RO Been DDOS'ed


#61

At the moment, it looks like JG is playing Pin-The-Petal-On-The-Tulip, but it might turn into Pin The Tail On The Donkey … or Elephant … or Bear … or…


#62

How about pin the 12-guage-driven rock salt on the tail of the- uhm, tail (to put it delicately) who’s responsible…


#63

[quote=“BobJam, post:49, topic:43330”]
You need to know what’s going on with your machine.
[/quote]BobJam, just now I turned my computer back on after having it turned off for a couple of hours. When I went to sign in to the system, the box where I would normally type in my password, was filled up with dots from one end to the other, as if I had already typed in a password (the world’s longest password). I deleted the dots, they returned. After the fourth time or so, I heaved a sigh and picked up the phone to call good ol’ AT&T. Before I even dialed, the dots disappeared. this was a tad spooky–like “someone” had “seen” me pick up the phone.

My McAfee, which I’ve had about two months, recently reported that it had repelled tens of thousands --I can double check the latest exact number-- of “potentially unwanted connection attempts”. it may have been even over a hundred thousand, would have to check. seems like a lot to me. is it?


#64

Try malware bytes if you can find it. It’s a good program to see if anything might have slipped past McAfee. It’s free.


#65

If you didn’t log off of RO, it’ll remember you every time you get on the site. As to the dots reappearing, new one on me. Might have been some temporary glitch. That’s one problem with hostile issues; there are so many false alarms that it’s hard to know sometimes when it’s the real deal.


#66

[quote=“Fantasy_Chaser, post:65, topic:43330”]
If you didn’t log off of RO, it’ll remember you every time you get on the site. As to the dots reappearing, new one on me. Might have been some temporary glitch. That’s one problem with hostile issues; there are so many false alarms that it’s hard to know sometimes when it’s the real deal.
[/quote] I should have clarified: when I said, “sign into the system” I didn’t mean RO. I always log off RO when I leave it for any length of time and certainly when i’m going to actually turn off my computer. this oddity happened when I was logging into my own computer, of which I am the administrator and (I hope) only user.


#67

I don’t have McAfee, I have AVG which is also free. I downloaded Malware Bytes and is running a scan as I type these words. Thanks, tperkins!


#68

[quote=“patriciareed, post:63, topic:43330”]
BobJam, just now I turned my computer back on after having it turned off for a couple of hours. When I went to sign in to the system, the box where I would normally type in my password, was filled up with dots from one end to the other, as if I had already typed in a password (the world’s longest password). I deleted the dots, they returned. After the fourth time or so, I heaved a sigh and picked up the phone to call good ol’ AT&T. Before I even dialed, the dots disappeared. this was a tad spooky–like “someone” had “seen” me pick up the phone.

My McAfee, which I’ve had about two months, recently reported that it had repelled tens of thousands --I can double check the latest exact number-- of “potentially unwanted connection attempts”. it may have been even over a hundred thousand, would have to check. seems like a lot to me. is it?
[/quote]No, not really . . . because each detection is not necessarily from a unique source. IOW, the same source could have made several penetration attempts.

Typically, hackers don’t just make one try and then walk away if it doesn’t work.

Plus, was it over a two month period for which McAfee was reporting these numbers? It’s not unusual for a hacker (“cracker” is more accurate, actually) to come back and try again after an unsuccessful try the first time.

For a two month period, that’s not unusual at all.

BTW, on your mysterious password/“dot” appearance and disappearance, I would definitely change ALL my passwords . . . email accounts, etc. That may just be paranoid security freak “me”, but it might be prudent.

Tedious to do? Yes. Worth it rather than having your identity stolen or having your machine hijacked and used as a bot? Probably, but ultimately it’s your call.

Between the extremes of caution and blissful ignorance, there is some comfort point, which will be different for everyone. I choose to run some risks, if they entail compensatory advantages, while avoiding others.


#69

None taken, and if I were part of that scene I’d take “lively” as a compliment :stuck_out_tongue:

There are actually two “rates” for email address lists.

