Warning Off ECCIE Site

[GneissGuy]

Quote:

Originally Posted by ANONONE

Gneiss, I will defer to your knowledge and experience (that was a great simile by the way). It just seems like this incident coincided with a flood of recent malcontents on the board.

We've had a flood of malcontents around for years on ASPD. Unfortunately, I think most of them made the jump to ECCIE.

I don't have any inside ECCIE knowledge, I'm guessing based on what the staff has posted publicly. I've seen several web sites have similar problems lately.

On the other web sites with similar problems, the problems had NOTHING to do with the web site software or what version it's at. They were not running vBulletin software.

The problem on these other sites was with banner ads. The banner ads linked to other web sites. The hackers had attacked these other web sites, or had bought ads on these other sites. Many web sites are vulnerable to this kind of attack if they sell ads to third parties. It doesn't matter whether your web site software is secure or not. You're directing people to a third party web site.

There may have been an ECCIE hater who orchestrated this attack against ECCIE, but there are plenty of for-profit criminal hackers doing similar attacks against sites all over the web at this time.

This doesn't mean there is or isn't a problem with the security of the ECCIE software. I just don't think this particular problem had anything to do with the board software this time.


By the way, AHRRRR. Avast ye scurvy dogs....

[stevesanderson]

Quote:

Originally Posted by lucky21a

Come on dudes If the owners where not so cheap they would pay to clean the servers. and Upgrage the software. What does it cot 500 buck for the new version. They are using a version that its 3 to 4 generations old. Pathetic. Just plain pathetic.

IF they, as soon as they made 500 buck, had just BOUGHT the new version and done the upgrade then They wouldn't be suffering this embarassment and Public Humiliation now. Simple. Plain. Logic.

Greed

Fucked them....

Your analysis is very simple...simple-minded. Upgrading to the latest version of the Vbulletin software is not as easy as popping a disk in and clicking. As you apparently know little about software, perhaps you should yield to those of us that do.

While some customizations to Vbulletin are obvious (review forums and custom fields), some are not apparent to those of you with limited access. Features (custom code) may not be compatible with the latest Vbulletin revision.

The only real solution is:
1. Purchase/lease a new server to install the new Vbulletin.
2. Pay a developer to merge the old customizations into your new system.
3. Pay a developer/dba to import your old database into your new system.
4. Switch servers to the new system.
5. Deal with the members who will wine when one little feature isn't working just right...so bring your developer back in to fix these little bugs.

Unfortunately, the Vbulletin "developers" I have run into that have reasonable rates are self-taught and have no real discipline in modifying software. This is evident by the customizations they write being called "hacks". They will fix one feature and break another...or slow your system down.

A real developer will be out of range of the budget of the average Vbulletin forum. If the adult forums were just out-of-the-box forums, a simple upgrade would be possible..but y'all want ROS and showcases.

Are forum owners cheap? Even with all the money in the world to throw at a revision upgrade, you're looking at a lot of project management time to handle your upgrade. And all this to stop a hacker without enough motivation to hack a site where money can be made from his devilishness.

[farmerboy]

I use Firefox and I also get the attack site message. It appears to be one of two things. I recently received a Firefox update. It may have checked the check box under options/tools Block known attack sites or Google has labeled Eccie as a known attack site.

[jakestone]

The Firefox situation has apparently been resolved. I logged into eccie this morning with the "attack sites option" checked and everything was back to normal.

[PSD]

Please read...

http://www.eccie.net/showthread.php?p=602530#post602530

PSD

[Fancyinheels]

We're baaaaaaack! No problem logging in through Firefox either. Ahhhh, back to normal, or as normal as ECCIE gets, anyway.

[guest040711-1]

From reading several posts here, I need to buy Holliday Inn stock, there are a lot of experts that don't know what they are talking about.

[casetractorman]

If I put in Eccie.net I don't get it. If I use google and put in eccie then I get it.

[ginatrugfe]

thanks to good ole microslut security essentials, my computer is in a chastity belt,lol

[fidelpot]

Quote:

Originally Posted by flinde

Mokoa,
...Till the problem remedied - maybe even a restore/ data loss and the VBB upgrade suggested by the guy you were wrestling with yesterday, (who didnt seem to me to be threatening anyone), telling people to disable firefox security settings to play on the site still re-directing thru topbadware.org is, long term, very damaging to the site.

a sane voice. thank you. the mind will defend its own thinking and when some people hear something they don't like, they may take it as an attack.

Quote:

Originally Posted by ANONONE

Those are good points, but I can't help but to wonder if that same person was the cause of this issue. It would not be the first time a "white hat" created a scare, just to sell their own firewall software...I still think the alerts posted to Mozilla and Google seem to be a bit too close to that gentleman's join date.

My only goal on this site is to meet the beautiful ladies...and do it safely. that's why i was bitching. btw, i am a white hat from my 12-21 days. now i write software just like the one used here. actually i have in the past participated in dev for vbulletin as well as joomla, kunena, etc. so i kinda have a little bit of cred here even if my post numbers are low.

one bit of advice for all of you, just like you use a hobby telephone, please use a hobby email account. if you are a member on a board that gets hacked---any board/service/etc---you could find your email account compromised as well. play smart and leave no trail.