Holy Moly! Alphaville Herald Down after latest Redzone Discovery? - Page 2 - SLUniverse Forums
Navigation » SLUniverse Forums > Virtual World Discussion > General SL Discussion » Holy Moly! Alphaville Herald Down after latest Redzone Discovery?


General SL Discussion Discuss topics related to Second Life

 
Sponsor:
Steampunk Victorian Caledon
Reply
 
LinkBack Thread Tools Display Modes
Old 03-12-2011, 04:57 PM   #26 (permalink)
Myf
McMahon
 
Myf's Avatar
a dog in your vineyard
 
Join Date: Feb 2010
Location: Syd, Aust.
Posts: 1,783
SL Join Date: March '07
Business: Myficalities
Client: the one you hate

Awards: 1
Best Ferrari Related Retort Ever 
Quote:
Originally Posted by Little Lost Linden View Post
Alphaville just posted a story about the Redzone database being compromised and then went offline with Server 500 errors. Can anyone else confirm?
For future reference...
Myf is offline   Reply With Quote
Old 03-12-2011, 04:59 PM   #27 (permalink)
Hive Mind Director
 
Cristiano's Avatar
 
Join Date: Jun 2007
Location: Miami, FL
Posts: 25,656
My Mood:
SL Join Date: Dec 2002
Business: ANOmations
Client: Viewer 2
Blog Entries: 18
Send a message via Yahoo to Cristiano Send a message via Skype™ to Cristiano
Quote:
Originally Posted by Myf View Post
He was right, the site was down for an extended period with a 500 error message.
__________________
"Compassion is the radicalism of our time." ~ Tenzin Gyatso



Cristiano is online now   Reply With Quote
2 Users Agreed:
Old 03-12-2011, 05:11 PM   #28 (permalink)
Myf
McMahon
 
Myf's Avatar
a dog in your vineyard
 
Join Date: Feb 2010
Location: Syd, Aust.
Posts: 1,783
SL Join Date: March '07
Business: Myficalities
Client: the one you hate

Awards: 1
Best Ferrari Related Retort Ever 
Quote:
Originally Posted by Cristiano View Post
He was right, the site was down for an extended period with a 500 error message.
Well yeah, but that would have saved him from posting a thread he didn't need...

(off-stage whisper)...

Wait what?

(off-stage whisper)...

He wasn't looking for independent confirmation?

(off-stage whisper)...

Publicizing his blog you say?

(off-stage whisper)...

Oooohhh, nvm then.
Myf is offline   Reply With Quote
Old 03-12-2011, 05:15 PM   #29 (permalink)
Senior Member
 
Polo's Avatar
What the cuss?!??
 
Join Date: Oct 2008
Posts: 4,097
SL Join Date: May 3, 2008
Client: still 1.23 as long as possible
Quote:
Originally Posted by Little Lost Linden View Post
I'm getting the same error. Hopefully all is well. The story was alarming, and with the website down, that makes the story double alarming. Small snipit I was able to catch just before the Herald went down:
“over 1.6 million unique IP addresses connected to various avatars in the database, and geo-location tools to identify real life location of Second Life players monitored by zf Redzone”.
Hopefully, it's just a surge of people trying to get at the scandulous story. Only time will tell, time that only Bill Paxton can predict...
From the A.H. article:

Quote:
As if storing raw Redzone customer passwords is not bad enough, there is apparently a second table that tracks passwords from failed login attempts in the hope users will accidentally enter their Second Life account password. These failed passwords are conveniently displayed on the user profile page of the "Admin Overlord App" as "Possible SL PW(s)".
Nice folks.

And what great publicity for SL itself!!! (O brave new world that has such people in it!)
Polo is offline   Reply With Quote
1 User Agreed:
Old 03-12-2011, 06:15 PM   #30 (permalink)
The Gingerbeard Man

*SLU Supporter*
 
Lewis Luminos's Avatar
Class of '08
 
Join Date: Aug 2008
Location: UK
Posts: 6,750
My Mood:
SL Join Date: 08/11/2008
Business: Club Noir
Client: Firestorm and v2
Blog Entries: 17
Well. Now we know that Redzone tracks passwords, and password "errors" now we know the real reason it's trying to track alts.

