Holy Moly! Alphaville Herald Down after latest Redzone Discovery? - Page 2 - SLUniverse Forums
Navigation » SLUniverse Forums > Virtual World Discussion > General SL Discussion » Holy Moly! Alphaville Herald Down after latest Redzone Discovery?


General SL Discussion Discuss topics related to Second Life

 
Sponsor:
 PDS HomeSecurity Orb
Reply
Page 2 of 2 1 2
 
LinkBack Thread Tools Display Modes
Old 03-12-2011, 04:57 PM   #26 (permalink)
Myf
McMahon
 
Myf's Avatar
do not fold, spindle or mutilate
 
Join Date: Feb 2010
Location: Syd, Aust.
Posts: 1,243
My Mood:
SL Join Date: March '07
Business: Myficalities
Client: mostly Firestorm

Awards: 1
Best Ferrari Related Retort Ever 
Quote:
Originally Posted by Little Lost Linden View Post
Alphaville just posted a story about the Redzone database being compromised and then went offline with Server 500 errors. Can anyone else confirm?
For future reference...
Myf is online now   Reply With Quote
Old 03-12-2011, 04:59 PM   #27 (permalink)
Hive Mind Director
 
Cristiano's Avatar
Amish Mafia 4EVER
 
Join Date: Jun 2007
Location: Miami, FL
Posts: 23,056
My Mood:
SL Join Date: Dec 2002
Business: ANOmations
Client: Viewer 2
Blog Entries: 18
Send a message via Yahoo to Cristiano Send a message via Skype™ to Cristiano
Quote:
Originally Posted by Myf View Post
He was right, the site was down for an extended period with a 500 error message.
__________________
"For my part, I know nothing with any certainty, but the sight of the stars makes me dream" - Vincent Van Gogh
Cristiano is online now   Reply With Quote
2 Users Agreed:
Old 03-12-2011, 05:11 PM   #28 (permalink)
Myf
McMahon
 
Myf's Avatar
do not fold, spindle or mutilate
 
Join Date: Feb 2010
Location: Syd, Aust.
Posts: 1,243
My Mood:
SL Join Date: March '07
Business: Myficalities
Client: mostly Firestorm

Awards: 1
Best Ferrari Related Retort Ever 
Quote:
Originally Posted by Cristiano View Post
He was right, the site was down for an extended period with a 500 error message.
Well yeah, but that would have saved him from posting a thread he didn't need...

(off-stage whisper)...
Wait what?

(off-stage whisper)...

He wasn't looking for independent confirmation?

(off-stage whisper)...

Publicizing his blog you say?

(off-stage whisper)...
Oooohhh, nvm then.
Myf is online now   Reply With Quote
Old 03-12-2011, 05:15 PM   #29 (permalink)
Senior Member
 
Polo's Avatar
What the cuss?!??
 
Join Date: Oct 2008
Posts: 3,468
SL Join Date: May 3, 2008
Client: still 1.23 as long as possible
Quote:
Originally Posted by Little Lost Linden View Post
I'm getting the same error. Hopefully all is well. The story was alarming, and with the website down, that makes the story double alarming. Small snipit I was able to catch just before the Herald went down:
“over 1.6 million unique IP addresses connected to various avatars in the database, and geo-location tools to identify real life location of Second Life players monitored by zf Redzone”.
Hopefully, it's just a surge of people trying to get at the scandulous story. Only time will tell, time that only Bill Paxton can predict...
From the A.H. article:

Quote:
As if storing raw Redzone customer passwords is not bad enough, there is apparently a second table that tracks passwords from failed login attempts in the hope users will accidentally enter their Second Life account password. These failed passwords are conveniently displayed on the user profile page of the "Admin Overlord App" as "Possible SL PW(s)".
Nice folks.

