PlunderHere and AlsoShop: A Web of Privacy Violations, Backstabbing, and Deceit

[BellisimaJ.]

[quote author=regic link=topic=9139.msg70675#msg70675 date=1213159900]
Recent studies conducted on several small auction site forums indicate that forum signatures with clickable banners are the number one concern of (many) online sellers - outranking such issues as (lack of) sales, (lack of) security, and IDIOT auction site owners who don't have the brains to install SSL certificates.   tolensmiley:
[/quote]



It's the lack of specific braincells which are responsible for "common sense" 101.  tolensmiley:

[sneakymagenta]

[quote author=BellisimaJ. link=topic=9139.msg70687#msg70687 date=1213208288]
[quote author=regic link=topic=9139.msg70675#msg70675 date=1213159900]
Recent studies conducted on several small auction site forums indicate that forum signatures with clickable banners are the number one concern of (many) online sellers - outranking such issues as (lack of) sales, (lack of) security, and IDIOT auction site owners who don't have the brains to install SSL certificates.   tolensmiley:
[/quote]


[/quote]

It would be funny if it wasn't true. :blinkie:

[regic]

6 years later and still no SSL certificate. :twistedevil:

Even if a miracle occurs and Marktard installs an SSL certificate his server will still be at risk of being hacked because he hasn't taken any steps to reduce the most common method hackers use to gain access to Linux/Unix servers: SSH attacks on port 22.

Marktard is using the default SSH configuration with SSH on port 22 which means if he were to look in his logs he would most likely see hundreds (or even thousands) of daily attempts by hackers to guess the SSH password and gain access to the server because most automated hacking tools are set to mount their SSH attacks on port 22.

If Marktard wasn't an IDIOT he would have changed the SSH configuration to use a different port which would reduce the number of hacking attempts and the risk of a successful SSH hacking occurring  by over 90%.

If I were a Plunderhere user I would be more worried by Marktard's failure to secure SSH than I would be by his failure to install an SSL because SSH attacks are A. the most common method of attack and B. once a hacker gains access to a dedicated server through SSH they will most likely have root access and be able to access all data on the server and take control of the server.

more on reducing the risk of SSH attacks
http://community.tuliptools.com/index.ph...479.0.html
http://community.tuliptools.com/index.ph...729.0.html
http://community.tuliptools.com/index.ph...982.0.html

Server Test results

Service type: ssh://
Hostname: www.plunderhere.com
Port: 22
Test performed from: Seattle, WA
Test performed at: 2008-06-15 1929 (GMT -04:00)
Status: OK <---IDIOT ALERT!!!!!
Response Time: 0.195 sec
DNS: 0.001 sec
Connect: 0.095 sec
Redirect: 0.000 sec

Service type: ssh://
Hostname: www.tuliptools.com
Port: 22
Test performed from: Seattle, WA
Test performed at: 2008-06-15 18:56:47 (GMT -04:00)
Status: Connection refused
Response Time: 0.120 sec
DNS: 0.077 sec
Connect: 0.043 sec
Redirect: 0.000 sec

[sneakymagenta]

There will be NO negativity on this site especially when the negativity can't even be proved that its only an assumption. This isn't the first time that someone has judged Mark. Things happen and you just need to accept that! Stop judging people without any facts.

FACT: Mark's site doesn't have a SSL certificate and hasn't had one for 3 weeks
FACT: There isn't a server "tech team" in existence who couldn't install an SSL certificate in under 10 minutes
FACT: Users have had to login using an unsecure http connection that is vulnerable to packet sniffers for 3 weeks
FACT:  For several weeks Mark ignored the fact that the site was hacked and allowed users to access a hacked page that redirected to a hacker's website
FACT: Mark didn't properly notify users of the risk that their personal information had been compromised after the hacking occurred
FACT: Mark hasn't taken, and doesn't know how to take, proper security measures to protect his server against hackers.
FACT: Mark used the same eye infection excuse last summer after his Bidz.org.uk auction site was down for an entire month.
FACT: Plunderhere's mod is a hobby selling, censorship happy, moron who can kiss my blue fins.

[bargainbloodhound]

If Marktard wasn't an IDIOT he would have changed the SSH configuration to use a different port which would reduce the number of hacking attempts and the risk of a successful SSH hacking occurring  by over 90%.

Changing the port is one of the easiest security measures you can take but very few server owners think to do it (possibly because a large percentage of them are idiots like Mark with limited knowledge of either Linux or web server security).

FACT: Mark used the same eye infection excuse last summer after his Bidz.org.uk auction site was down for an entire month.

[sneakymagenta]

[regic]

I always wondered what BAW stood for.  Now I know.  tolensmiley:

[BellisimaJ.]

[quote author=sneakymagenta link=topic=9139.msg70820#msg70820 date=1213647326]

[/quote]

OMG, Sneaky, you bloody outdid yourself! 

[bargainbloodhound]

psst Marktard:
http://www.cpanel.net/support/docs/11/cp...c_ssl.html
http://www.cpanel.net/support/docs/11//w...omain.html

This link might come in handy too :twistedevil:
Windows Copy and Paste Tutorial

[Dixie_Amazon]

[quote author=bargainbloodhound link=topic=9139.msg70839#msg70839 date=1213658776]
psst Marktard:
http://www.cpanel.net/support/docs/11/cp...c_ssl.html
http://www.cpanel.net/support/docs/11//w...omain.html

This link might come in handy too :twistedevil:
Windows Copy and Paste Tutorial
[/quote]Looks like Mark read the links!