Why the fascination with Kimmer? #16

[samredman]

Quote:

Originally Posted by Barbara B

Yes, Sam, I have seen that you have been on many tech boards. I thank you for your explanation of what probably happened. I'm guessing it was done by someone who's "shy" and not computer savvy, right? I'm sure you can decode that.

I think you will find that it is someone who does this routinely, who had no connection to this site or the kimkins saga. And yes... whomever they bought their hack from would have been quite computer savvy, but not necessarily the hacker himself (or herself).

[MomToEli]

Quote:

Originally Posted by samredman

I think you will find that it is someone who does this routinely, who had no connection to this site or the kimkins saga. And yes... whomever they bought their hack from would have been quite computer savvy, but not necessarily the hacker himself (or herself).

What, exactly, do you base that surmise on?

[cleochatra]

I am in no way affiliated with any of this all in here, but I have belonged to several low-carb boards, all of which have been hacked. Back when I was at ADBB, that place was hacked regularly. We had a lot of the same things happening then that are happening to jimmy's board now. That was a vbb board, too. (I think Sherrie's board has also been hacked)

I'm not siding with anyone--definitely hackers are out looking to nail boards. I'm thinking this is in direct correlation to missing out on their dates with Elle MacPherson, which really equates to a few quiet moments in a restroom with a magazine, and Mrs Widow and her four finger children.

[samredman]

MomtoEli asked:

Quote:

What, exactly, do you base that surmise on?

I have been hacked on my own sites probably fifty times in the past ten years... many times I have had that immediate reaction that it must be an enemy of mine.... but after lots of investigation they always turn out to be these robotic devices which look for server software with known security "holes." Then the hack is done by someone who has the exploit to go manually to your site and do the "harvesting." These exploits are sold on the warez sites and there are new ones offered everyday. Go to the phpbb site... and you will see that threads on this subject are the most active (as with any php software site). So... it's just experience doing the "surmising," nothing else. Do a google search for these four terms at the same time:

sam redman computer nytimes

Don't put those in quotes. The first entry will tell you how long I have been in the computer technology game.

[jeanessa]

Sam, would the bot make private admin boards public, ban all of the admins and owners and then log in as certain admins and not others?

I just want to know how advanced this bot is.

[samredman]

Jeanessa, first there has to be a site with software vulnerability... and an unclosed security hole. Most sites are fully protected and secure. Most of these holes get identified quickly and mods are provided (sort of like Microsoft does security updates).. by the software companies. But, often the way hacks work is that the hacker employs a bot to simply search on the internet for software versions, where the site admin has failed to make the security mod (modification)... once the bot finds the hole.. (it searches the net just like a google bot does)... it notifies the bad guy and then they will approach the site manually. I have phpbb sites which have been hit, through my own negligence in not upgrading my mods (programmers don't waste time plugging the holes... but sometimes a site admin is just too uninformed or lazy to fix them). After I have fixed the security holes on my own sites.. then they are immune (at least from the previous kind of attack).

It's a big business doing security checks for servers. These security guys and gals can go over your site... and lock it down (at least to what is currently known at the time of their bullet proofing).

[jeanessa]

Quote:

Originally Posted by samredman

Jeanessa, first there has to be a site with software vulnerability... and an unclosed security hole. Most sites are fully protected and secure. Most of these holes get identified quickly and mods are provided (sort of like Microsoft does security updates).. by the software companies. But, often the way hacks work is that the hacker employs a bot to simply search on the internet for software versions, where the site admin has failed to make the security mod (modification)... once the bot finds the hole.. (it searches the net just like a google bot does)... it notifies the bad guy and then they will approach the site manually. I have phpbb sites which have been hit, through my own negligence in not upgrading my mods (programmers don't waste time plugging the holes... but sometimes a site admin is just too uninformed or lazy to fix them). After I have fixed the security holes on my own sites.. then they are immune (at least from the previous kind of attack).

It's a big business doing security checks for servers. These security guys and gals can go over your site... and lock it down (at least to what is currently known at the time of their bullet proofing).

Yes, I understand the nature of how the bot works and how it can hack into different types of software. I'm just wondering why in the case of jimmy's forum, the admins and owners were banned, certain admins were logged in and others were not, and the private admin board was made public, etc.

Also, since the hacker(s) used Jimmy's paypal to purchase $80 worth of dowloadable movies from Movielink might it be possible to trace where these were downloaded?

Thanks for taking the time to answer!

[BamaGal]

Quote:

Originally Posted by Barbara B

Bama, that sounds just like my RoboForm program. Is yours free or paid for? Mine is free if you only want to have 30 passwords. I paid to be able to have as many as I want, because I have business ones and personal ones and tons of ones!

mine is free

the roboform automatically fills in your info for you right??

mine doesn't it just stores them---I have to fill in the forms myself by C&P

[samredman]

Yes... that Movielink sounds like a good clue.

Once a hacker has access to one admin username and password, in effect, he "owns" the board. Once he is in, only the server admin can stop his ransacking (by shutting off that area of the server from the internet while they reconstruct). But, while he has control of the board (as the owner) the can ban whomever he wants. You must understand that these guys work rapidly.. he was probably signing in as various admins to see if there was other personal info he could access. I think the entire motivation of this is on a very low level... petty crime; unless they hit a goldmine credit card account.. then they can do major thievery.

