What Happened

[twisters sock]

When? might we be able to Access our own group(s) again

I can't tell you that. I reckon we'll all have to be patient.

 

[RoseyK]

I have created a new account since my original account keep denying me from entering. I am fed up with this. Maybe God is telling me to simply leave this place and forget it.

Jim Please don't leave. Things will get straightened out. It just takes time and a lot of prayer.

Paul......praying for you and all of CF.

 

[twisters sock]

Jim Please don't leave. Things will get straightened out. It just takes time and a lot of prayer.

Paul......praying for you and all of CF.

I agree. Throwing a hissy fit and stomping off and leaving isn't helpful, IMO.

 

[sakasamanochou]

Any idea when I'll be able to log in to my real account. I just made this one today as a temporary fix. I would really like to get mine back...

Username: Shirono

 

[Panzerkamfwagen]

Someone set up us the bomb.

 

[LittleLambofJesus]

Eh? Why is this thread showing and not others

 

[davedajobauk]

I would suggest to you that most of us are computer savvy enough to use appropriate AV and anti-malware programs.

I'll also remind you that almost all of us use other websites, including other message boards, where we are not encountering the same problems.

In other words, we aren't all idiots and most members are patiently or with resignation working around the problems. (The log-in problem can be avoided by logging in anywhere but the main page, which seems to be stuck in a loop for many members.)

This suggests that CF itself still has some serious glitches that need looking after. I'm also very sorry to see that some innocent members have inadvertently lost money through Paypal because of CF's problems. Certainly that's the hacker's fault, but CF, IMO, bears some responsibility for not reacting faster and failing to warn members quickly enough.

Thank you for your reply Little Jack in particular for those reminders
re: some folks being more-computer-savvy 'than-others'

There are however a few points you didnt cover too-well

# 1. that not EVERYBODY was subject to similar "hacking"
# 2. that not EVERYBODY experienced even remotely similar problems
# 3. that HTTP.404 ...doesnt have a workaround within a user PC
# 4. that the 'attacked machines' were themselves VULNERABLE

and yes, to bring up the rear... I too visit other-sites with this PC
and yes, presently, they do not suffer similar difficulties to CF

I would again, like to raise my-view
that; the principle cause of CF's problems, was carried-in
by members, with-permission to edit the database
members, whose own machines, had been "hacked"
members, whose ID's had probably then been 'spoofed'

I admit, that I too, have a Paypal account
but it hasnt become vulnerable, in the manner being reported
by several members

Elsewhere, I have read that some members have 'sock accounts'
and that some, may have MANY such accounts
Now, from my heart, I feel that this is something to be abhorred
something, deceitful with this wearing of many clothes of many colours

I am not on the staff of CF
but I see this 'stoning'... of, CFadmin/ tech staff
as unfair and, inappropriate... given the multiple personnas
that perhaps MANY 'christian' members have

Raising another 'possible-cause' [here]
where CF didnt have so much trouble.. prior-to
rule-changes which, then allowed the site
to be opened to non-christians [?]

Disconcerting though these times have been...
CF has struggled
to deal with member's problems and 'stay-afloat'

That, of itself, isnt an injustice
being endowed upon members by CF [?]

dave

 

[probinson]

I'm not looking to attack CF, but as a systems administrator by trade and a forum administrator by hobby, if a website is being affected in any way by viruses and other such malware from user's computers, then the website in question is lacking in appropriate security.

I've been hacked before, but the difference was, I had a disaster recovery plan in place, and I was back online within a day, with NO data loss. That is what a disaster recovery plan is for; disasters. Hackers, server crashes, hardware failures... these are all a part of life in the IT world. But a good, solid disaster recovery plan will help to mitigate these things when they do happen. If anything, this mess has shown us that CF is woefully unprepared with a sufficient disaster recovery plan. Not a slam, just a fact.

