i dont want to confirm that sk wouldnt have drawn that swastika new years eve if your site had been open but he may have stopped his kid from using the k word on fortnite
i dont want to confirm that sk wouldnt have drawn that swastika new years eve if your site had been open but he may have stopped his kid from using the k word on fortnite
It may take a while to assess the damage of this site being down NYE.
It broke Tides 10 day sober streak.
I fired off some degen live bets that lost.
Who knows what LoWo was up to.
Someone seems to have actually told Marty that they hacked this site, and it seems he believes it.
However, "hacking" is a very general term and can mean a lot of things. It can range from complete access to all administration and data of the site, all the way down to causing a disruption without actually gaining any access. The latter is typically not referred to as hacking, but sometimes people refer to any malicious action against a site as "hacking".
It is unlikely that an actual "hacker" to PFA would just bring the site down and do nothing else harmful. It is even less likely that someone who successfully hacked PFA would mouth off to Marty about it, moments after theyv'e been done so.
There definitely was a hardware issue. However, I discovered this hardware issue upon power cycling (turning the server off and back on). That problem would not let PFA boot up until it was fixed, which it was last night at around 9pm PST.
Now, is it possible that someone DDoS'd or did something else which caused the site to crash, and then a separate unrelated hardware issue wouldn't let it reboot? Yes. But it's unlikely.
Nobody has logged into root (the admin account) or any other other account on the PFA server, except for me.
My scan for malicious webshell programs (which can give hackers unauthorized access without logging into any account) came up blank. This was how the Russians were getting in for years, until I finally put a stop to it.
My DDoS detection tool, which I wrote myself, did not see any DDoS attempts at the time of the crash (approximately 2:45pm PST, yesterday).
This all looks like bullshit. My guess is that someone saw PFA was getting really sluggish and behaving in an erratic manner, and texted Marty, "I just hacked Druff's site". Then when it went down, Marty was convinced this person took it down.
I do appreciate this person lying to Marty like this, because it did motivate me to check on things like the webshells, which I do periodically but hadn't done in some time because it slipped my mind.
lets move on shall we
thread hijack
Also, I have never presented myself as a systems security expert. I'm not, and I have no formal training in that realm. I am just a programmer, and all the security stuff related to PFA I learned on my own.
Additionally, computer security is always a series of tradeoffs. You do not always want the most secure site possible, because that can interfere with performance and accessibility. You want a level of security appropriate for the type of site you're running.
I would not run a bank website or a real money poker site the same way I administer PFA, from a security standpoint. PFA is not secure enough to run things like that.
However, as PFA does not deal with real money, nor does it hold any personal data besides e-mail addresses and passwords, I can afford to play things a little bit looser. Most notably, I have various third party pieces of software installed on PFA which could allow hackers to breach the system if those software packages are not secure. In fact, our former chat room (the Flash one) was once exploited by Russians to gain access to parts of the system.
When designing a system where security is of the utmost importance, you need to closely vet all third party packages installed, as your security is only as good as their security. With those systems, you often have to skip using third party packages you might otherwise like, due to security concerns. With a site like PFA, you don't have to worry much about that.
With all of that said, given the long history of trolls in this community, plus the long list of poker cheaters/scammers I've exposed over time, there are many people who would like to see this site destroyed. For that reason I do always keep an eye out for security issues here. To my knowledge, the only hackings which have occurred here have not been done by anyone familiar with me or PFA, but rather Russian or Chinese groups looking to take over the server to use for spam, DDoS, or other zombie system type attacks.
Todd there was no 3rd party telling me anything
put this to bed
I apologize for calling out how effortlessly this site can be exploited and/or hacked
Its back up and running now so lets move on shall we
and no Todd
you are not a ‘programmer’ and have no legitimate coding skills other than perhaps basic html
you run a forum template (vbulletin) which I am semi-fluent in as you well know
it kind of annoys me when you posture as a ‘computer scientist’ come on man
AND SO IT BEGINS
also in lieu of tydes post
Not picking a fight I respect Todd and the bs he has to endure to keep this place running while coddling a bunch of sociopathic misfits
It would take me about a week to throw up a forum that would smash the fuck out of this place
I’m just tired of Todd presenting himself as some coding computer master genius
How am I not a ‘programmer’ if I worked doing exactly that for 8 years prior to quitting to play poker?Originally Posted by Tyde
Was I just really good at lying to my bosses about the work I did?
Yes I know you can modify templates. However, you still needed hoser’s help to get your site up, because you weren’t technical enough to do anything besides editing templates.
This site has way way way more features than a standard vBulletin 4. Plus a bunch of other stuff which has been modified which isn’t apparent to the user.
I don’t understand the line you’re taking here. Are you stupid and incapable of reasoning this out? Drunk? Trolling? All of the above?
LOOK AT MY BOYS JUST GETTING AFTER IT NEW YEARS DAY
pablo and pipes get in here lets call sonatine fat and chaps poor zero days off in todgerville
gay and old also works for both of them and also tyde and todge so if you run out of material
with todge specifically i would go after his sentence structure iiiiiiiiiiits annoying
your site shit the bed for almost 6 hours and you blame it on ‘hardware’ come on bro
bump the chico ddos attack thread
was so easy
question:
do you have a cloud server or a literal physical server ?
UH OH
Go ahead and explain the vulnerability you found in this site.
Saying "back door" means nothing unless you are talking about what you did with those "women" in Thailand.
OHHH DANG HE WENT THERE YALL
Well it was nice while it lasted. It seems Marty and Todd are about to come to blows again which will result in Marty being wombat hammered again
There are currently 1 users browsing this thread. (0 members and 1 guests)
Reply With Quote