The higher rate is for those email addresses where the account holder has recently responded, thus indicating an “ACTIVE EMAIL ACCOUNT”. (IOW, you pay more for an “Active email account”).

Active? Response? That could be just clicking on the “unsubscribe” link. Very often, that “unsubscribe” link goes right back to the spammer and he/she puts you on their “Active email account” list and can sell THAT list for more than a list of email addresses that haven’t been confirmed to be “active”.

That’s why it’s often not prudent to click on that unsubscribe link in that Newsletter you never heard of and that you don’t remember soliciting. By doing that, you’re telling the bandit that your email address IS ACTIVE. Just delete it, and DON’T respond to it.

I was talking about gaining access to an account, not buying a list to be used for sending spam out to or whatever, but all true as well.

This is why you should do things like monitor your network activity (there’s a bunch of free software out there that will do this . . . Linux comes with some of those tools built into the system). If you’re on line but not communicating with the network and your network activity is “high”, that’s a red flag that you need to look further. There may be an explanation (like a download you’re doing), but you need to look into it.

Firewalls are NOT 100%. Neither are antivirus programs. Actually, there’s no such thing as 100% security, unless you encase your machine in concrete and never get on the Internet.

If you’re computer is unusually slow while on line, THAT’S a red flag. Again, there may be perfectly benign explanations (like poor housekeeping), but you need to look into it.

“Botnets” are created when a bad guy hijacks your machine to use it, and others he’s hijacked, as the “source” of attacks or criminal activity. That list of Citibank account numbers that were hacked may be traced back to YOUR COMPUTER. When the FBI comes crashing through your door (admittedly melodramatic, but it DOES happen), you’re going to be nervously explaining to them that you “DIDN’T DO IT”.

You need to know what’s going on with your machine. I’m not suggesting everybody needs to turn into a paranoid security freak like me, but you need to know the basics if you want to drive these things responsibly.

Having a serious firewall (that asks permission every time a program you haven’t set as trusted tries to send/receive data) and network activity monitoring are definitely necessary. From what I understand, even “professional” AV programs (I have the latest Kaspersky, for example) are easy enough to circumvent for skilled hackers.

Speaking of Linux, been a while since I’ve used it and now I’m thinking of giving it another go… since you mentioned it, do you use it at the moment and if so what distro?


#70

I was checking, “Who’s Online.” The only ones who weren’t “viewing index”, (and familiar to us all), were "registering."
Besides being unfamiliar usernames, they were an odd mixture of letters and numbers, which is generally a dead give away of a spammer or a bot.

(Oh, m’gosh! I actually knew something about computers!)


#71

[quote=“Volk, post:69, topic:43330”]
Speaking of Linux, been a while since I’ve used it and now I’m thinking of giving it another go… since you mentioned it, do you use it at the moment and if so what distro?
[/quote]Short answer: Been using it for a coupla’ years now . . . maybe since 2010, and DO still use it. The distro I use is Ubuntu. Tried Mint, and it’s touted as a better distro for those that have been Windoze junkies for a long time. IOW, it’s supposed to be better for transition. That may be, but I didn’t like it. Went back to Ubuntu, and am currently using Ubuntu 12.04.3 LTS (“Long Term Support”).

Now for the long story . . . I mean, you didn’t think a windbag like me was going to forego the long story, did you? (~grin~)

Seriously, this is for those that are thinking about dumping Micro$oft and switching to Linux . . . I’m sure you know a lot of this.

When I was using Windows, I got pissed off when Microsoft pushed out IE8 as a security update WITHOUT notifying me first. I don’t necessarily disagree that IE8 was a security update, but I had “Notify me first” checked in my Automatic Updates so that I could selectively choose which updates I wanted. Microsoft was notorious for distributing buggy updates, and I liked to wait a few days (and I never got hit by any Zero day exploits by doing that) and check around on some forums (Ask Woody, for example) and see if anybody had any trouble with an update.

I remember there was an update that conflicted with Zone Alarm users and entirely disabled their ability to get on line.