Like everyone else, I just enjoy posting on CF, and the events of late have caused me to have some concerns. So rather than take it as a slight against CF, because I do not intend it that way, I hope that the powers that be here at CF have learned from this incident, and are putting the necessary safeguards in place to prevent this from happening again.

 

[davedajobauk]

Hi and thank you probinson


I went shopping witth my lady earlier and was 'offline' for at-least a couple of hours

Upon my return, to the PC, I tried to log-in
and was immediately confronted with the following notice



ChristianForums.com Message
Wrong username or password.
You have used up your failed login quota!
Please wait 15 minutes before trying again.
Don't forget that the password is case sensitive.
Forgotten your password? Click here!

;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;

I complained to the administrator, detailing the 'experience'
and a few minutes later received the reply below

;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;

email from christianforums.com>>>>


Dear davedajobauk, Someone has tried to log into your account on Christian Forums
with an incorrect password at least 5 times. This person has been prevented
from attempting to login to your account for the next 15 minutes.
The person trying to log into your account
had the following IP address: 67.220.204.164
All the best,Christian Forums

;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;

I have [just now] required my ISP to release and renew
the IP address it has assigned for me
and then I ran my Internet Security [antivirus]
which found 1 #file TROJANWARE
and 1# file adware
which I quarantined ready for forwarding


As I did a clean-up, prior-to, my shopping trip
I have-to agree that by hitting the sign-in page
my PC was boarded, by malware

As a member of the Spynet Community, I feel it is my duty
to bring this matter out into the open [for investigation]
and... that my 'personal-appraisal'

That, of itself, isnt an injustice
being endowed upon members by CF [?]

may indeed have been an error of judgement [given this personal hindsight]


salutations

dave

 

[hollowgram]

Dave you can find out your own IP address immediately by going to this website:

whatismyip -dot- com

It will tell you your own when you get there.

(don't have enough posts to post links yet, sorry)

 

[LittleLambofJesus]

Dave you can find out your own IP address immediately by going to this website:

whatismyip -dot- com

It will tell you your own when you get there.

(don't have enough posts to post links yet, sorry)

Try this one also

Find out your IP Address - IP Security Portal

 

[davedajobauk]

Thank you both... I have checked my present IP [anonymous]

I also checked the IP of the user that tried to log-in as myself
and also found it to be untraceable under 'whois'

Of course, the hacking 'user' will appear to be legitimate to the server
and the hacker... will also have the ability to vary his/her IP
with every 'hit' ~ mirroring legitimate members

smart card keys might provide some additional protection [here]

again my thanks for your willingness to be of help



dave

 

[LittleLambofJesus]

Thank you both... I have checked my present IP [anonymous]

I also checked the IP of the user that tried to log-in as myself and also found it to be untraceable under 'whois'

Of course, the hacking 'user' will appear to be legitimate to the server and the hacker... will also have the ability to vary his/her IP with every 'hit' ~ mirroring legitimate members

smart card keys might provide some additional protection [here]

again my thanks for your willingness to be of help



dave

Have the Authorites been contacted concerning it?
I am sure they have very sophisticated ways of tracking IPs but not sure.

 

[RoseyK]

Now reading this......do we all have to contact the authorities when this happens......or is this a class action suit.

do we have anyone on CF that is a lawyer or familiar with internet security?

 

[newtaste]

ChristianForums.com Message
Wrong username or password.
You have used up your failed login quota!
Please wait 15 minutes before trying again.
Don't forget that the password is case sensitive.
Forgotten your password? Click here!

That is the same ip address that was on the email i got from CF.

 

[Chaplain David]

Dear davedajobauk, Someone has tried to log into your account on Christian Forums
with an incorrect password at least 5 times. This person has been prevented
from attempting to login to your account for the next 15 minutes.
The person trying to log into your account
had the following IP address: 67.220.204.164
All the best,Christian Forums

salutations

dave

I got some IP info on that address. Here you go.

