Democratic Underground Latest Greatest Lobby Journals Search Options Help Login
Google

PSA: Watch your DU account. Might want to change your password.

Printer-friendly format Printer-friendly format
Printer-friendly format Email this thread to a friend
Printer-friendly format Bookmark this thread		 This topic is archived.
Home » Discuss » Archives » General Discussion (1/22-2007 thru 12/14/2010) Donate to DU
 
Sapphocrat Donating Member (1000+ posts) Send PM | Profile | Ignore Tue Oct-13-09 06:51 AM
Original message
PSA: Watch your DU account. Might want to change your password.
Edited on Tue Oct-13-09 08:23 AM by EarlG
My Web site server logs show:

Research (details of which are boring) show me this person was at the DU login page; IP address xxxxxxxxx resolves to RIPE Network Coordination Centre, Amsterdam -- legit in itself, but a hacker gateway from the former USSR.

Caveat DUer.

Don't mean to be an alarmist -- it's probably just Jennifer Roback Morse trying to mindfuck me -- but you never know.


Edited by DU Admin to remove personally identifying information.
Printer Friendly | Permalink |  | Top
 
Liberal Democratic discussion forum
   Replies to this thread
  - EarlG... can you weigh in on the significance of this?  hlthe2b   Oct-13-09 06:53 AM   #1 
  - Are you complaining or bragging?  lunatica   Oct-13-09 06:53 AM   #2 
  - Glad I'm not the only one  graywarrior   Oct-13-09 06:55 AM   #3 
  - I'm *warning*.  Sapphocrat   Oct-13-09 06:56 AM   #4 
     - Nope. Not clear enough.  lunatica   Oct-13-09 06:59 AM   #5 
     - I think it's perfectly clear...  nebenaube   Oct-13-09 07:05 AM   #10 
     - OK.  Sapphocrat   Oct-13-09 07:13 AM   #11 
        - so if you don't have a website linked to du, not to worry.  Hannah Bell   Oct-13-09 07:16 AM   #13 
           - Who knows? She's keeping the implications of this data a secret for some reason.  Richardo   Oct-13-09 07:17 AM   #15 
     - If some 14 year old Russian hacker tries to get on my computer  hobbit709   Oct-13-09 07:00 AM   #6 
     - That's no warning.  Richardo   Oct-13-09 07:05 AM   #9 
        - Fine. Fuck it.  Sapphocrat   Oct-13-09 07:15 AM   #12 
        - You're welcome.  Richardo   Oct-13-09 07:16 AM   #14 
        - Do you have to practice at being rude?  tazkcmo   Oct-13-09 07:30 AM   #22 
        - You know...  foreigncorrespondent   Oct-13-09 08:16 AM   #27 
        - I agree with Sapphrocat. He/She was just trying to give us information.  zanne   Oct-13-09 07:27 AM   #19 
        - Code? What code? Where?  TransitJohn   Oct-13-09 07:23 AM   #17 
           - That's the point - we're not all computer nerd techies who know what that shit means  Richardo   Oct-13-09 07:26 AM   #18 
              - So you're upset because there's things in the world you don't know about.  TransitJohn   Oct-13-09 07:34 AM   #23 
  - my site's not connected to this site but thanks for the warning  corpseratemedia   Oct-13-09 07:01 AM   #7 
  - Doesn't that IP resolve to London, England?...nt  SidDithers   Oct-13-09 07:04 AM   #8 
  - I just reformatted my computer, not taking any chances  City of Mills   Oct-13-09 07:20 AM   #16 
  - Thank you  tazkcmo   Oct-13-09 07:28 AM   #20 
  - Are you sure they didn't just click the link in your profile?  kdmorris   Oct-13-09 07:30 AM   #21 
  - Exactly. Total non-issue. Maybe OP should learn how to read logs before scaring people.  Statistical   Oct-13-09 07:42 AM   #24 
  - OK, I'll try a translation even though I'm pretty clueless  HamdenRice   Oct-13-09 07:47 AM   #25 
  - God, you guys, lighten up  Mari333   Oct-13-09 07:55 AM   #26 
  - +1  Toasterlad   Oct-13-09 08:25 AM   #28 
  - The IP address you posted  EarlG   Oct-13-09 08:29 AM   #29 
 
