Loading ...
Sorry, an error occurred while loading the content.
 

ATTN: New Forums Site Up !!!!!

Expand Messages
  • deceivermatt
    Hi folks, Hope its ok to tell u folks. A new community site has gone up which is located here http://nslu2-community.com It s just starting out but hopefully
    Message 1 of 5 , Jan 2, 2005
      Hi folks,

      Hope its ok to tell u folks. A new community site has gone up which
      is located here http://nslu2-community.com

      It's just starting out but hopefully it will kick off :)

      Check it out sign up and lets get cracking!
    • Lex Delani
      Excuse me, but... why do we need yet another site?!? We have the wiki, we have irc (with logs), we have this yahoo group... I m already looking at three
      Message 2 of 5 , Jan 2, 2005
        Excuse me, but... why do we need yet another site?!? We have the wiki,
        we have irc (with logs), we have this yahoo group... I'm already
        looking at three different sites. @Rod: I'd like to hear your opinion,
        as well as those of the other "senior" developers.

        Lex.

        --- In nslu2-linux@yahoogroups.com, "deceivermatt" <deceivermatt@y...>
        wrote:
        >
        > Hi folks,
        >
        > Hope its ok to tell u folks. A new community site has gone up which
        > is located here http://nslu2-community.com
        >
        > It's just starting out but hopefully it will kick off :)
        >
        > Check it out sign up and lets get cracking!
      • nslu2_linux
        On Sun, 02 Jan 2005 11:01:48 -0000, deceivermatt ... Earlier today we had a defacement issue on the wiki site (which is why it currently requires a password
        Message 3 of 5 , Jan 3, 2005
          On Sun, 02 Jan 2005 11:01:48 -0000, deceivermatt
          <deceivermatt@...> wrote:
          > Hope its ok to tell u folks. A new community site has gone up which
          > is located here http://nslu2-community.com
          > It's just starting out but hopefully it will kick off :)
          > Check it out sign up and lets get cracking!

          Earlier today we had a defacement issue on the wiki site (which is why
          it currently requires a password for editing). Our hosting provider
          has traced the logs, and the IP address used for the defacement seems
          to be a machine owned by the domain contact for the
          nslu2-community.com forum site.

          We can only assume that deceivermatt's machine or home/office LAN has
          been compromised without his knowledge. There is a suspicious
          "StealthMa" irc nick from the same ISP subnet which was involved in
          some unprovoked abuse in the IRC channel last year.

          We would advise community members to not trust the nslu2-community.com
          domain, nor to trust the deceivermatt@... Yahoo account, nor to
          trust the MattD, NightRider, or StealthMa IRC nicks (or any other
          nicks associated with the hostmask ppp*.lns1.bne1.internode.on.net),
          as we can only assume those those are compromised too (until we have
          evidence to the contrary).

          If you have given a password to that site that you use elsewhere, you
          would be advised to change it in all other places, just in case.

          I hope everyone will give MattD the benefit of the doubt (and assume
          that his machine has been compromised without his knowledge) rather
          than assuming that it is a malicious attack on the nslu2-linux
          community or any of it's members.

          This should be the last word on the list regarding this subject. We
          have dealt with the problem, and will move on ....

          -- Signed, the NSLU2-Linux community resource admins

          ----------------------------------------------------------------------
          For those who are interested, the log evidence we have used to come to
          this conclusion follows ...

          From the web logs:

          ppp190-236.lns1.bne1.internode.on.net - - [02/Jan/2005:15:26:03 -0800]
          "GET /wiki/HowTo/HomePage?action=edit HTTP/1.1" 200 11677
          ppp190-236.lns1.bne1.internode.on.net - - [02/Jan/2005:15:26:07 -0800]
          "POST /wiki/HowTo/HomePage HTTP/1.1" 302 175

          From the defaced page wiki history:

          January 02, 2005, at 03:26 PM by anoymouse
          Deleted line 0:
          ...

          From the IRC logs:

          NightRider (~NightRide@...)
          mattd <user@...>
          stealthma <~mattd@...>
          (bne1.internode.on.net is a Brisbane, QLD ISP subnet)

          From WHOIS for nslu2-community.com

          Administrative, Technical, Billing Contact:
          Matt D (admin@...)
          Brisbane, QLD

          ----------------------------------------------------------------------
        • deceivermatt
          Hello, Dear community i am sorry that this has gotten into such a mess my room mates freind who was suspose to be helping me setup the forums thought it woudl
          Message 4 of 5 , Jan 4, 2005
            Hello,

            Dear community i am sorry that this has gotten into such a mess my
            room mates freind who was suspose to be helping me setup the forums
            thought it woudl be even funnier if he could mess it up and try and
            destory the community. I have seriouly talked to my room mate and my
            room mates freind about and have uncovered alot of shocking stories.

            I am dreadfully sorry that this has occured and will not happen again.

            I have added a front page to my site to explain this as well as
            assure users that there password can not even be access by myself or
            any one else.