IP 67.220.204.164

OrgName: WebNX
OrgID: WEBNX
Address: 530 W. 6th St Suite 701
City: Los Angeles
StateProv: CA
PostalCode: 90017
Country: US

ReferralServer: rwhois://clients.webnx.com:4321

NetRange: 67.220.192.0 - 67.220.223.255
CIDR: 67.220.192.0/19
OriginAS: AS18450
NetName: WEBNX
NetHandle: NET-67-220-192-0-1
Parent: NET-67-0-0-0-0
NetType: Direct Allocation
NameServer: NS1.WEBNX.COM
NameServer: NS2.WEBNX.COM
Comment: WebNX - Los Angeles Premium Dedicated Servers & Colocation - WebNX
RegDate: 2008-01-11
Updated: 2009-02-26

RAbuseHandle: ABUSE1832-ARIN
RAbuseName: Abuse
RAbusePhone: +1-800-840-5996
RAbuseEmail: *****@webnx.com

RNOCHandle: NOC2920-ARIN
RNOCName: NOC
RNOCPhone: +1-800-840-5996
RNOCEmail: ***@webnx.com

RTechHandle: TECHS71-ARIN
RTechName: Tech Support
RTechPhone: +1-800-840-5996
RTechEmail: *******@webnx.com

OrgTechHandle: DPA132-ARIN
OrgTechName: Pautz, Daniel
OrgTechPhone: +1-800-840-5996
OrgTechEmail: ***@webnx.com

# ARIN WHOIS database, last updated 2009-04-19 19:10
# Enter ? for additional hints on searching ARIN's WHOIS database.

 

[Bombila]

Hi and thank you probinson


I went shopping witth my lady earlier and was 'offline' for at-least a couple of hours

Upon my return, to the PC, I tried to log-in
and was immediately confronted with the following notice



ChristianForums.com Message
Wrong username or password.
You have used up your failed login quota!
Please wait 15 minutes before trying again.
Don't forget that the password is case sensitive.
Forgotten your password? Click here!

;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;

I complained to the administrator, detailing the 'experience'
and a few minutes later received the reply below

;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;

email from christianforums.com>>>>


Dear davedajobauk, Someone has tried to log into your account on Christian Forums
with an incorrect password at least 5 times. This person has been prevented
from attempting to login to your account for the next 15 minutes.
The person trying to log into your account
had the following IP address: 67.220.204.164
All the best,Christian Forums

;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;

I have [just now] required my ISP to release and renew
the IP address it has assigned for me
and then I ran my Internet Security [antivirus]
which found 1 #file TROJANWARE
and 1# file adware
which I quarantined ready for forwarding


As I did a clean-up, prior-to, my shopping trip
I have-to agree that by hitting the sign-in page
my PC was boarded, by malware

As a member of the Spynet Community, I feel it is my duty
to bring this matter out into the open [for investigation]
and... that my 'personal-appraisal'



may indeed have been an error of judgement [given this personal hindsight]


salutations

dave

Does this experience suggest to you that it might behoove you to refrain from tossing out accusatory insults regarding the integrity of non-Christian members such as myself?

Raising another 'possible-cause' [here]
where CF didnt have so much trouble.. prior-to
rule-changes which, then allowed the site
to be opened to non-christians [?] - davedajobauk

 

[matilda1991]

Anybody notice that the times of our messages are off by about 4 hours? How weird is that?

 

[pgp_protector]

Anybody notice that the times of our messages are off by about 4 hours? How weird is that?

Check your time zone settings
http://www.christianforums.com/profile/options/

Bottom of the page "Date & Time Options"

 

[Pauler]

the ip issue being talked about was a server-side error. somehow when a user came to the site the load balancer was registering everyone's ip as 67.220.204.164...so when someone would put in their information, vbulletin would read it as only one person trying to access the site using multiple passwords...

i think all of this is figured out now, and there shouldnt be anymore login issues.