Groups | Search | Server Info | Keyboard shortcuts | Login | Register [http] [https] [nntp] [nntps]

Groups > comp.lang.python > #55173 > unrolled thread

JUST GOT HACKED

Back to article view | Back to comp.lang.python

Contents

  JUST GOT HACKED Νίκος <nikos.gr33k@gmail.com> - 2013-10-01 12:58 +0300
    Re: JUST GOT HACKED Mark Lawrence <breamoreboy@yahoo.co.uk> - 2013-10-01 14:06 +0100
      Re: JUST GOT HACKED Νίκος <nikos.gr33k@gmail.com> - 2013-10-01 16:15 +0300
        Re: JUST GOT HACKED Chris “Kwpolska” Warrick <kwpolska@gmail.com> - 2013-10-01 15:27 +0200
          Re: JUST GOT HACKED Νίκος <nikos.gr33k@gmail.com> - 2013-10-01 16:42 +0300
            Fwd: JUST GOT HACKED Chris “Kwpolska” Warrick <kwpolska@gmail.com> - 2013-10-01 15:56 +0200
              Re: Fwd: JUST GOT HACKED Νίκος <nikos.gr33k@gmail.com> - 2013-10-01 16:58 +0300
            Re: JUST GOT HACKED Alister <alister.ware@ntlworld.com> - 2013-10-01 13:57 +0000
              Re: JUST GOT HACKED Νίκος <nikos.gr33k@gmail.com> - 2013-10-01 17:00 +0300
                Re: JUST GOT HACKED Daniel Stojanov <daniel.stjnv@gmail.com> - 2013-10-02 00:24 +1000
                  Re: JUST GOT HACKED Steven D'Aprano <steve+comp.lang.python@pearwood.info> - 2013-10-02 02:30 +0000
                    Re: JUST GOT HACKED Antoon Pardon <antoon.pardon@rece.vub.ac.be> - 2013-10-02 08:51 +0200
                    Re: JUST GOT HACKED Mark Lawrence <breamoreboy@yahoo.co.uk> - 2013-10-02 08:32 +0100
                  Re: JUST GOT HACKED Ravi Sahni <ganeshsahni07@gmail.com> - 2013-10-01 21:09 -0700
                  Re: JUST GOT HACKED rurpy@yahoo.com - 2013-10-02 09:41 -0700
                Re: JUST GOT HACKED Tim Chase <python.list@tim.thechases.com> - 2013-10-01 09:56 -0500
                Re: JUST GOT HACKED Ned Batchelder <ned@nedbatchelder.com> - 2013-10-01 10:52 -0400
                  Re: JUST GOT HACKED Νίκος <nikos.gr33k@gmail.com> - 2013-10-01 18:34 +0300
                    Re: JUST GOT HACKED alex23 <wuwei23@gmail.com> - 2013-10-02 09:28 +1000
                Re: JUST GOT HACKED Tim Delaney <timothy.c.delaney@gmail.com> - 2013-10-02 06:45 +1000
                Re: JUST GOT HACKED Ben Finney <ben+python@benfinney.id.au> - 2013-10-02 08:06 +1000
                  Re: JUST GOT HACKED Wayne Werner <waynejwerner@gmail.com> - 2013-10-04 06:23 -0700
                Re: JUST GOT HACKED Chris Angelico <rosuav@gmail.com> - 2013-10-02 08:15 +1000
                Re: JUST GOT HACKED Mark Lawrence <breamoreboy@yahoo.co.uk> - 2013-10-01 23:28 +0100
                Improving community discussion (was: JUST GOT HACKED) Ben Finney <ben+python@benfinney.id.au> - 2013-10-02 08:41 +1000
                Re: JUST GOT HACKED Antoon Pardon <antoon.pardon@rece.vub.ac.be> - 2013-10-02 08:29 +0200
                Re: JUST GOT HACKED Ben Finney <ben+python@benfinney.id.au> - 2013-10-02 16:49 +1000
                  Re: JUST GOT HACKED Steven D'Aprano <steve@pearwood.info> - 2013-10-02 07:29 +0000
