make a donation to the fz1oa
fz1oa chat
fz1oa picture uploader
maintain your own photo albums
locate fz1oa members
search the entire board
click here for fz1oa web site home page
register a new account, it's free!
email the fz1oa webmasters
read the fz1oa guidelines
read the fz1oa policy
open pat's fz1 site in a new window
open iowaz fz1 site in a new window
technical tips

Go Back   FZ1OA Message Board > FZ1 & Fazer Owners Association > FZ1OA Announcements & News

Reply
 
Thread Tools Display Modes
Old 07-12-2015, 08:42 AM   #61
5lv
Registered User
 
5lv's Avatar
 
Join Date: Oct 2003
Location: Wisconsin, USA
Posts: 1,902
Happened to me today from 50.7.159.195.

Can't we nuke those assbags?
__________________
Milhouse: Trust me Bart, it's better to walk in on both your parents instead of just one of them.

5lv is offline   Reply With Quote
Old 07-12-2015, 08:46 AM   #62
5lv
Registered User
 
5lv's Avatar
 
Join Date: Oct 2003
Location: Wisconsin, USA
Posts: 1,902
Quote:
Originally Posted by 5lv View Post
Happened to me today from 50.7.159.195.

Can't we nuke those assbags?
The time was supposed to be 6:16pm CDT. Is your clock messed up?
__________________
Milhouse: Trust me Bart, it's better to walk in on both your parents instead of just one of them.

5lv is offline   Reply With Quote
Old 07-12-2015, 08:56 AM   #63
Desmo
Hello ladies...
 
Desmo's Avatar
 
Join Date: Jun 2001
Location: Palo Alto,CA
Posts: 323,264,397
Quote:
Originally Posted by 5lv View Post
Happened to me today from 50.7.159.195.

Can't we nuke those assbags?

Nothing we can do to prevent people from attempting to login to people's accounts.
Desmo is offline   Reply With Quote
Old 08-10-2015, 03:28 AM   #64
1 wheel peel
Supertanker Pilot
 
1 wheel peel's Avatar
 
Join Date: Oct 2009
Location: East Texas
Posts: 250
Add me in. This one shows to be Swiss 176.10.99.204
https://www.stopforumspam.com/ipcheck/176.10.99.204
__________________
http://www.rockthegear.org/
1 wheel peel is offline   Reply With Quote
Old 08-12-2015, 07:36 PM   #65
RonaldAnderson
Banned
 
Join Date: Aug 2015
Posts: 1
Im a spamming asshole!

Last edited by Desmo; 08-13-2015 at 04:22 AM.
RonaldAnderson is offline   Reply With Quote
Old 08-12-2015, 08:59 PM   #66
grommet
kinetic mentality
 
grommet's Avatar
 
Join Date: May 2011
Location: hangin' with Toto
Posts: 12,933
Classic. Spam in a hack thread.

Moron.
__________________
Patient zero.


Partly stabilized, partly curious.


Be your own man; don't be an owned man.

Some people would rather be dead than wrong.
grommet is offline   Reply With Quote
Old 08-20-2015, 09:39 PM   #67
Banzai
10,000 Years
 
Banzai's Avatar
 
Join Date: Nov 2013
Location: North of Brisbane, Australia
Posts: 977
They've just tried to hack my account using IP 195.154.56.44
StopForumSpam tells me they are operating from France and have been quite busy over the last month,
Banzai is offline   Reply With Quote
Old 08-20-2015, 11:31 PM   #68
ag_streak
Set Fazers to 'stun'!
 
ag_streak's Avatar
 
Join Date: Jan 2005
Location: St. Pete, FL
Posts: 823
I got the notification today...

I entered the IP address here...

https://www.whatismyip.com/ip-whois-lookup/

And it listed the ISP's abuse-reporting e-mail, so I forwarded them the notification. The IP is in Switzerland.

The IP only goes back to the ISP, but when I tried the 'stopforumspam.com' site provided by Bonzai, above, I got over 1,000 users. Not sure how they do that or who they decide to list on those reports...

I changed my password to one that's unique to this site.
__________________
2013 Tiger 800, 2012 DR650, 2006 V-strom Sidecar Rig
ag_streak is offline   Reply With Quote
Old 08-21-2015, 02:55 AM   #69
Desmo
Hello ladies...
 
Desmo's Avatar
 
Join Date: Jun 2001
Location: Palo Alto,CA
Posts: 323,264,397
Quote:
StopForumSpam tells me they are operating from France and have been quite busy over the last month,
Having seen hundreds of these reports I can tell you that "they" are coming from all over. Many are via TOR networks, proxies, etc etc.