hlthe2b Donating Member (1000+ posts) Send PM | Profile | Ignore Tue Oct-13-09 06:53 AM
Response to Original message
1. EarlG... can you weigh in on the significance of this?
Printer Friendly | Permalink |  | Top
 
lunatica Donating Member (1000+ posts) Send PM | Profile | Ignore Tue Oct-13-09 06:53 AM
Response to Original message
2. Are you complaining or bragging?
I can't tell since I don't know what you're talking about.
Printer Friendly | Permalink |  | Top
 
graywarrior Donating Member (1000+ posts) Send PM | Profile | Ignore Tue Oct-13-09 06:55 AM
Response to Reply #2
3. Glad I'm not the only one
Printer Friendly | Permalink |  | Top
 
Sapphocrat Donating Member (1000+ posts) Send PM | Profile | Ignore Tue Oct-13-09 06:56 AM
Response to Reply #2
4. I'm *warning*.
Somebody's fucking around -- nosing around -- and I'm trying to save everyone grief. Clear enough, or would you rather I sit back and laugh when some 14-year-old Russian hacker fucks with you?
Printer Friendly | Permalink |  | Top
 
lunatica Donating Member (1000+ posts) Send PM | Profile | Ignore Tue Oct-13-09 06:59 AM
Response to Reply #4
5. Nope. Not clear enough.
If you explain what you mean and more importantly you give advice on what to do then you're warning can mean something. But you're free to laugh all you want in any case.
Printer Friendly | Permalink |  | Top
 
nebenaube Donating Member (1000+ posts) Send PM | Profile | Ignore Tue Oct-13-09 07:05 AM
Response to Reply #5
10. I think it's perfectly clear...
that page is in the admin section, there's probably only three people who are normally able to go there...
Printer Friendly | Permalink |  | Top
 
Sapphocrat Donating Member (1000+ posts) Send PM | Profile | Ignore Tue Oct-13-09 07:13 AM
Response to Reply #5
11. OK.
My Web site is http://www.lavenderliberal.com / . I monitor hits/traffic (people who come to my Web site) through my server logs (what keeps track of my traffic). The incoming link is extremely suspicious; while it shows "du admin.php," it comes from Europe, per the IP (Internet Protocol) address.

The page this person was trying to access was my DU login page.

My conclusion: Someone was trying to get into my DU account. I believe if someone was trying to get into my DU account, that same someone may be trying to get into your DU account.
Printer Friendly | Permalink |  | Top
 
Hannah Bell Donating Member (1000+ posts) Send PM | Profile | Ignore Tue Oct-13-09 07:16 AM
Response to Reply #11
13. so if you don't have a website linked to du, not to worry.
Printer Friendly | Permalink |  | Top
 
Richardo Donating Member (1000+ posts) Send PM | Profile | Ignore Tue Oct-13-09 07:17 AM
Response to Reply #13
15. Who knows? She's keeping the implications of this data a secret for some reason.
Printer Friendly | Permalink |  | Top
 
hobbit709 Donating Member (1000+ posts) Send PM | Profile | Ignore Tue Oct-13-09 07:00 AM
Response to Reply #4
6. If some 14 year old Russian hacker tries to get on my computer
He's in for a rude surprise.

Let's just say that I had some pros set up a little goody for people like that.
Printer Friendly | Permalink |  | Top
 
Richardo Donating Member (1000+ posts) Send PM | Profile | Ignore Tue Oct-13-09 07:05 AM
Response to Reply #4
9. That's no warning.
Edited on Tue Oct-13-09 07:13 AM by Richardo
It's not a PSA if you just copy-and-paste a bunch of code. That doesn't tell most of us anything.

Someone's nosing around? So what? What can they do? How? What does it mean? What grief? Is my DU password a gateway to my entire system?


Believe it or not, a lot of people need to be told WHAT THE DATA MEANS. What if a hurricane warning just said "Watch out, barometric pressure is dropping fast in your area." Not quite the same as saying "THERE'S A FUCKING HURRICANE COMING!!!"