                    Mutual respect, bullying, tolerance (was: JUST GOT HACKED) Ben Finney <ben+python@benfinney.id.au> - 2013-10-02 17:42 +1000
                    Re: JUST GOT HACKED Νίκος <nikos.gr33k@gmail.com> - 2013-10-02 13:22 +0300
                      Re: JUST GOT HACKED Chris Angelico <rosuav@gmail.com> - 2013-10-02 20:32 +1000
                        Re: JUST GOT HACKED Νίκος <nikos.gr33k@gmail.com> - 2013-10-02 13:43 +0300
                          Re: JUST GOT HACKED Chris Angelico <rosuav@gmail.com> - 2013-10-02 20:54 +1000
                            Re: JUST GOT HACKED Νίκος <nikos.gr33k@gmail.com> - 2013-10-02 14:01 +0300
                            Re: JUST GOT HACKED Νίκος <nikos.gr33k@gmail.com> - 2013-10-02 14:03 +0300
                              Re: JUST GOT HACKED Chris Angelico <rosuav@gmail.com> - 2013-10-02 21:11 +1000
                              Re: JUST GOT HACKED Heiko Wundram <modelnine@modelnine.org> - 2013-10-02 13:35 +0200
                              Re: JUST GOT HACKED Steven D'Aprano <steve+comp.lang.python@pearwood.info> - 2013-10-02 13:06 +0000
                          Re: JUST GOT HACKED Tim Chase <python.list@tim.thechases.com> - 2013-10-02 08:09 -0500
                          Re: JUST GOT HACKED Wayne Werner <waynejwerner@gmail.com> - 2013-10-04 06:49 -0700
                      Re: JUST GOT HACKED Denis McMahon <denismfmcmahon@gmail.com> - 2013-10-02 15:50 +0000
                Re: JUST GOT HACKED Ravi Sahni <ganeshsahni07@gmail.com> - 2013-10-02 12:32 +0530
                  Re: JUST GOT HACKED Steven D'Aprano <steve@pearwood.info> - 2013-10-02 09:08 +0000
                    Re: JUST GOT HACKED Antoon Pardon <antoon.pardon@rece.vub.ac.be> - 2013-10-02 13:28 +0200
                      Re: JUST GOT HACKED Steven D'Aprano <steve+comp.lang.python@pearwood.info> - 2013-10-02 13:17 +0000
                        Re: JUST GOT HACKED Neil Cerutti <neilc@norwich.edu> - 2013-10-02 16:05 +0000
                        Re: JUST GOT HACKED Antoon Pardon <antoon.pardon@rece.vub.ac.be> - 2013-10-03 09:01 +0200
                          Re: JUST GOT HACKED Steven D'Aprano <steve+comp.lang.python@pearwood.info> - 2013-10-03 11:30 +0000
                            Re: JUST GOT HACKED Antoon Pardon <antoon.pardon@rece.vub.ac.be> - 2013-10-04 15:48 +0200
                  Re: JUST GOT HACKED Grant Edwards <invalid@invalid.invalid> - 2013-10-02 13:34 +0000
                  Re: JUST GOT HACKED rurpy@yahoo.com - 2013-10-02 09:44 -0700
                    Re: JUST GOT HACKED Ravi Sahni <ganeshsahni07@gmail.com> - 2013-10-02 23:51 +0530
                  Re: JUST GOT HACKED Piet van Oostrum <piet@vanoostrum.org> - 2013-10-04 17:23 -0400
                Re: JUST GOT HACKED Ben Finney <ben+python@benfinney.id.au> - 2013-10-02 17:24 +1000
                Re: JUST GOT HACKED Ravi Sahni <ganeshsahni07@gmail.com> - 2013-10-02 13:07 +0530
                Re: JUST GOT HACKED Antoon Pardon <antoon.pardon@rece.vub.ac.be> - 2013-10-02 09:51 +0200
                Re: JUST GOT HACKED Ravi Sahni <ganeshsahni07@gmail.com> - 2013-10-02 18:47 +0530