Anyway, they pushed out this IE8 update without even allowing my Automatic Update selection of “Notify only, but don’t download” to apply. It just flat out appeared. That to me was like the spyware concept . . . installing something without the user’s knowledge. I want to know everything that’s going on with my machine . . . I don’t want anything installing without my permission. (BTW, UAC or a LUA wouldn’t have stopped that).

In response to complaints about that (Windows Secrets Newsletter had a feature on the controversy), Microsoft first made the lame excuse that it was such a critical security update that they decided to push it out. When that excuse didn’t fly, they switched their story to say that it was a server malfunction.

That really infuriated me, and prompted me to get rid of the 500 pound gorilla.

Ubuntu was rocky the first few weeks, and I was tempted to go back to Windows. But I’m glad I stuck it out.

At first I was using the Ubuntu GUI about 80% of the time and the command line only 20% of the time. That command line can be pretty intimidating to someone used to point-and-click. Now it’s the other way around . . . command line 80% of the time, GUI 20% of the time. I’m by no means a 'nix expert, but at least I’ve thrown off the Microsoft yoke completely and can get around reasonably well in 'nix.

A big part of the transition was getting out of the Windows way of thinking. For example, there is no such thing as .exe files in 'nix. There are indeed executables, but they have no extension.

And in Windows I used to install stuff just by double clicking on a setup.exe file. Not so in 'nix. They have what they call “packages”, and they can be in various formats. There’s .deb packages that can just be double clicked like setup.exe’s on Windows, all the way to compiling source code and installing that way. In between are RPM packages and .tar packages (“tarballs”) and a lot of others.

The advantage is that it’s all Open Source and can be tweaked by any user . . . the disadvantage is that because of small market share there aren’t as many selections for apps. While 'nix has analogs for most Windows apps (like “gedit” is the 'nix version of Notepad, Open Office works well in lieu of Microsoft Office, and “Nautilus” is the 'nix version of Explorer file manager), there are a few apps that don’t cross over to 'nix.

Some will work in Wine, but I tried that and it was far too buggy for me.

For example, in Windows I used Quicken a lot for my finances. While 'nix has plenty of Financial Management apps, it doesn’t have anything with all the Quicken functions, (I guess Intuit is in bed with Microsoft, because they’re one of the few that doesn’t have a 'nix version). So I use my Windows VM for Quicken. I also use it for visiting questionable sites for WOT ratings (“Web of Trust”, similar in some ways to McAfee Site Advisor, except it’s community sourced instead of a bot). In it I use Sandboxie (another app that doesn’t have a 'nix analog) too. So when I’m in the VM, I basically have double protection . . . Sandboxie and the VM itself. More than once I’ve been glad I had those.

Linux users are pretty smug about infections, claiming 'nix is invulnerable to a virus. Not so! Granted, there are just a few exploits of 'nix out there, but they ARE there. As far as I’m concerned, there is no OS that is immune to exploits. There is an Avast version for 'nix, and I scan with it now and then. Mostly to get rid of any Windows exploits so I don’t pass on infections via email to my Windows friends.


#72

I need to be able to copy a picture into a lightweight image program (like Irfanview), crop the exact portion of the image I want to use, then paste it into a processing document. I do this all the time when making handouts, tests, etc. I can do this entire sequence in about 10 seconds in Windows. Takes like 5 minutes in Linux. There just isn’t anything like Irfanview for Linux. It was a deal breaker, but I do like Ubuntu for my miscellaneous other computers.


#73

Linux is just a good OS to use if you are just browsing the web. I actually have it(Ubuntu) on a 16GB flash drive that I carry with me.


#74

You could run it on Linux via wine.

[IrfanView] Installation on your Linux machine


#75

Yeah, some of them are alphabet soupy, others have other telltales that I’m not going to go into in open forum. Let them guess what I’ve figured out…


#76

One of the names (Letters and numbers) screamed “troll.” I’ll tell you about it privately, in case you didn’t notice that.


#77

I did notice that this site was down for about 16 hours or so, but my computer skills are so good my computer is heavily protected, and my brotherinlaw works for the department of defense in IT (computer genius) and I asked him about it and said there’s something going on, but he can’t talk about it because of their strict policy. He’s a constitutional conservative by the way. He would speak up if he knew something fishy was going on that they couldn’t address or were choosing to turn a blind eye. He said this isn’t uncommon.