So thanks for nothing.
Printer Friendly | Permalink |  | Top
 
Sapphocrat Donating Member (1000+ posts) Send PM | Profile | Ignore Tue Oct-13-09 07:15 AM
Response to Reply #9
12. Fine. Fuck it.
Try to do something decent, and get fucked up the ass.

Thank YOU for nothing.
Printer Friendly | Permalink |  | Top
 
Richardo Donating Member (1000+ posts) Send PM | Profile | Ignore Tue Oct-13-09 07:16 AM
Response to Reply #12
14. You're welcome.
Printer Friendly | Permalink |  | Top
 
tazkcmo Donating Member (668 posts) Send PM | Profile | Ignore Tue Oct-13-09 07:30 AM
Response to Reply #14
22. Do you have to practice at being rude?
Or does it just come naturally? Sheesh.
Printer Friendly | Permalink |  | Top
 
foreigncorrespondent Donating Member (1000+ posts) Send PM | Profile | Ignore Tue Oct-13-09 08:16 AM
Response to Reply #14
27. You know...
...I have met some real rude people in my life, but you really take the fucking cake.

Unfuckingbelievable. Someone issues a warning and just because you don't understand it you attack... real clever... NOT!
Printer Friendly | Permalink |  | Top
 
zanne Donating Member (1000+ posts) Send PM | Profile | Ignore Tue Oct-13-09 07:27 AM
Response to Reply #12
19. I agree with Sapphrocat. He/She was just trying to give us information.
What's the matter with you people?
Printer Friendly | Permalink |  | Top
 
TransitJohn Donating Member (1000+ posts) Send PM | Profile | Ignore Tue Oct-13-09 07:23 AM
Response to Reply #9
17. Code? What code? Where?
I saw some snippet of log, but no code? Maybe someone doesn't know what they're talking about?
Printer Friendly | Permalink |  | Top
 
Richardo Donating Member (1000+ posts) Send PM | Profile | Ignore Tue Oct-13-09 07:26 AM
Response to Reply #17
18. That's the point - we're not all computer nerd techies who know what that shit means
Or the difference between 'code' and 'logs' for that matter.

So if it's really a PSA, that crap should be explained.
Printer Friendly | Permalink |  | Top
 
TransitJohn Donating Member (1000+ posts) Send PM | Profile | Ignore Tue Oct-13-09 07:34 AM
Response to Reply #18
23. So you're upset because there's things in the world you don't know about.
I think it's called insecurity, and you are owe the OP an apology for acting like a complete ass when they were trying to help people out. It's not her fault that you don't know what you're talking about.
Printer Friendly | Permalink |  | Top
 
corpseratemedia Donating Member (1000+ posts) Send PM | Profile | Ignore Tue Oct-13-09 07:01 AM
Response to Original message
7. my site's not connected to this site but thanks for the warning
i get a lot of hits from RIPE - i made the mistake of having my email on my site and I assumed they got it because when I put it up and their bot got me again I got tons of spam.
Printer Friendly | Permalink |  | Top
 
SidDithers Donating Member (1000+ posts) Send PM | Profile | Ignore Tue Oct-13-09 07:04 AM
Response to Original message
8. Doesn't that IP resolve to London, England?...nt
Sid
Printer Friendly | Permalink |  | Top
 
City of Mills Donating Member (1000+ posts) Send PM | Profile | Ignore Tue Oct-13-09 07:20 AM
Response to Original message
16. I just reformatted my computer, not taking any chances
Anyone have an XP CD I can 'borrow'?
Printer Friendly | Permalink |  | Top
 
tazkcmo Donating Member (668 posts) Send PM | Profile | Ignore Tue Oct-13-09 07:28 AM
Response to Original message
20. Thank you
While some of the posters here are correct in that much of what you say makes very little sense to many of us I a appreciate the spirit of your post. Please do provide any additional info such as actions we can take to protect ourselves. Again, thank you for your warning.
Printer Friendly | Permalink |  | Top
 
kdmorris Donating Member (1000+ posts) Send PM | Profile | Ignore Tue Oct-13-09 07:30 AM
Response to Original message
21. Are you sure they didn't just click the link in your profile?
Why does any of that mean that they were on your login page?

az=general&saz=member_facts&command=view&id=175732 This part SEEMS to be saying "view member facts for member id 175732", which TO ME indicates someone looked at your profile and clicked the link you have in your profile to go to your website.