                Goodbye: was JUST GOT HACKED Walter Hurry <walterhurry@lavabit.com> - 2013-10-02 21:13 +0000
                  Re: Goodbye: was JUST GOT HACKED Terry Reedy <tjreedy@udel.edu> - 2013-10-02 19:05 -0400
                  Re: Goodbye: was JUST GOT HACKED Ravi Sahni <ganeshsahni07@gmail.com> - 2013-10-03 09:21 +0530
                    Re: Goodbye: was JUST GOT HACKED Steven D'Aprano <steve+comp.lang.python@pearwood.info> - 2013-10-03 11:35 +0000
                      Re: Goodbye: was JUST GOT HACKED Ravi Sahni <ganeshsahni07@gmail.com> - 2013-10-03 17:31 +0530
                        Re: Goodbye: was JUST GOT HACKED Steven D'Aprano <steve+comp.lang.python@pearwood.info> - 2013-10-04 02:03 +0000
                  Re: Goodbye: was JUST GOT HACKED Walter Hurry <walterhurry@lavabit.com> - 2013-10-07 12:26 +0000
                    Re: Goodbye: was JUST GOT HACKED Chris Angelico <rosuav@gmail.com> - 2013-10-07 23:34 +1100
                    Re: Goodbye: was JUST GOT HACKED Tim Chase <python.list@tim.thechases.com> - 2013-10-07 08:12 -0500
                    Re: Goodbye: was JUST GOT HACKED Ravi Sahni <ganeshsahni07@gmail.com> - 2013-10-07 18:40 +0530
            Re: JUST GOT HACKED Pat Johnson <p.johnson125@gmail.com> - 2013-10-08 07:51 -0700
        Re: JUST GOT HACKED Mark Lawrence <breamoreboy@yahoo.co.uk> - 2013-10-01 14:28 +0100
        Re: JUST GOT HACKED Mark Lawrence <breamoreboy@yahoo.co.uk> - 2013-10-01 19:42 +0100
    Re: JUST GOT HACKED Piet van Oostrum <piet@vanoostrum.org> - 2013-10-01 14:21 -0400
    Re: JUST GOT HACKED Denis McMahon <denismfmcmahon@gmail.com> - 2013-10-01 22:05 +0000
    Re: JUST GOT HACKED Zero Piraeus <z@etiol.net> - 2013-10-01 20:02 -0300
      Re: JUST GOT HACKED Νίκος <nikos.gr33k@gmail.com> - 2013-10-02 02:28 +0300
        Re: JUST GOT HACKED Tim Delaney <timothy.c.delaney@gmail.com> - 2013-10-02 09:48 +1000
        Re: JUST GOT HACKED Tim Chase <python.list@tim.thechases.com> - 2013-10-01 19:14 -0500
        Re: JUST GOT HACKED Chris “Kwpolska” Warrick <kwpolska@gmail.com> - 2013-10-02 14:47 +0200
        Re: JUST GOT HACKED ishish <ishish@domhain.de> - 2013-10-02 13:57 +0100
      Re: JUST GOT HACKED Νίκος <nikos.gr33k@gmail.com> - 2013-10-02 13:52 +0300
        Re: JUST GOT HACKED feedthetroll@gmx.de - 2013-10-02 04:42 -0700
          Re: JUST GOT HACKED Νίκος <nikos.gr33k@gmail.com> - 2013-10-02 14:55 +0300
          Re: JUST GOT HACKED Steven D'Aprano <steve+comp.lang.python@pearwood.info> - 2013-10-02 12:51 +0000
            Re: JUST GOT HACKED Antoon Pardon <antoon.pardon@rece.vub.ac.be> - 2013-10-02 15:12 +0200
              Re: JUST GOT HACKED Νίκος <nikos.gr33k@gmail.com> - 2013-10-02 16:30 +0300
                Re: JUST GOT HACKED Rod Person <rodperson@rodperson.com> - 2013-10-02 10:31 -0400
            Re: JUST GOT HACKED Chris Angelico <rosuav@gmail.com> - 2013-10-02 23:06 +1000
    Re: JUST GOT HACKED Pat Johnson <p.johnson125@gmail.com> - 2013-10-08 07:53 -0700