Quote:
I changed my password to one that's unique to this site.
Bingo.
Desmo is offline   Reply With Quote
Old 03-17-2016, 10:02 PM   #70
stephenmwyatt
Banned
 
Join Date: Mar 2016
Posts: 44
Quote:
Originally Posted by Desmo View Post
TLDR - Use a good password on the OA, and everywhere.

======================================

Passwords. You have them.

Are your passwords dumb? Is the OA password you have dumb? Is it easy to guess? Is you password "password" Or "12345" or some equally bad choice?

Simple advice - CHANGE THAT SHIT!

I bring this up because we have been getting "a lot" of reports from members that they have received alerts from the board saying that someone has tried to log into their account, and it was not them.

To clarify what "a lot" is. In a year I will usually see 1 report from a member saying they got such a message.

In the past couple of days I've seen about 10. Do the math.

Sooooo, it would appear that we have some douche bags trying to hack accounts the old school way. Which is, guessing passwords.

Which brings me back to the original point.

DON'T USE DUMB PASSWORDS!!!

There's nothing we can do on our end if someone figures out your password. And while you may not think it's a big deal if someone hacks your OA account consider this.

If they do, then they can see the email address you registered with. And if you were enough to use the same password here as you did on your email account, now they can hack your email...and from there? Oh MAMA! You could well be FVCKED.

You've been warned!!!
I can show you how to force complex passwords on your site if needed. I am a retired software expert
stephenmwyatt is offline   Reply With Quote
Old 03-22-2016, 11:17 AM   #71
WileECoyote
ACME Test Subject
 
WileECoyote's Avatar
 
Join Date: Aug 2015
Location: Bridgeville PA, its not Ten Cee but okay for now......
Posts: 5,568




Quote:
Originally Posted by stephenmwyatt View Post
I can show you how to force complex passwords on your site if needed. I am a retired software expert
__________________
Don't know why they call it Hamburger Helper, stuff does just fine by itself........

My long lost love.......1987 FZ700
WileECoyote is offline   Reply With Quote
Old 05-06-2016, 01:16 PM   #72
raja777m
Registered User
 
Join Date: Aug 2015
Posts: 13
Quote:
Originally Posted by diehli View Post
Is "dEsm0w34rshotp4nts" a good PW?
dE$m0w34r$hotp4nt$

Now it is ;)
raja777m is offline   Reply With Quote
Old 09-15-2016, 11:27 AM   #73
packnrat
Registered User
 
Join Date: Jan 2012
Location: valley springs
Posts: 1,077
Smile

i use number/words/codes off packages, and "other" items. and keep them all in a small note pad by my computer.
my old brain can not keep up with them all.
every account has a different code and none of them are similar.

and get changed every so often.



.
packnrat is offline   Reply With Quote
Old 02-20-2017, 11:49 PM   #74
rmzalbar
Registered User
 
Join Date: May 2012
Location: San Diego <--> Orange County
Posts: 279
Between work and personal, I have 90 passwords, all unique, all strong. Most of you probably have at least 30. Just forget about trying to remember passwords. Use a password safe. I use an app literally called "Password Safe" that works on both my PC's and my phone, synced with google drive. Now I only ever have to remember ONE password. The best part is when you get notification from some service that they got hacked, and you realize you only have to change your password there, and you don't have to memorize the new one, or even think one up, as the Password Safe can generate them for you. There's just no other way to go.

uhh. That sounded spammy.
__________________
rmzalbar is offline   Reply With Quote
Old 02-21-2017, 02:22 PM   #75
Pat Glenn
Everything's Just Ducky
 
Pat Glenn's Avatar
 
Join Date: Apr 2003
Location: Southern California
Posts: 15,337
Quote:
Originally Posted by rmzalbar View Post
Between work and personal, I have 90 passwords, all unique, all strong. Most of you probably have at least 30. Just forget about trying to remember passwords. Use a password safe. I use an app literally called "Password Safe" that works on both my PC's and my phone, synced with google drive. Now I only ever have to remember ONE password. The best part is when you get notification from some service that they got hacked, and you realize you only have to change your password there, and you don't have to memorize the new one, or even think one up, as the Password Safe can generate them for you. There's just no other way to go.
I'm interested in this also but I can't get past the idea that all my passwords are now "in the cloud." What if this password safe is hacked? Or doesn't it work that way?

Pat
Pat Glenn is offline   Reply With Quote
Old 02-21-2017, 02:39 PM   #76
Desmo
Hello ladies...
 