And what great publicity for SL itself!!! (O brave new world that has such people in it!)
Polo is offline   Reply With Quote
1 User Agreed:
Old 03-12-2011, 06:15 PM   #30 (permalink)
The Gingerbeard Man
 
Lewis Luminos's Avatar
Ginger
 
Join Date: Aug 2008
Location: UK
Posts: 5,904
My Mood:
SL Join Date: 08/11/2008
Business: Club Noir
Client: Firestorm and v2
Blog Entries: 16
Well. Now we know that Redzone tracks passwords, and password "errors" now we know the real reason it's trying to track alts.

How many people use the same password on SL for all their alts? Quite a lot, I'd bet. Crack one and you probably crack them all.
__________________
Club Noir - 24/7 Jazz and Swing
Lewis Luminos is offline   Reply With Quote
1 User Said Thanks:
Old 03-13-2011, 03:46 AM   #31 (permalink)
You look tasty.
 
Beezle Warburton's Avatar
Beeble Bubble Bimbo and Griffer Alt but not a Dog Chewy
 
Join Date: Aug 2007
Posts: 11,202
My Mood:
SL Join Date: October 24, 2006
Client: Frestorm, Imprudence
Blog Entries: 3
Quote:
Originally Posted by Darkley View Post
LLL, the typical SL reporter

Perhaps this will help with perspective:



__________________


SL easily allows you to accidentally your entire pants. -- Adeon Writer
Beezle Warburton is offline   Reply With Quote
1 User Agreed:
Old 03-13-2011, 04:57 PM   #32 (permalink)
syncing with reality
 
Couldbe Yue's Avatar
splitting infinitives and dealing with rogue apostrophes
 
Join Date: Jul 2008
Posts: 4,464
My Mood:
SL Join Date: a while ago
Business: Satiated Desires
Blog Entries: 1
Quote:
Originally Posted by Lewis Luminos View Post
Well. Now we know that Redzone tracks passwords, and password "errors" now we know the real reason it's trying to track alts.

How many people use the same password on SL for all their alts? Quite a lot, I'd bet. Crack one and you probably crack them all.
you know, in that mega thread that is only now showing signs of dying, when all the kerfuffle of just why he would be tracking the animator users and all the other drama, not one person thought to make that connection.

very nice catch
__________________
Quote:
Couldbe Yue is offline   Reply With Quote
2 Users Agreed:
Old 03-13-2011, 05:00 PM   #33 (permalink)
collared, owned, content
 
Potosi's Avatar
OCCUPY
 
Join Date: Mar 2011
Posts: 1,060
My Mood:
Business: The Abonwood Collection
Client: Phoenix
Blog Entries: 2
Quote:
Originally Posted by Lewis Luminos View Post
Well. Now we know that Redzone tracks passwords, and password "errors" now we know the real reason it's trying to track alts.

How many people use the same password on SL for all their alts? Quite a lot, I'd bet. Crack one and you probably crack them all.
Never even thought of that and I thought a lot about the whole scam going on. Guess it looks like a mix of a protection racket and then stealing from those you were protecting as well.
Potosi is offline   Reply With Quote
Old 03-14-2011, 06:56 AM   #34 (permalink)
The Gingerbeard Man
 
Lewis Luminos's Avatar
Ginger
 
Join Date: Aug 2008
Location: UK
Posts: 5,904
My Mood:
SL Join Date: 08/11/2008
Business: Club Noir
Client: Firestorm and v2
Blog Entries: 16
Quote:
Originally Posted by Couldbe Yue View Post
you know, in that mega thread that is only now showing signs of dying, when all the kerfuffle of just why he would be tracking the animator users and all the other drama, not one person thought to make that connection.

very nice catch
I would have posted the idea there myself but I didn't fancy wading through the whole thing. I'm surprised no-one else thought of it though.
Lewis Luminos is offline   Reply With Quote
2 Users Hugged You:
1 User Said Thanks:
Old 03-14-2011, 07:05 AM   #35 (permalink)
syncing with reality
 