Let me show you how available hack exploits are. This site provides them for immediate download. The purpose is to inform security professionals so that they can create fixes, but it also serves to provide would-be attackers with tools to hit server software that hasn't been "modded."

Go look at this link (it shows you 122 currently known downloadable exploits to attack a phpbb board):

http://www.securitynewsportal.com/se...&submit=submit

Most of these have fixes... but, unless you are "on the ball" you can "get caught with your pants down" (I love mixed metaphors).

[MNLisaB]

Quote:

Originally Posted by samredman

Nancy Elle queried:

There indeed might be a book in this, but maybe one best written not solely by me (my delivery "could often use some work").

Sam, you hit the nail on the head here, most readers don't like to slog through an author's thoughts to get to a specific point.

[BamaGal]

getting back to the fake email---

watch out for other things coming through everyone

I've received a fake card from BlueMountain....

those of us who received the emails might be on the receiving end of many more hoaxes

[Mayberryfan]

Thanks for the warning Bama!

Yeah, there's nothing Heidi won't do to try and disrupt this thread, pull people away with tending to a "sick" computer, calling paypal to straighten out a problem...whatever it takes.

She just needs to understand that she's lost. It's over, for all intents and purposes. Geez, no wonder Hector had to move far away from her. She is absolutely nuts.

[samredman]

MNLisaB adding to samredman's earlier self-deprecating coment:

Quote:

Originally Posted by

Sam, you hit the nail on the head here, most readers don't like to slog through an author's thoughts to get to a specific point.

But, Lisa, "slogging" is sometimes worth the effort in order to obtain useful information. Speaking only of my preferences, I love to "slog." I'd rather have some "slog-worthy" (I now really like that word, slog, thanks) text than material which lacks substance (but that just me).

Mayberry fan: It's sort of nice to have Heidi now to blame with every bad thing that happens.... I'm liking it! Just about thirty minutes ago, I went to the tennis club for a previously scheduled game, but the courts were closed, due to a rain storm which came up this afternoon suddenly in Dallas. I turned to my tennis pal and said, "That damn Heidi!"

[MNLisaB]

Point taken- my brain has gotten very lazy since the days of reading New York Times and WSJ cover to cover. I don't want to have to work that hard now!!

[Mayberryfan]

Sam,

Seriously, I mean no offense. But, I would prefer that you not address me directly on this thread. You and I are not compatible. I've been playing nice, but I'm done. I am requesting that you just ignore me and I will ignore you.

[justme08]

Quote:

Originally Posted by samredman

Mayberry fan: It's sort of nice to have Heidi now to blame with every bad thing that happens.... I'm liking it! Just about thirty minutes ago, I went to the tennis club for a previously scheduled game, but the courts were closed, due to a rain storm which came up this afternoon suddenly in Dallas. I turned to my tennis pal and said, "That damn Heidi!"

now, that is funny
I found myself after reading these threads here doing the same thing. My tanning bed had to close early today and I knew it was Heidi's fault.

[Mayberryfan]

Justme,

I think it should be obvious that I didn't find the comment you quoted amusing in the least. Are you Sam's partner in crime?

Several people have stopped posting here in the past few days. Is that just exactly what you had in mind? Doesn't matter if it is because the wheels of justice are turning and Heidi will have to face the music whether you or Sam or anyone else likes it or not.

ETA: I've never done this before, but I feel it's appropriate for me at this point to officially put you and Sam on ignore. I'll not be answering your questions nor reading any posts. Take all the pot shots you want at me, I'll never see them.

[justme08]

Sorry I realize this is very serious to you all. I just thought it was funny. And I never read your post that you were offended by it. I am no partner of anyone. Just happened to get interested in this topic because I got back into dieting again and read about this Heidi person on another blog.

So please all of you carry on, if I post again it will be serious I promise.

[Katinsac]

I belong to Jimmy's site and I didn't receive the email...but then again...I don't get Heidi's newsletter until about 3 days after you all either, lol...

[Katinsac]

I understand how these viruses or whatever you call them can resend to all your addresses but I can't understand how they got to Jimmy's PayPal account. How would they even know he had one too...

[Katinsac]

wouldn't they be fustrated if they went to Heidi's PayPal account and saw all that money there and couldn't get to it? lol...kinda funny if you think about it...

[Cutie]

Quote:

Originally Posted by Katinsac

wouldn't they be fustrated if they went to Heidi's PayPal account and saw all that money there and couldn't get to it? lol...kinda funny if you think about it...

(((kat)))

[Katinsac]

Cutie!!! I knew you were lurking, lol...

[Magicsmom]

Quote:

Originally Posted by Katinsac

I belong to Jimmy's site and I didn't receive the email...but then again...I don't get Heidi's newsletter until about 3 days after you all either, lol...

I didn't get an e-mail either.

[Katinsac]

magics..lol...kinda like that "special" banning I got from Heidi, hea? lol

[rebel]

Quote:

Originally Posted by Magicsmom

I didn't get an e-mail either.

I didn't get one either.

[NancyElle]

Quote:

Originally Posted by Magicsmom

I didn't get an e-mail either.

Well, I got the email, but it was in my spam folder. I deleted it.....

I feel so bad that this has happened.....More stuff.....