Mutt

the last few days Password Sentry has been suspending usernames like crazy, way above normal. i haven't paid attention to the password scene in years, back then most of the u/p's were cracked/guessed by brute attacks with wordlists of common usernames and passwords.

i noticed a thread on here not long ago where a guy said that's old technology now to these guys, that they now use password sniffing software. how does password sniffing work?
and is there anything I can do to defend against it?

__________________

Jack Sparrow

Best defense is removing gfy signatures that are bigger then allowed.

alias

What sig?

__________________
https://porncorporation.com

Machete_

seriously, fuck off with your huge ass sig

Tam

The software works like any other software that does as it is supposed to do. You input sites that are password protected and the criteria asked for in them, as each one is different and then you start it and let it run, it'll output passwords that are valid at the time it hit that site in the criteria set... it'll be valid until it is killed by you.... that's about the long and short of it.

__________________

Barefootsies

__________________
Should You Email Your Members?

Link1 | Link2 | Link3

Enough Said.

"Would you rather live like a king for a year or like a prince forever?"

SmokeyTheBear

several ways to "sniff" passwords , you can set up a wireless network to spy on users, basic keyloggers, proxies, trojaned computers, etc etc

__________________
hatisblack at yahoo.com

Mutt

seriously, fuck off with new nicknames when nobody noticed your drivel under the old one

get a room with mrfrisky and smell it up with the stench of ass

__________________

Mutt

but what's the most common method used these days by the password crowd on IRC and the web?

__________________

Robbie

Most common is that a server has been compromised in my opinion.

The password file is then there for the taking (or the NATS database depending on what you have).

I was talking to John Scarpa at Swiftwill and he told me that every server that has been moved over to them is gone through by his team, and every one of them had been compromised. EVERY one of them!

That was pretty shocking to me.

I've also found that a lot of people don't have secure email.
I use phantomfrog to catch and stop all that password abuse, and when I see a particular person's user/pass getting slammed constantly, I contact them. I tell them to change their email password and that usually stops their user/pass from being abused instantly.

Had a lot of members thank me profusely for showing them that their email account had been hacked...

__________________
-Robbie
ClaudiaMarie.Com

woj

those animated gifs are 15MB, the girls are hot, but don't be stupid dude...

__________________
Custom Software Development, email: woj#at#wojfun#.#com to discuss details or skype: wojl2000 or gchat: wojfun or telegram: wojl2000
Affiliate program tools: Hosted Galleries Manager Banner Manager Video Manager
Wordpress Affiliate Plugin Pic/Movie of the Day Fansign Generator Zip Manager

Mutt

woj are you on dialup?

__________________

DBS.US

Ask your roommates to kick in a few bucks each a get high speed internet

__________________
Make a Free Chaturbate White Label site in 34 minutes and be making money tonight

amateurbfs

Have some respect for the rules.

__________________

BV

No, Woj is on DSL, but he usually has a bunch of Gay Twink & Tranny torrents downloading.

Mickey Mouse

Email security is so important yet so few people even realize it. Gmail does a great job and always has with their SSL and they have many other minor features implemented to help prevent people from getting your password and if they do you can check the logs and should be able find out. Picking good passwords is also important. Not using the same password also helps as if they get one, many people will try the same password at other sites--including your email as so many people are too lazy to use different passwords. If remembering passwords is a chore for you try 1Password (if you are on a Mac).

Never use anyone else's computer and stay far far away from any Internet cafe as you can probably assume they're collecting your info. Use a VPN if using wifi if you are really concerned.

Yet I think your questions are more about your server. Make sure the location of you file is below your public files. You might wanna change your site/server passwords if you haven't done so in awhile as maybe someone has access. Password Sentry I think has an anti- bruit force plugin so check into that. I hear they're coming out with a major upgrade for that soon and I'm looking forward to learning what neat features it has built in.

Sniffing isn't something you can do much about as it's mostly on your customers end, but I'd doubt that's a major issue with people getting endless amounts of your passwords. I would say check your password file location, change your passwords, and look into bruit force prevention by checking the PS plugin.

Oh, one last thing, consider getting a monthly subscription to a security company. I use a company which for just $100 a month they make sure my sever is secure and they monitor it 24/7 and will handle issues and alert me when there is a problem. I also check with them first before installing different programs to make sure I am not creating a security hole--a few times they've even warned me against some programs and suggested more secure options and they'll even install them for me at no extra costs if I want.

__________________

I'm not a pornographer, I'm an ARTIST!
Currently traveling southeast Asia shooting Asian girl and ladyboy content.
e-mail: support [at] baregirls . com

DWB

Who are you using?

gleem

Wierd thing is I've had whole blocks of passes stolen that are billed by epoch or netbilling but almost never the other 5 billers & gateways I have. So basically when you have 3rd party or gateway billers for your merch, you gotta worry about their security practices too.

I use securitymetrics.com to keep my nats servers PCI compliant which I'm hoping is enough to detect the nasties in addition to the host setups. If there is something better I'd love to hear!

__________________

Mr Happy

Try PhantomFrog.com Not only does it work great, it detects multipul IP's and changes passwords as soon as it detects passwords used from multi IP's.

It also allows you to limit how much content the user downloads.

http://PhantomFrog.com

gaffg

interesting security discussion

__________________
http://gaffg.com/affiliate-programs/
Find all gambling affiliate programs based on categories: casino, poker, sportsbetting, bingo, mobile.
Find forex and binary options affiliate programs.
Listed by revenue share, CPA and sub affiliate commission.