Page 1 of 5  [1] 2 3 4 5  Next page →

#55173 — JUST GOT HACKED

Just logged in via FTP to my server and i saw an uploade file named 
"Warnign html"

Contents were:

WARNING

I am incompetent. Do not hire me!

Question:

WHO AND MOST IMPORTNTANLY HOW DID HE MANAGED TO UPLOAD THIS FILE ON MY 
ACCOUNT?

PLEASE ANSWER ME, I WONT GET MAD, BUT THIS IS AN IMPORTANT SECURITY RISK.

SOMEONES MUST HAVE ACCESS TO MY ACCOUNT, DOES THE SOURCE CODE OF MY MAIN 
PYTHON SCRIPT APPEARS SOMEPLACE AGAIN?!?!

[toc] | [next] | [standalone]

#55186

On 01/10/2013 10:58, Νίκος wrote:
> Just logged in via FTP to my server and i saw an uploade file named
> "Warnign html"
>
> Contents were:
>
> WARNING
>
> I am incompetent. Do not hire me!
>
> Question:
>
> WHO AND MOST IMPORTNTANLY HOW DID HE MANAGED TO UPLOAD THIS FILE ON MY
> ACCOUNT?
>
> PLEASE ANSWER ME, I WONT GET MAD, BUT THIS IS AN IMPORTANT SECURITY RISK.
>
> SOMEONES MUST HAVE ACCESS TO MY ACCOUNT, DOES THE SOURCE CODE OF MY MAIN
> PYTHON SCRIPT APPEARS SOMEPLACE AGAIN?!?!

Would you please stop posting, I've almost burst my stomach laughing at 
this.  You definetely have a ready made career writing comedy.

-- 
Cheers.

Mark Lawrence

[toc] | [prev] | [next] | [standalone]

#55189

Στις 1/10/2013 4:06 μμ, ο/η Mark Lawrence έγραψε:
> On 01/10/2013 10:58, Νίκος wrote:
>> Just logged in via FTP to my server and i saw an uploade file named
>> "Warnign html"
>>
>> Contents were:
>>
>> WARNING
>>
>> I am incompetent. Do not hire me!
>>
>> Question:
>>
>> WHO AND MOST IMPORTNTANLY HOW DID HE MANAGED TO UPLOAD THIS FILE ON MY
>> ACCOUNT?
>>
>> PLEASE ANSWER ME, I WONT GET MAD, BUT THIS IS AN IMPORTANT SECURITY RISK.
>>
>> SOMEONES MUST HAVE ACCESS TO MY ACCOUNT, DOES THE SOURCE CODE OF MY MAIN
>> PYTHON SCRIPT APPEARS SOMEPLACE AGAIN?!?!
>
> Would you please stop posting, I've almost burst my stomach laughing at
> this.  You definetely have a ready made career writing comedy.

Okey smartass,

Try to do it again, if you be successfull again i'll even congratulate 
you myself.

[toc] | [prev] | [next] | [standalone]

#55197

On Tue, Oct 1, 2013 at 3:15 PM, Νίκος <nikos.gr33k@gmail.com> wrote:
> Στις 1/10/2013 4:06 μμ, ο/η Mark Lawrence έγραψε:
>>
>> On 01/10/2013 10:58, Νίκος wrote:
>>>
>>> Just logged in via FTP to my server and i saw an uploade file named
>>> "Warnign html"
>>>
>>> Contents were:
>>>
>>> WARNING
>>>
>>> I am incompetent. Do not hire me!
>>>
>>> Question:
>>>
>>> WHO AND MOST IMPORTNTANLY HOW DID HE MANAGED TO UPLOAD THIS FILE ON MY
>>> ACCOUNT?
>>>
>>> PLEASE ANSWER ME, I WONT GET MAD, BUT THIS IS AN IMPORTANT SECURITY RISK.
>>>
>>> SOMEONES MUST HAVE ACCESS TO MY ACCOUNT, DOES THE SOURCE CODE OF MY MAIN
>>> PYTHON SCRIPT APPEARS SOMEPLACE AGAIN?!?!
>>
>>
>> Would you please stop posting, I've almost burst my stomach laughing at
>> this.  You definetely have a ready made career writing comedy.
>
>
> Okey smartass,
>
> Try to do it again, if you be successfull again i'll even congratulate you
> myself.
>
> --
> https://mail.python.org/mailman/listinfo/python-list

It looks like you are accusing someone of doing something without any
proof whatsoever.  Would you like help with the fallout of the lawsuit
that I hope Mark might (should!) come up with?