How many people use the same password on SL for all their alts? Quite a lot, I'd bet. Crack one and you probably crack them all.
__________________
Club Noir - 24/7 Jazz and Swing


Quote:
Originally Posted by Shiloh Lyric View Post
So, next time we get called a 'viper's nest', I'm going to take that to mean a community full of people who, even through disagreement and argument, are caring, kind, compassionate, accepting and completely awesome. Oh, and not very fond of fools, liars and thieves. I'm pretty proud to be a part of this nest of hive-mind vipers.
Lewis Luminos is offline   Reply With Quote
1 User Said Thanks:
Old 03-13-2011, 03:46 AM   #31 (permalink)
Spooky Talking Toaster
 
Beezle Warburton's Avatar
Spooky eating toast . . . yum yum yum human hand.
 
Join Date: Aug 2007
Location: USA
Posts: 13,442
SL Join Date: October 24, 2006
Client: Frestorm
Blog Entries: 3
Quote:
Originally Posted by Darkley View Post
LLL, the typical SL reporter

Perhaps this will help with perspective:



__________________
Sent from my Keyboard using Science.

SL easily allows you to accidentally your entire pants. -- Adeon Writer

Let me avow you one object that you meliorate pound into your skull pearl: Metric Release PILLS ARE Bastard! -- Some Spammer
Beezle Warburton is offline   Reply With Quote
1 User Agreed:
Old 03-13-2011, 04:57 PM   #32 (permalink)
syncing with reality
 
Couldbe Yue's Avatar
Mixing metaphors, splitting infinitives and dealing with rogue apostrophes
 
Join Date: Jul 2008
Posts: 4,756
My Mood:
SL Join Date: a while ago
Business: Satiated Desires
Blog Entries: 1
Quote:
Originally Posted by Lewis Luminos View Post
Well. Now we know that Redzone tracks passwords, and password "errors" now we know the real reason it's trying to track alts.

How many people use the same password on SL for all their alts? Quite a lot, I'd bet. Crack one and you probably crack them all.
you know, in that mega thread that is only now showing signs of dying, when all the kerfuffle of just why he would be tracking the animator users and all the other drama, not one person thought to make that connection.

very nice catch
__________________
Quote:
Couldbe Yue is offline   Reply With Quote
2 Users Agreed:
Old 03-13-2011, 05:00 PM   #33 (permalink)
collared, owned, content
 
Potosi's Avatar
OCCUPY
 
Join Date: Mar 2011
Posts: 1,067
My Mood:
Client: Phoenix
Blog Entries: 2
Quote:
Originally Posted by Lewis Luminos View Post
Well. Now we know that Redzone tracks passwords, and password "errors" now we know the real reason it's trying to track alts.

How many people use the same password on SL for all their alts? Quite a lot, I'd bet. Crack one and you probably crack them all.
Never even thought of that and I thought a lot about the whole scam going on. Guess it looks like a mix of a protection racket and then stealing from those you were protecting as well.
Potosi is offline   Reply With Quote
Old 03-14-2011, 06:56 AM   #34 (permalink)
The Gingerbeard Man

*SLU Supporter*
 
Lewis Luminos's Avatar
Class of '08
 
Join Date: Aug 2008
Location: UK
Posts: 6,750
My Mood:
SL Join Date: 08/11/2008
Business: Club Noir
Client: Firestorm and v2
Blog Entries: 17
Quote:
Originally Posted by Couldbe Yue View Post
you know, in that mega thread that is only now showing signs of dying, when all the kerfuffle of just why he would be tracking the animator users and all the other drama, not one person thought to make that connection.