MasterM

1) are all nats own servers 100% ok ?
2) are your servers exploitable ?
3) get proxypass or phantomfrog

TeenCat

some billers are complete hacked, usernames, passwords, emails, ccs and so ... then its not hard to make fresh combolist or to get into members emails ... there will be always alot of people trying their best to get somewhere, always, and its sad but they are and always will be mostly succesful

__________________

Jack Sparrow

Does eric approve with wayyy to big sigs nowadays?

Agent 488

who cares how big a sig is? get a life.

Jack Sparrow

You cared in the other thread, now you dont? Is your bot failing jk

TeenCat

or get a date in mexico

__________________

Machete_

links pulled

seeandsee

only protection total is to unplug it

__________________
BUY MY SIG - 50$/Year

Contact here

TCLGirls

You're complaining about two smoking hot chicks kissing each other?

LOL you know how I know you're gay?

Angry Jew Cat - Banned for Life

I'd listen to the guy who has hundreds of cracked GFY usernames...


There's still people using AccessDiver

gmr324

Thanks for mentioning PhantomFrog Robbie, Mr. Happy and MasterM

Whether passwords are compromised as a result of sniffing software, email intrusion, server intrusion or brute force attacks, the main priority should be detecting the password abuse and ending the cycle of abuse on the first unauthorized attempt.

PhantomFrog has the most accurate and advanced password abuse detection via our exclusive Hi-Res Geo-IP pass abuse detection feature. Making a webmaster's life even easier is what our Automated Member Support (AMS) feature does by providing 24/7 uninterrupted access to paying members and none to hackers. This is all accomplished without the intervention of the webmaster freeing them up to do more important work like
content development and site promotion. PhantomFrog also provides Bandwidth Abuse and Brute Force Attack Protection features rounding out the premium protection that we offer for your sites and your members.

Click Here To Learn More About PhantomFrog

Click Here To Install Our Free Trial


Many Thanks

George

fris

most of the people use a dictionary list, and have it running all day with proxies until it cracks them.

depends if you have a popup password (htaccess) or not.

__________________
Since 1999: 69 Adult Industry awards for Best Hosting Company and professional excellence.


WP Stuff

ladida

Noone does this
Does not matter.

__________________
agentGFY *at* gmail.com

d-null

yes, some people do do this, recently I had a site under attack for weeks in that exact way

MrDeiz

sire, can i have gfy biller combo list sire?

__________________
Make money with WEBC$MS
The only way to still make money in adult

mgtarheels

hey asshole, look on the first page of google for password sniffing software.

Look for the page titled:
What Is Password Sniffing?

ladida

No you didn't. Because they don't have enough proxies for that, and because all would get blocked very soon. Unless you have absolutely no protection at all and you're not even checking for ip so they can do it from 1 ip.
So again, noone does that. You probably had something else happen but you have no idea what, and your hosting/whoever just muttered up some excuse for a messup, or didn't want to explain to you what happened.

__________________
agentGFY *at* gmail.com

fris

accessdiver thats how most of the password sites get them.

__________________
Since 1999: 69 Adult Industry awards for Best Hosting Company and professional excellence.


WP Stuff

MasterM

accessdiver , goldeneye . and the better ones use : HAS , for £HAS_Command

ArsewithClass

Today & yesterday we have also had our Strongbox program banged at... We used to have a problem with password hackers every few months. Since getting strongbox, Ive had little problems but too many strongbox emails. I suppose, proving Strongbox works well

fris

ya strongbox is a good solution, people that sitll use pennywize should be shot in the head or any htaccess method.

__________________
Since 1999: 69 Adult Industry awards for Best Hosting Company and professional excellence.


WP Stuff

MasterM

strongbox protected sites are not as protected as proxypass protected sites.

d-null

you are wrong again

I am my own management, and I personally looked at the logs of the 24 hour a day attempts on brute forcing the passwords, and I also personally banned the ips of the proxies they were using (they were using a lot). Anyways, they easily have enough proxies for that if the site admin doesn't bother to notice that they are doing it.

rowan

Possibly related, I get spam sent to a unique email address I used for signing up to a few ccbill paysites. I don't know if it was the paysites or ccbill that were compromised.

I know there's been a few threads over the years with people offering billing records, probably wouldn't take much for an employee to quietly take a copy for themselves home...

ladida

Wow, you live in the 90's. Accessdiver rofl. "htaccess method" wtf rofl. Yea, it mattered is it "htaccess" or "form" when you were in 90s using accessdiver. Get with the program. Strongbox is horrible, so is pennywize.
Rofla@goldeneye, that's even worse then accessdiver.
Has is not a bruteforcer, shouldn't pretend something you aren't with explot naming tools.
I'm not wrong. I fear for your "management" if that is what you banned.
a) They dont have infinite proxies. Actually they have them very little lately (compared to 90s when certain people last read "how to crack" tutors)
b) they dont run bots all day long because that's stupid for a number of reasons i already pointed out.
And just the notion you have to "personally ban ips they were using" means you dont have ip check for a number of tries on your login. Which in turn means they dont have to use proxies and can brute from 1 ip until you personally ban it again. They're smart enough to notice you're not banning proxies automatically and would not waste them in vain against such poor protection.

__________________
agentGFY *at* gmail.com