[20:45] Skilgannon: yeah, so anyway, once I've had me tea and that, I need to talk to you
[20:45] Skilgannon: later
[22:03] <bobtbushwhacker stopped playing Urban Terror>
[22:19] Skilgannon: are you actually not there? or are you just hiding again?
[22:19] Skilgannon: :P
[22:21] BobT.: nope I'm just hiding
[22:21] BobT.: actually making dinner so I'm back and forth.... feel free to talk but I might take a bit to respond
[22:21] Skilgannon: kewl
[22:21] Skilgannon: kk
[22:21] Skilgannon: well what I wanted to talk to you about was this:
[22:28] BobT.: are you ever going to finish typing?
[22:28] Skilgannon: in a min
[22:28] BobT.: jeez lol
[22:29] Skilgannon: Deus Ex and UrT clan [RTK] have been having problems with getting hacked lately. There's this guy named Batch, and he's hacked them on at least two seperate occasions and defaced the boards and the like. He has this nasty habit of finding an inactive account, hijacking it, hacking into the admin cp, awarding it admin rights and doing all sorts with it. I have a suspicion he's even managed to hack into one of the admin accounts there, as I received a pm from one of them, which they said they never sent. Problem is, no one can catch the bastard as he uses proxies and the like, and even though the clan have sent mails to his ISP (I think they managed to get his actual IP once), they never got any response. Needless to say, they're getting a bit fed up all in all. So, I mentioned I knew someone who might be able to help, you. I didn't drop your name of course, so if you don't want to help, that's all well and good, but I thought maybe you might be able to create them a section on the ******* site, or if you don't want to risk that, then maybe make a new one altogether (if you can do that). I only mention it cos you've said yourself that the ****** site is pretty secure, so maybe you might be able to help them create something this guy can't touch.

Anyway, up to you in the end.
[22:31] BobT.: the ******* site is secure because of the software I run on it... the Joomla wrapper that I use isn't brilliant but then it doesn't do much really... the forum itself is Invision which is practically uncrackable apart from brute-force hacking... unlike a PHPBB forum or whatever.
[22:32] BobT.: the trouble with giving away any space is that my website host (separate to the server hosts) can only take 1 domain being registered to it so I would need to set them up on one of the game servers and that puts those game servers at risk
[22:32] Skilgannon: Couldn't you make them a section in the forums? That's all they need
[22:32] BobT.: I would need to know a hell of a lot more before I could do anything like that.... how is this guy hacking them... what code are they running... etc
[22:34] Skilgannon: Ok, well I could try and get you in touch over XF with their leader Jima, I dunno how much he knows in that respect, but he can get it off the others who do (KillingMachine and REDFIRE)
[22:34] BobT.: brb mate... food is cooking.... let me think about this one anyway
[22:34] Skilgannon: kk
[22:35] Skilgannon: if you want to see thir forums your self the addy is www.readytokill.net
[22:52] BobT.: I'm not sure this is a good idea on a few fronts mate.... firstly the BEST thing these guys can do is to switch from PHPBB and they can do that just as easily on their own server.... they just need to download IPB and get it installed... unfortunately unless they're willing to pay $150 then you need to do it illegally. Secondly if I were to host their site... even on IPB.... the next move for anyone trying to piss you off is a DDOS attack on the site/server and although my hosting company have some good hardware locks in place, if they detected one of my sites was receiving a DDOS they would quite possibly shut the server down and even discontinue my hosting.
[22:53] BobT.: they just need to get off PHPBB mate... a 10 year old could hack it with a few hours spent on the right sites.... there are NO sites for hacking IPB
[22:54] Skilgannon: well they used to be on IPB before the guy that made the boards threw a 5 year old's tantrum adn deleted them
[22:54] Skilgannon: so basically then, a big emphatic NO
[22:54] BobT.: I would consider hosting it if it weren't on PHPBB... but if they did move from that then they might as well still host on their own server
[22:56] Skilgannon: well, asll I really was asking was something like **************** -> [RTK] -> their various forum sections. But that could as you say, lead to a DDOS attack on the ****** site, not something we want.