Speaking of “try again”, I doubt it would be hard…  As long as a FTP
daemon is running somewhere (and you clearly do not know better); or
even you have a SSH daemon and you do not know better, an attacker
can:

a) wait for you to publish your password yet again;
b) get you to download an exploit/keylogger/whatever;
c) brute-force.

Well, considering it’s unlikely you actually have a long-as-shit
password, (c) is the best option.  Unless your password is very long,
in which case is not.

I’m also wondering what language your password is in.  If you actually
used a Greek phrase, how long will it take you to get locked out due
to encoding bullshit?

-- 
Chris “Kwpolska” Warrick <http://kwpolska.tk>
PGP: 5EAAEA16
stop html mail | always bottom-post | only UTF-8 makes sense

[toc] | [prev] | [next] | [standalone]

#55203

Στις 1/10/2013 4:27 μμ, ο/η Chris “Kwpolska” Warrick έγραψε:
> On Tue, Oct 1, 2013 at 3:15 PM, Νίκος <nikos.gr33k@gmail.com> wrote:
>> Στις 1/10/2013 4:06 μμ, ο/η Mark Lawrence έγραψε:
>>>
>>> On 01/10/2013 10:58, Νίκος wrote:
>>>>
>>>> Just logged in via FTP to my server and i saw an uploade file named
>>>> "Warnign html"
>>>>
>>>> Contents were:
>>>>
>>>> WARNING
>>>>
>>>> I am incompetent. Do not hire me!
>>>>
>>>> Question:
>>>>
>>>> WHO AND MOST IMPORTNTANLY HOW DID HE MANAGED TO UPLOAD THIS FILE ON MY
>>>> ACCOUNT?
>>>>
>>>> PLEASE ANSWER ME, I WONT GET MAD, BUT THIS IS AN IMPORTANT SECURITY RISK.
>>>>
>>>> SOMEONES MUST HAVE ACCESS TO MY ACCOUNT, DOES THE SOURCE CODE OF MY MAIN
>>>> PYTHON SCRIPT APPEARS SOMEPLACE AGAIN?!?!
>>>
>>>
>>> Would you please stop posting, I've almost burst my stomach laughing at
>>> this.  You definetely have a ready made career writing comedy.
>>
>>
>> Okey smartass,
>>
>> Try to do it again, if you be successfull again i'll even congratulate you
>> myself.
>>
>> --
>> https://mail.python.org/mailman/listinfo/python-list
>
> It looks like you are accusing someone of doing something without any
> proof whatsoever.  Would you like help with the fallout of the lawsuit
> that I hope Mark might (should!) come up with?i'am
>
> Speaking of “try again”, I doubt it would be hard…  As long as a FTP
> daemon is running somewhere (and you clearly do not know better); or
> even you have a SSH daemon and you do not know better, an attacker
> can:
>
> a) wait for you to publish your password yet again;
> b) get you to download an exploit/keylogger/whatever;
> c) brute-force.
>
> Well, considering it’s unlikely you actually have a long-as-shit
> password, (c) is the best option.  Unless your password is very long,
> in which case is not.
>
> I’m also wondering what language your password is in.  If you actually
> used a Greek phrase, how long will it take you to get locked out due
> to encoding bullshit?

Like i use grek letter for my passwords or like i'am gonna fall for any 
of your 3 dumbass reasons.

I already foudn the weakness and corrected it.

[toc] | [prev] | [next] | [standalone]

#55207

Why is this list not setting Reply-To correctly again?

---------- Forwarded message ----------
From: Chris “Kwpolska” Warrick <kwpolska@gmail.com>
Date: Tue, Oct 1, 2013 at 3:55 PM
Subject: Re: JUST GOT HACKED
To: Νίκος <nikos.gr33k@gmail.com>