very nice catch
I would have posted the idea there myself but I didn't fancy wading through the whole thing. I'm surprised no-one else thought of it though.
Lewis Luminos is offline   Reply With Quote
2 Users Hugged You:
1 User Said Thanks:
Old 03-14-2011, 07:05 AM   #35 (permalink)
syncing with reality
 
Couldbe Yue's Avatar
Mixing metaphors, splitting infinitives and dealing with rogue apostrophes
 
Join Date: Jul 2008
Posts: 4,756
My Mood:
SL Join Date: a while ago
Business: Satiated Desires
Blog Entries: 1
Quote:
Originally Posted by Lewis Luminos View Post
I would have posted the idea there myself but I didn't fancy wading through the whole thing. I'm surprised no-one else thought of it though.

too busy getting excited at tying in the russian mafia and copybotting I suspect.
Couldbe Yue is offline   Reply With Quote
Old 03-14-2011, 01:11 PM   #36 (permalink)
fractal networker
 
infiniview Merit's Avatar
 
Join Date: Jul 2007
Location: seattle
Posts: 1,305
My Mood:
SL Join Date: 4-27-06
Business: Texture Arts
Quote:
Originally Posted by Beezle Warburton View Post
Perhaps this will help with perspective:



Hey what mountain is that?
__________________
Texture Arts Headquarters

http://slurl.com/secondlife/puea/126/10/60/
infiniview Merit is offline   Reply With Quote
Old 03-14-2011, 01:25 PM   #37 (permalink)
fractal networker
 
infiniview Merit's Avatar
 
Join Date: Jul 2007
Location: seattle
Posts: 1,305
My Mood:
SL Join Date: 4-27-06
Business: Texture Arts
On a more relevant note, I find this part which is a quote from an article from one of the links in the link about HBGary security company being hacked by "anonymous". Using a similar SQL injection method.

Quote:
The exact URL used to break into hbgaryfederal.com was www.hbgaryfederal.com is offline. The URL has two parameters named pageNav and page, set to the values 2 and 27, respectively. One or other or both of these was handled incorrectly by the CMS, allowing the hackers to retrieve data from the database that they shouldn't have been able to get.
I found it to be interesting that the url actually used to break in was so short.

--http://www.hbgaryfederal.com/pages.php?pageNav=2&page=27--

I added the dashes as it kept turning into "hbgaryfederal is offline" on preview.

From here. http://arstechnica.com/tech-policy/n...1#comments-bar

Last edited by infiniview Merit; 03-14-2011 at 01:38 PM.
infiniview Merit is offline   Reply With Quote
Old 03-14-2011, 02:49 PM   #38 (permalink)
fractal networker
 
infiniview Merit's Avatar
 
Join Date: Jul 2007
Location: seattle
Posts: 1,305
My Mood:
SL Join Date: 4-27-06
Business: Texture Arts
I will be surprised if someone has not already posted this vid. But just in case here it is. It is pretty funny.

infiniview Merit is offline   Reply With Quote
Old 03-14-2011, 06:14 PM   #39 (permalink)
Spooky Talking Toaster
 
Beezle Warburton's Avatar
Spooky eating toast . . . yum yum yum human hand.
 
Join Date: Aug 2007
Location: USA
Posts: 13,442
SL Join Date: October 24, 2006
Client: Frestorm
Blog Entries: 3
Quote:
Originally Posted by infiniview Merit View Post
Hey what mountain is that?
That would be Mt. Random Google Search Image.

Although the locals call it Hotlinking Hill.
Beezle Warburton is offline   Reply With Quote
2 Users Laughed:
Old 03-14-2011, 06:33 PM   #40 (permalink)
Senior Member
 
Join Date: Feb 2011
Posts: 106
Quote:
Originally Posted by infiniview Merit View Post
Hey what mountain is that?
Ama Dablam - Wikipedia, the free encyclopedia

Number 3 in Google image search for "mountain".
Pete.Olihenge is offline   Reply With Quote
1 User Said Thanks:
Reply

Thread Tools
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Trackbacks are Off
Pingbacks are On
Refbacks are On