Not seeing the sinister part here.
Printer Friendly | Permalink |  | Top
 
Statistical Donating Member (1000+ posts) Send PM | Profile | Ignore Tue Oct-13-09 07:42 AM
Response to Reply #21
24. Exactly. Total non-issue. Maybe OP should learn how to read logs before scaring people.
Edited on Tue Oct-13-09 07:44 AM by Statistical
Someone from London likely a mod used a page that lets them look at a user.
That page likely has the user's profile info.

What does the OP have on his/her profile page?
http://www.democraticunderground.com/discuss/duboard.ph...

Oh yeah a FRACKING link to their website!

http://www.hostip.info/index.html

So a mod living in London used the mod version of "view this user's profile" saw an interesting homepage link and followed it.

Somehow the OP got "OH NOES!!!!! RUSSIAN HACKERS!!!!!!" out of that.


UnRec
Printer Friendly | Permalink |  | Top
 
HamdenRice Donating Member (1000+ posts) Send PM | Profile | Ignore Tue Oct-13-09 07:47 AM
Response to Original message
25. OK, I'll try a translation even though I'm pretty clueless
Edited on Tue Oct-13-09 07:47 AM by HamdenRice
All she's saying is that someone tried to log into her DU account as an administrator.

Then that same person immediately went to her discussion group, Lavender Newswire.

If you run a site, you get a "log". When anyone visits your site, your log tells you what site that person was looking at immediately before looking at your site.

So some person from a suspect, east European hacker site went to DU, tried to log in as Sapphocrat using administrator privileges, presumably was unsuccessful, and then immediately went to Lavender Newswire.
Printer Friendly | Permalink |  | Top
 
Mari333 Donating Member (1000+ posts) Send PM | Profile | Ignore Tue Oct-13-09 07:55 AM
Response to Original message
26. God, you guys, lighten up
Sapph is merely trying to warn people...if you are confused, just ask her nicely, you dont have to be flaming dicks about it.
Printer Friendly | Permalink |  | Top
 
Toasterlad Donating Member (1000+ posts) Send PM | Profile | Ignore Tue Oct-13-09 08:25 AM
Response to Reply #26
28. +1
Jesus fucking christ, there are some serious assholes on DU.
Printer Friendly | Permalink |  | Top
 
EarlG ADMIN Donating Member (1000+ posts) Send PM | Profile | Ignore Tue Oct-13-09 08:29 AM
Response to Original message
29. The IP address you posted
belongs to a DU moderator who followed a link to your site from a deleted message (a personal attack against you that had been removed.)

In future we would appreciate if you could check with us first before posting this kind of information publicly and suggesting to everyone that Russian hackers must be responsible.

Locking.
Printer Friendly | Permalink |  | Top
 
DU AdBot (1000+ posts) Click to send private message to this author Click to view this author's profile Click to add this author to your buddy list Click to add this author to your Ignore list Sun May 19th 2013, 12:07 PM
Response to Original message
Advertisements [?]
 Top

Home » Discuss » Archives » General Discussion (1/22-2007 thru 12/14/2010) Donate to DU

Powered by DCForum+ Version 1.1 Copyright 1997-2002 DCScripts.com
Software has been extensively modified by the DU administrators

Important Notices: By participating on this discussion board, visitors agree to abide by the rules outlined on our Rules page. Messages posted on the Democratic Underground Discussion Forums are the opinions of the individuals who post them, and do not necessarily represent the opinions of Democratic Underground, LLC.

Home  |  Discussion Forums  |  Journals |  Store  |  Donate

About DU  |  Contact Us  |  Privacy Policy

Got a message for Democratic Underground? Click here to send us a message.

© 2001 - 2011 Democratic Underground, LLC