Forum Coordinators: RedPhantom
Poser - OFFICIAL F.A.Q (Last Updated: 2024 Nov 29 7:57 am)
I was just there and had no problems
Poser 9 SR3 and 8 sr3
=================
Processor Type: AMD Phenom II 830 Quad-Core
2.80GHz, 4000MHz System Bus, 2MB L2 Cache + 6MB Shared L3 Cache
Hard Drive Size: 1TB
Processor - Clock Speed: 2.8 GHz
Operating System: Windows 7 Home Premium 64-bit
Graphics Type: ATI Radeon HD 4200
•ATI Radeon HD 4200 integrated graphics
System Ram: 8GB
I certainly hope not!!!
C makes it easy to shoot yourself in the
foot. C++ makes it harder, but when you do, you blow your whole leg
off.
-- Bjarne
Stroustrup
Contact Me | Kuroyume's DevelopmentZone
It's one of the reasons I never store credit card information anywhere, but I would guess that DAZ has lots of firewalls you have to go through to get to that kind of information. I wouldn't worry about it. Whoever hacked DAZ's main page is probably not after anything other than to try and start some controversy and make a name for themselves. A really good hacker and a thief would not have left a message behind. This is just someone trying to get attention.....the lame little prick :)
Attached Link: http://forum.daz3d.com/viewtopic.php?t=15162
This was just posted up at DAZ...*"Hello, everyone. DAZ has asked me to make an explanatory post regarding this issue, since I was contacted to assist their system administration team with the forensics and I located the "root cause" of the intrusion to their server.
Essentially, at 13:09:09, a computer in Brazil connected to the DAZ website and exploited a security vulnerability in a commonly used statistical analysis package for web logs. An exploit existed that would allow a carefully crafted string to write or overwrite a file that the parsing script had permissions to. The attackers used this to create an 'index.html' page on the web server containing the message.
There's no evidence whatsoever to suggest the people responsible had any ability to read any data from the server. Moreover, because of the method used, we have a full log of every command issued, and we have a list of all files that were modified - and the only they thing touched was creating the spurious index.html.
While DAZ takes every security incident seriously, and will be working with the proper authorities to respond to this incident, that even in a much more serious compromise there are actually several more hurdles that would have to be assailed by a would-be attacked to get access to any sensitive information. The credit card information entrusted to DAZ is protected by absolutely draconion security measures and is designed to be inaccessible to anyone - even DAZ employees."* edited to add URL
Message edited on: 02/16/2005 18:49
" Did DAZ publicly announce this in a thread somewhere, Khai? If not, I'm wondering where you're getting your information. Did I miss something? blinks It's possible I missed something. Where is the thread where DAZ explains this about some virus?" a few weeks ago a virus leaving a similar msg hit about 75% of all the PHP boards on the net... it was a hellva attack since the estimates ran to about 20,000 boards taken down. I was thinking it was the same virus. and reading that explanation above, I still think it could have been, since they described a similar loophole to the one the virus was exploiting.
both of youse need to go and take a deep breathe and chill out :) DAZ got hit ..they fixed it fast. End of story. This happens. And now whomever did this has a couple hundred cranky poserholics after them .. I'd feel sorry for the dude in Brazil actually. lol Lets sic Dodger on 'em! serves 'em right Lyrra
Hack0erz Boyz Ownz Youz!!!!!!!
Youz isz deadz meatz!!!!
Wez bez coolz becausez wez spellz everthingz withz zzzzzzzzzzz's(z)!!!!!!!
Actuallyz, Iz hasz az speechz impedimentz.
Hack0erz Boyz notz tooz brightz!!!!!! Notz knowz howz toz talkz tooz goodz..........spendz tooz muchz timez watchingz Starz Trekz, andz dreamingz aboutz beingz da Bigz Badz Manz!
Yeahz, Iz Coolerz thanz youz....evenz thoughz Iz weighsz 90z poundsz soakingz wetz.
Iz wetz da bedz, tooz. Da bigz meanz boyz alwaysz pickin'z onz mez!!!!!!
Iz getz myz revengez onz thez worldz!!!!! Iz Hack0erz Bigz Badz Dudez!!!!!!!!
Iz rulez!!!!!!!!!!!
"...quit using that damned Microsoft web log software..." I assume you were joking. If not, be advised that: According to Netcraft: "http://www.daz3d.com was running Apache on FreeBSD when last queried at 17-Feb-2005 07:10:03 GMT" Also the Brazilian stats hack apparently attacks a program named AWstats, definitely not a Microsoft product. Microsoft did cause the tsunami though.
"Democracy is a pathetic belief in the collective wisdom of individual ignorance." - H. L. Mencken
lmckenzie, Bill Gates is sending his Geek-Squad to 'panzy' you as...we...speak!!! ;) - On a serious note, was this a PHP forum hack? Seems that phpBB is getting alot of attention from the script kiddies lately.
C makes it easy to shoot yourself in the
foot. C++ makes it harder, but when you do, you blow your whole leg
off.
-- Bjarne
Stroustrup
Contact Me | Kuroyume's DevelopmentZone
Attached Link: http://www.blogherald.com/2005/02/03/awstats-exploit-downs-blogs
Here's the first reference I found--nothing about PHP so it's different from that one. I'm sure Bill is cackling to see open source getting bitch-slapped for a change though. Too late for the Geek-Squad. I already drank the Kool-Aid and had the chip implanted. It was a mighty big suppository too."Democracy is a pathetic belief in the collective wisdom of individual ignorance." - H. L. Mencken
This even happened to phpBB.com. Sounds like the same group was responsible. I read a little about it as soon as it happened since I have a server with AWStats. It was via an exploit in the AWStats program, an app that generates web stats for bandwidth, referrers, etc. Cpanel includes AWStat in the package so I asked around about that too. The compromise is only in the standalone version of AWStats before version 6.2 so those of you with web sites and using the standalone (not the cpanel version) better upgrade. While you're at it make sure your host/provider is using the latest version of php as well as there's another exploit there (hear that DAZ?). For what it's worth, phpBB.com was down for a few days. Apparently it really harshed their server, not just the index page. So good going DAZ, way to recover fast. Of course, an ounce of prevention is worth a pound of cure.... ;)
This site uses cookies to deliver the best experience. Our own cookies make user accounts and other features possible. Third-party cookies are used to display relevant ads and to analyze how Renderosity is used. By using our site, you acknowledge that you have read and understood our Terms of Service, including our Cookie Policy and our Privacy Policy.
I've just tried to access DAZ3D, and got a blank page except for the message below;
'hax0rs lab ownz you - hax0rs@email.com'
I've tried both in Firefox (with account cookies set) and IE (no cookies set) with the same result. Is anyone else getting this?
Message edited on: 02/16/2005 16:17