Couldbe Yue's Avatar
splitting infinitives and dealing with rogue apostrophes
 
Join Date: Jul 2008
Posts: 4,464
My Mood:
SL Join Date: a while ago
Business: Satiated Desires
Blog Entries: 1
Quote:
Originally Posted by Lewis Luminos View Post
I would have posted the idea there myself but I didn't fancy wading through the whole thing. I'm surprised no-one else thought of it though.

too busy getting excited at tying in the russian mafia and copybotting I suspect.
Couldbe Yue is offline   Reply With Quote
Old 03-14-2011, 01:11 PM   #36 (permalink)
fractal networker
 
infiniview Merit's Avatar
 
Join Date: Jul 2007
Location: seattle
Posts: 1,296
My Mood:
SL Join Date: 4-27-06
Business: Texture Arts
Quote:
Originally Posted by Beezle Warburton View Post
Perhaps this will help with perspective:
Hey what mountain is that?
__________________
Texture Arts Headquarters

http://slurl.com/secondlife/puea/126/10/60/
infiniview Merit is offline   Reply With Quote
Old 03-14-2011, 01:25 PM   #37 (permalink)
fractal networker
 
infiniview Merit's Avatar
 
Join Date: Jul 2007
Location: seattle
Posts: 1,296
My Mood:
SL Join Date: 4-27-06
Business: Texture Arts
On a more relevant note, I find this part which is a quote from an article from one of the links in the link about HBGary security company being hacked by "anonymous". Using a similar SQL injection method.

Quote:
The exact URL used to break into hbgaryfederal.com was www.hbgaryfederal.com is offline. The URL has two parameters named pageNav and page, set to the values 2 and 27, respectively. One or other or both of these was handled incorrectly by the CMS, allowing the hackers to retrieve data from the database that they shouldn't have been able to get.
I found it to be interesting that the url actually used to break in was so short.

--http://www.hbgaryfederal.com/pages.php?pageNav=2&page=27--

I added the dashes as it kept turning into "hbgaryfederal is offline" on preview.

From here. http://arstechnica.com/tech-policy/n...1#comments-bar
Last edited by infiniview Merit; 03-14-2011 at 01:38 PM.
infiniview Merit is offline   Reply With Quote
Old 03-14-2011, 02:49 PM   #38 (permalink)
fractal networker
 
infiniview Merit's Avatar
 
Join Date: Jul 2007
Location: seattle
Posts: 1,296
My Mood:
SL Join Date: 4-27-06
Business: Texture Arts
I will be surprised if someone has not already posted this vid. But just in case here it is. It is pretty funny.
infiniview Merit is offline   Reply With Quote
Old 03-14-2011, 06:14 PM   #39 (permalink)
You look tasty.
 
Beezle Warburton's Avatar
Beeble Bubble Bimbo and Griffer Alt but not a Dog Chewy
 
Join Date: Aug 2007
Posts: 11,202
My Mood:
SL Join Date: October 24, 2006
Client: Frestorm, Imprudence
Blog Entries: 3
Quote:
Originally Posted by infiniview Merit View Post
Hey what mountain is that?
That would be Mt. Random Google Search Image.

Although the locals call it Hotlinking Hill.
Beezle Warburton is offline   Reply With Quote
2 Users Laughed:
Old 03-14-2011, 06:33 PM   #40 (permalink)
Senior Member
 
Join Date: Feb 2011
Posts: 106
Quote:
Originally Posted by infiniview Merit View Post
Hey what mountain is that?
Ama Dablam - Wikipedia, the free encyclopedia

Number 3 in Google image search for "mountain".
Pete.Olihenge is offline   Reply With Quote
1 User Said Thanks:
Reply
Page 2 of 2 1 2

« Previous Thread | Next Thread »
Thread Tools
Display Modes
Linear Mode Linear Mode

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts
BB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Trackbacks are Off
Pingbacks are On
Refbacks are On