            Visit the front page here: http://nslu2-community.com/index.html

            --- In nslu2-linux@yahoogroups.com, "nslu2_linux" <unslung@g...>
            wrote:
            >
            > On Sun, 02 Jan 2005 11:01:48 -0000, deceivermatt
            > <deceivermatt@y...> wrote:
            > > Hope its ok to tell u folks. A new community site has gone up
            which
            > > is located here http://nslu2-community.com
            > > It's just starting out but hopefully it will kick off :)
            > > Check it out sign up and lets get cracking!
            >
            > Earlier today we had a defacement issue on the wiki site (which is
            why
            > it currently requires a password for editing). Our hosting provider
            > has traced the logs, and the IP address used for the defacement
            seems
            > to be a machine owned by the domain contact for the
            > nslu2-community.com forum site.
            >
            > We can only assume that deceivermatt's machine or home/office LAN
            has
            > been compromised without his knowledge. There is a suspicious
            > "StealthMa" irc nick from the same ISP subnet which was involved in
            > some unprovoked abuse in the IRC channel last year.
            >
            > We would advise community members to not trust the nslu2-
            community.com
            > domain, nor to trust the deceivermatt@y... Yahoo account, nor to
            > trust the MattD, NightRider, or StealthMa IRC nicks (or any other
            > nicks associated with the hostmask ppp*.lns1.bne1.internode.on.net),
            > as we can only assume those those are compromised too (until we have
            > evidence to the contrary).
            >
            > If you have given a password to that site that you use elsewhere,
            you
            > would be advised to change it in all other places, just in case.
            >
            > I hope everyone will give MattD the benefit of the doubt (and assume
            > that his machine has been compromised without his knowledge) rather
            > than assuming that it is a malicious attack on the nslu2-linux
            > community or any of it's members.
            >
            > This should be the last word on the list regarding this subject. We
            > have dealt with the problem, and will move on ....
            >
            > -- Signed, the NSLU2-Linux community resource admins
            >
            > --------------------------------------------------------------------
            --
            > For those who are interested, the log evidence we have used to come
            to
            > this conclusion follows ...
            >
            > From the web logs:
            >
            > ppp190-236.lns1.bne1.internode.on.net - - [02/Jan/2005:15:26:03 -
            0800]
            > "GET /wiki/HowTo/HomePage?action=edit HTTP/1.1" 200 11677
            > ppp190-236.lns1.bne1.internode.on.net - - [02/Jan/2005:15:26:07 -
            0800]
            > "POST /wiki/HowTo/HomePage HTTP/1.1" 302 175
            >
            > From the defaced page wiki history:
            >
            > January 02, 2005, at 03:26 PM by anoymouse
            > Deleted line 0:
            > ...
            >
            > From the IRC logs:
            >
            > NightRider (~NightRide@p...)
            > mattd <user@p...>
            > stealthma <~mattd@p...>
            > (bne1.internode.on.net is a Brisbane, QLD ISP subnet)
            >
            > From WHOIS for nslu2-community.com
            >
            > Administrative, Technical, Billing Contact:
            > Matt D (admin@n...)
            > Brisbane, QLD
            >
            > --------------------------------------------------------------------
            --
          • Rod Whitby
            On Wed, 05 Jan 2005 04:21:13 -0000, deceivermatt wrote: ... [A story about how his room-mate s friend supposedly broke into his
            Message 5 of 5 , Jan 8, 2005
              On Wed, 05 Jan 2005 04:21:13 -0000, deceivermatt
              <deceivermatt@...> wrote:
              ...
              [A story about how his room-mate's friend supposedly broke into his
              computer ...]
              ...
              > I am dreadfully sorry that this has occured and will not happen again.
              > I have added a front page to my site to explain this as well as
              > assure users that there password can not even be access by myself or
              > any one else.
              > Visit the front page here: http://nslu2-community.com/

              We would advise anyone who is offended by obscene language to *not*
              visit that site. And do *not* click on any of the links on that site
              unless you have real-time virus scanning enabled. We also repeat the
              advice that if you have given a password to that site and use that
              password anywhere else, then you should change it immediately in those
              other places.

              We allowed deceivermatt to paint himself (and his many pseudonyms)
              into a corner, and he finally showed his true colours under his real
              alias in the IRC channel. He has been banned from this mailing list -
              although he could easily join again under another pseudonym without
              our knowledge, so continue to beware of wolves in sheep's clothing.
              His known IP addresses have been black-listed from the wiki, and the
              AllRecentChanges page has been modified to show the IP address for
              each change to the wiki (so we can more easily detect impersonations
              in the future).

              The three or four most significant pages of the wiki will continue to
              be password protected. All other pages will continue to be open.
              Please advise this list of you wish any content to be added to the
              password protected pages.

              We hope this will be the end of this incident, and I wish to
              personally thank all those who were involved in both protecting our
              community resources, and ignoring the offender in the IRC channel.

              -- Rod
            Your message has been successfully submitted and would be delivered to recipients shortly.