibility.
It's a longshot, and it doesn't sound like it's the case here, but it's a possibility.
Axe
New member
Not necessarily true. As everybody has to put their real name in their sig, a lot put their website's URL in their signature. Most people will use the same E-Mail address on PayPal that they registered with here. If they're using the same password too, then it is something that one might want to be worried about. IF they got a backup of the database.bmm said:
Even if they managed to get into cpanel, phpMyAdmin is usually setup to be .htaccess protected, and as long as the root password for MySQL had been changed from the default of absolutely nothing, they wouldn't have been able to get in through the console either (although, that doesn't mean they didn't manage to copy MySQL's data files, and clone them on a local box).
Stardust
human
I have different passwords for different accounts. How often does one have to change their passwords?
Thanks
Thanks
bmm
New member
But my pont was why in hell would a hacker give a crap and take that much time to sort through that many members and passwords, AND then try and cause havoc with that knowledge? Not many as you can see, they aren't going to waste that time getting them from a reptile website first. Which is exactly what happened here. They took the index file, and thats it. lol. they aren't going to waste their time.
The hackers that want the money, go for the money, not the reptile websites where it may take HOURS to go through everything and each person to see who has what. Sorry I just find it funny that people are so paranoid about their reptile website password.
Iam just saying relax and don't be so paranoid....I mean some people are really freaks when it comes to worrying about things.
Marisa
The hackers that want the money, go for the money, not the reptile websites where it may take HOURS to go through everything and each person to see who has what. Sorry I just find it funny that people are so paranoid about their reptile website password.
Iam just saying relax and don't be so paranoid....I mean some people are really freaks when it comes to worrying about things.
Marisa
bmm
New member
And if it was truely an issue, Rich would have said something.
John Albrecht
New member
If we suddenly start reading meaningful and respectful postings from Adam and Neil then we will know our passwords were hacked.
- Status