Posted on 08/27/2021 8:34:07 PM PDT by rdl6989
Sorry for the vanity. I've seen at least three accounts spamming the forum as if they were automated, very fast.
Yes, I remember that.
Were there at least some foxes there? ;-)
Including the Mother of All Obscene Pics.
The old guy with no teeth and an open backdoor? Yeah. I remember that.
Nothing even Foxy.
What happens on the Internet STAYS on the Internet...
What makes you assume it was easy?
Amen!
Or was a “hack” at all...someone signing up for an account and spamming the site is not a hack. An existing FR user with a terrible password that gets exploited is also not a “hack” of the site.
I can't say for certain, but it appears a few individuals here were duped into re-entering their login credentials through a bogus URL. As someone mentioned, if you're using https logins, I'm not sure that would work as that should prompt a warning message.
But this was several different accounts, all long time FReepers.
This were at least 5 accounts with posts seconds apart. It was a hack.
I missed all the “suspect” posts, so don’t have an additional guess as to the problem. But “long time user” doesn’t necessarily equal “good password”.
https://www.grc.com/haystack.htm
Depends on your definition of “hack” I guess...someone collecting hundreds of Freeper usernames over time and throwing a password cracker at them to get their password then logging in all the accounts they compromised to post rapid-fire (run a script) spam posts is not a “hack of the website” in my book. It a compromise of a weak password. Use more than 11 random digits (no words/names) and include “special characters”.
https://www.grc.com/haystack.htm
It looked like the attack was a spoofed DNS that invited Freepers to login to their fake website server thereby giving up their password as part of the login which the hacker then used to make bogus posts on the real Fresno server.
Possible, but easier to run a password cracker against FR usernames to get their password then use those accounts to spam FR. The FR (”virtual”) server is now in the Dallas area (”Linode”). The old physical server that John R. had co-located in the San Jose, CA area (NTT data center) was retired after NTT closed their data center there.
Agreed. I was responding to the suggestion that someone had set up some new accounts to spread mayhem on FR.
I plan to make my password more complex.
We have an official thread on the subject now:
https://freerepublic.com/focus/f-news/3989769/posts
Yeah, a good password is a good thing...an example:
The PW “lovemomma” can be cracked/hacked in 56 seconds or less...but “lovemomma1$” would take more like 56 years...the power of “special characters”, randomness and PW length, etc..
https://www.grc.com/haystack.htm
My company has tests that rate your password.
They also send out fake phishing emails with bogus links. If you fall for it and click the link, you go back to security training.
Ha! “Remedial security training”...do they serve coffee/donuts?!?
Disclaimer: Opinions posted on Free Republic are those of the individual posters and do not necessarily represent the opinion of Free Republic or its management. All materials posted herein are protected by copyright law and the exemption for fair use of copyrighted works.