Desmo's Avatar
 
Join Date: Jun 2001
Location: Palo Alto,CA
Posts: 323,264,397
Quote:
Originally Posted by Pat Glenn View Post
I'm interested in this also but I can't get past the idea that all my passwords are now "in the cloud." What if this password safe is hacked? Or doesn't it work that way?

Pat

Yah, this was my initial concern as well but after listening/reading a bunch of security dudes I am no longer worried about that part of it. (I've used LP for many years now)

None of the passwords are stored "in the clear". They are all strongly encrypted and even LP can't access them. This is why you are fvcked if you forget your master password. Don't do that!

I think it's best explained like this. Even if a crook can open your safe, he can't do anything with the stuff inside of it. Even if he takes it.

LP actually was hacked last year. But all the encrypted info was safe. I wish I could explain it better, but MATHS IS HARD and crypto is mind numbingly complex and confusing.

IMO I can't live without LP. I use crazy long passwords randomly generated by LP and could never remember them, nor could I type them in accurately.

I also like that it gives you a "security score" that helps you determine how well you're doing security wise. Lets you know if you're using the same passwords at different sites etc.
They recently came up with a "change password" process that changes the password for a site with the push of a button.

Oh yah, and they support two factor auth as well. Can't login to your account on an untrusted device without entering a code from your phone/device.
Desmo is offline   Reply With Quote
Old 02-21-2017, 09:38 PM   #77
gotfz1
Do you like gladiator movies?
 
gotfz1's Avatar
 
Join Date: Apr 2001
Location: SoCal
Posts: 21,264
Quote:
Originally Posted by Pat Glenn View Post
I'm interested in this also but I can't get past the idea that all my passwords are now "in the cloud." What if this password safe is hacked? Or doesn't it work that way?

Pat
They will require your master password to decrypt what they retrieved. Your master password never leaves your device(s).

The larger issue for these services is undetected penetration to the degree that the hacker sends out new client-side code that would do bad things. There are also some cross site scripting attacks but these are rare. Choose a good service.
__________________
SCRIMSHAW!
gotfz1 is offline   Reply With Quote
Old 02-22-2017, 12:26 AM   #78
Pat Glenn
Everything's Just Ducky
 
Pat Glenn's Avatar
 
Join Date: Apr 2003
Location: Southern California
Posts: 15,337
This sounds like a better way to do the same thing I'm doing now. I keep all my passwords in an encrypted file on my hard disk which I have to decrypt every time I can't remember the password I need which is getting to be more and more often.

The encryption/decryption program is one I wrote myself using AES-256 in Java but every once in a while I end up clicking on the wrong button and encrypting instead of decrypting or decrypting instead of encrypting. Then the file becomes useless as I can't be sure how many times to do encrypting or decrypting to get the plaintext file back. Then I have to get the backup of that file off an external hard disk.

Not exactly convenient.

Pat
Pat Glenn is offline   Reply With Quote
Old 02-22-2017, 06:50 AM   #79
rswebscan
Nada Como El Sol
 
rswebscan's Avatar
 
Join Date: Jun 2004
Location: West Des Moines, Iowa
Posts: 22,634
They store all your passwords encrypted. So, while not totally safe - they are pretty darn safe....
__________________
Why are we here? Because we're here....Roll the bones
rswebscan is offline   Reply With Quote
Old 02-22-2017, 08:50 AM   #80
rmzalbar
Registered User
 
Join Date: May 2012
Location: San Diego <--> Orange County
Posts: 279
Password Safe in particular is endorsed by Bruce Schneier. It stores everything in a heavily encrypted file that is about as secure as encryption can be.

It's not a cloud app or account based online service the way LastPass is, which could have some of the usual vulnerabilities of any other online service.

I store this encrypted file on my google drive account, sure, but that file is useless by itself, and my master password isn't transmitted through a browser the way it would be with something like LastPass. It's only opened on my device - only a keylogger would expose me, but if a keylogger is involved I'm screwed no matter what I do.
__________________
rmzalbar is offline   Reply With Quote
Reply

Go Back   FZ1OA Message Board > FZ1 & Fazer Owners Association > FZ1OA Announcements & News


Thread Tools
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Forum Jump


All times are GMT -7. The time now is 06:07 AM.


Questions? Comments?
Click on name below to contact via PM
Rabeet (Admin) Desmo (Admin)

Powered by vBulletin® Version 3.7.4
Copyright ©2000 - 2019, Jelsoft Enterprises Ltd.
Website and Message Board Contents Copyright 2001-2007 FZ1OA
The marks YAMAHA® and FZ1® are used under license from Yamaha Motor Corporation, U.S.A.
The information on this web site is NOT approved or endorsed by Yamaha Motor Corporation in any way.
Page generated in 0.10876 seconds with 9 queries