[22:56] Skilgannon: since no-one's on atm in relation to RTK, I'll pass the news on tomorrow morning
[22:57] BobT.: ok give me a sec to answer that last one properly when I've finished me fud
[22:57] Skilgannon: lol k
[22:57] Skilgannon: I also want to ask, what's the diff between Denial of Service, and DDOS. but I'll wait. :)
[22:58] BobT.: same thing... never worked out what the other D is for myself lol
[22:58] Skilgannon: lol ok
[23:04] BobT.: ok so yes I could put their site on my website hosting account... they would get an url of something like www.************.com/RTK/ or something.... the problem there is that as I mentioned before... I am NOT willing to pay the $150 fee for IPB
[23:05] Skilgannon: you're still misunderstanding me though
[23:05] Skilgannon: I mean, make them a section in the forum that already exists
[23:06] BobT.: yes I know what you meant mate... not sure that is a way I would like to go about it though
[23:06] Skilgannon: ok then
[23:07] Skilgannon: thing is, general opinion of this guy is he's a script kiddie, but there could be a thrid party behind him as well trojn proxying through him
[23:08] BobT.: have these guys tried everything they can on their current setup is what I'm wondering?? there are installs of PHPBB that are WAY safer than the standard download... have they been to their hosting company to get them to put measures in place to stop this guy?... do they know about Apache protected folders and have they put that in place on the /admin folder of their site?... it's a very quick edit but it's virtually impenetrable
[23:08] Skilgannon: I have no idea
[23:09] Skilgannon: problem with finding out is KM hates XFire, and RED only has MSN, and you don't like MSN
[23:09] Skilgannon: :)
[23:09] BobT.: no well I can't actually use MSN on certain accounts now for my own protection lol
[23:09] Skilgannon: and again, this guys been known to hack Msn pwds, so no guarentees you'd be talking to who you think.
[23:09] Skilgannon: lol why>?
[23:09] Skilgannon: :D
[23:10] BobT.: don't want to know mate.... let's just say I have a few friends who have had their computer equipment examined very carefully lol
[23:10] Skilgannon: aaaah, k
[23:10] Skilgannon: :)
[23:11] BobT.: but again.... hacking MSN accounts isn't even script-kiddie territory.... if I still had the links I could send you to sites that would give you step by step instructions for it
[23:11] Skilgannon: hmm
[23:12] BobT.: this is the trouble with using mass-market software
[23:12] Skilgannon: microshit aren't known for their secure programs really :)
[23:12] BobT.: it's not really the program tho... it's because they're linked to the webmail accounts that causes the problem
[23:13] Skilgannon: what about invis free? how secure is that?
[23:14] BobT.: do you mean getting a copy of invision 1.3 (which is now technically open source) or using one of the free forum hosting sites?
[23:14] Skilgannon: just thinking back a bit, I know that some of the guys (Jima and KM I think, poss RED) are paying to get hosted, so they might be able to scrounge 150 bucks together
[23:15] Skilgannon: uh, dunn, whichever m8
[23:15] Skilgannon: dunno*
[23:16] BobT.: well it's not legal to SHARE invision 1.3 so getting hold of a copy is nigh-on impossible... but using a free forum hosting site with ANY board code is one of the most secure ways you can go.... after all they host 100's or 1000's of forums so they make certain that their code is unbreakable
[23:17] BobT.: also... it's not a problem of paying for IPB... they can download a copy on eMule no problem... but if they download it and install it on their own server this guy will not be able to do anything against them..... unless he's getting in through the hosting account itself... in which case they need to speak to their host
[23:18] Skilgannon: the only people who can tell you that kind of stuff is the admins, I'm only a user. :)
[23:19] Skilgannon: Only thing I can suggest is either look for their UrT server (it's a CTF), and see if any of them are on, or go to their forums and ask to speak to them. I really don't want to see them go under is all, they're really all a bunch of great guys
[23:19] Skilgannon: although a couple fo them are expressing maybe that the clan has lived its life
[23:20] BobT.: no that's cool mate and I WILL help in any way I can... I just don't want to put ******* in the firing line in the process is all
[23:20] Skilgannon: that's fair enough
[23:21] BobT.: well you'll see them before me so pass on this information.... the first thing they need to do before anything is to put in place .htaccess protection on their /admin folder... that will stop anyone getting into their admin panel without that password and it's a HELL of a lot more secure than PHPBB's password system
[23:21] Skilgannon: ok mate
[23:22] Skilgannon: but I don't really have a secure way of doing that
[23:22] Skilgannon: I don't trust their PM system (for obv reasons) and both Jima and Kiri have gone to bed
[23:23] BobT.: it doesn't matter who sees that message mate.... the hacker can read it all he likes and you can just dangle your balls in his face with it.... .htaccess protection is uncrackable except for brute-force hacking and you would hope that their hosting company have that covered
[23:24] Skilgannon: aye, but if he sees it first, then he could do and then they're royally fucked
[23:24] BobT.: no you need access to the hosting account to do that... it's not a function of the forum itself
[23:25] Skilgannon: oh ok then. I'd need to find out who that is first. Might be KM.
[23:25] Skilgannon: is it ok, if I copy this whole chat log and give it to him as well
[23:25] Skilgannon: better to give the whole info
[23:25] BobT.: yeah no problem mate
[23:25] Skilgannon: cool
[23:26] Skilgannon: will do when we're done