#78

I PM’d John a month ago and said I’d consider paying for a website or one that was better all around security/graphics/accessability/ and perhaps even expand RO to more of a community outreach program type of site that does more than just allow other conservative to post to one another. He linked me with a donation page where the max donation was like $100.00 and I said to myself, really? I just volunteered to give you lot’s of money for a mega site and you just want a $100 donation. So i took that as they aren’t big thinkers here, so I passed. If there was a reason or a serious NEED I would find someway to help. Maybe not immediately, but I always keep my word. That’s something you guys don’t know about me.

Think it over again John. PM me any time if you start developing ideas. I know many here are struggling financially. However, many here are strong conservatives and are the types that will fight for what they believe. They come from that generation. I do also. If you wanted a better site with more to offer it’s members you could get it. I’d help. All you have to say is you open to it. It can also be worked out were you aren’t responsible for updating anything and do hardly any work, because we pay a small fee for a company to do that for us.


#79

Also, if anybody else has any ideas on better site templates like word press (just an example!) that would allow this site to go from taking a giant step back words to 3 steps forward post them publicly. Johns word is ultimate, but I’m sure he’s not against hearing what you have to say. Why do you think this site exists?

This would be the first thing to do is beef up security by upgrading what the site operates on. If there’s a cost on that let me know. I’m very serious. If there’s a away to transfer specific thread titles and top sections to this new template that would be worth finding out and if you need help I can devote time to do that. There’s some threads that perhaps you want to get rid of and many you’d want to keep. You can delete all of my posts and I will start posting normally and seriously like I do in the faith and beliefs thread. I’ve been messing around lately, but I can stop and will stop and get serious, because I take these issues just as serious as VHS. We can start focusing on the upcoming elctions and I’m very good at finding and creating topics, but was just waiting for the right time to do it. I can create attracting blog entry’s that show up on front page that will grab lot’s of attention and new smart posters like yourselves. Patricia just posted a great one and could likely do more. If Bobjam can do single space he has the genius brain to do some. CT has great writing skills and can do something of her choosing that is on her heart. FC can post clams all over the front page if he wants to. Just kidding!!! :slight_smile: All of us as a team can really get a site that has a history to be 10 times better if we had access to a better site. I could pay to advertise it. Or if there is a direct way to contribute to the site where I know the money is going to the needs rather than the pocket books I can pay something monthly.

Or if we can upgrade the current site and all it lacks is money I can do that. One thing I don’t understand is how we can have 2,855 members and only 10 posters posting? Something isn’t right and I know it can’t be just me. I see issues with the layout of the thread sections here at RO some are pretty much inactive. We need many more blog entry’s. More current news even if we have to weed through the inaccuracy’s, which we all know the issues with the main stream media outlets. With some trimming and some active moderator work and feed back from active members on possible improvements this site could make huge strides that way alone. Then we start thinking about other areas to branch.


If you wanted to branch out after RO grows and becomes very active,

I just opened and helped co-found a non profit Christian singles group. Not a dating group, but a group to reach christian singles and fellowship for people of all ages. That group now has the option to receive hundreds of thousands of dollars in grant money every year and $10,000 in free advertising every year from google. If we got serious we could become a non-profit organization it would have to legally be separate from RO politically, but we might help people in need like a charity organization, or partner with a church or churches once we get enough members and make an impact in everybody’s community or raise donations for a specific cause. These are just a couple of many examples out there. People are going through tough times and if we can make a difference from our own homes and have just a couple reps from RO step up and meet or call these people we want to help we could make a huge difference. It can be done cheaply. I know a guy that would file and get us nonprofit status for $1,200.00 That’s a cost i could pay. That’s very cheap, and he’s a christian and has had tons of business and success with 501c3’s.

I think this could be pretty fun to brain storm, and is quite realistic. Grant money can be used for salary’s, but the rules are they have to be reasonable. I’m sure people here wouldn’t mind some extra cash and work/job.

What do you guys think?


#80

It exists because it does.