On Tue, Oct 1, 2013 at 3:42 PM, Νίκος <nikos.gr33k@gmail.com> wrote:
> Στις 1/10/2013 4:27 μμ, ο/η Chris “Kwpolska” Warrick έγραψε:
>>
>> On Tue, Oct 1, 2013 at 3:15 PM, Νίκος <nikos.gr33k@gmail.com> wrote:
>>>
>>> Στις 1/10/2013 4:06 μμ, ο/η Mark Lawrence έγραψε:
>>>>
>>>>
>>>> On 01/10/2013 10:58, Νίκος wrote:
>>>>>
>>>>>
>>>>> Just logged in via FTP to my server and i saw an uploade file named
>>>>> "Warnign html"
>>>>>
>>>>> Contents were:
>>>>>
>>>>> WARNING
>>>>>
>>>>> I am incompetent. Do not hire me!
>>>>>
>>>>> Question:
>>>>>
>>>>> WHO AND MOST IMPORTNTANLY HOW DID HE MANAGED TO UPLOAD THIS FILE ON MY
>>>>> ACCOUNT?
>>>>>
>>>>> PLEASE ANSWER ME, I WONT GET MAD, BUT THIS IS AN IMPORTANT SECURITY
>>>>> RISK.
>>>>>
>>>>> SOMEONES MUST HAVE ACCESS TO MY ACCOUNT, DOES THE SOURCE CODE OF MY
>>>>> MAIN
>>>>> PYTHON SCRIPT APPEARS SOMEPLACE AGAIN?!?!
>>>>
>>>>
>>>>
>>>> Would you please stop posting, I've almost burst my stomach laughing at
>>>> this.  You definetely have a ready made career writing comedy.
>>>
>>>
>>>
>>> Okey smartass,
>>>
>>> Try to do it again, if you be successfull again i'll even congratulate
>>> you
>>> myself.
>>>
>>> --
>>> https://mail.python.org/mailman/listinfo/python-list
>>
>>
>> It looks like you are accusing someone of doing something without any
>> proof whatsoever.  Would you like help with the fallout of the lawsuit
>> that I hope Mark might (should!) come up with?i'am
>>
>>
>> Speaking of “try again”, I doubt it would be hard…  As long as a FTP
>> daemon is running somewhere (and you clearly do not know better); or
>> even you have a SSH daemon and you do not know better, an attacker
>> can:
>>
>> a) wait for you to publish your password yet again;
>> b) get you to download an exploit/keylogger/whatever;
>> c) brute-force.
>>
>> Well, considering it’s unlikely you actually have a long-as-shit
>> password, (c) is the best option.  Unless your password is very long,
>> in which case is not.
>>
>> I’m also wondering what language your password is in.  If you actually
>> used a Greek phrase, how long will it take you to get locked out due
>> to encoding bullshit?
>
>
> Like i use grek letter for my passwords

Did you know that you just lowered the amount of characters an
attacker should check while brute-forcing your password from 256/164
(UTF-*/ISO-8859-7) to just 95?  No?  Congratulations anyways, Nikos!

--
Chris “Kwpolska” Warrick <http://kwpolska.tk>
PGP: 5EAAEA16
stop html mail | always bottom-post | only UTF-8 makes sense


-- 
Chris “Kwpolska” Warrick <http://kwpolska.tk>
PGP: 5EAAEA16
stop html mail | always bottom-post | only UTF-8 makes sense

[toc] | [prev] | [next] | [standalone]

#55209

Στις 1/10/2013 4:56 μμ, ο/η Chris “Kwpolska” Warrick έγραψε:
> Why is this list not setting Reply-To correctly again?
>
> ---------- Forwarded message ----------
> From: Chris “Kwpolska” Warrick <kwpolska@gmail.com>
> Date: Tue, Oct 1, 2013 at 3:55 PM
> Subject: Re: JUST GOT HACKED
> To: Νίκος <nikos.gr33k@gmail.com>
>
>
> On Tue, Oct 1, 2013 at 3:42 PM, Νίκος <nikos.gr33k@gmail.com> wrote:
>> Στις 1/10/2013 4:27 μμ, ο/η Chris “Kwpolska” Warrick έγραψε:
>>>
>>> On Tue, Oct 1, 2013 at 3:15 PM, Νίκος <nikos.gr33k@gmail.com> wrote:
>>>>
>>>> Στις 1/10/2013 4:06 μμ, ο/η Mark Lawrence έγραψε:
>>>>>
>>>>>
>>>>> On 01/10/2013 10:58, Νίκος wrote:
>>>>>>
>>>>>>
>>>>>> Just logged in via FTP to my server and i saw an uploade file named
>>>>>> "Warnign html"
>>>>>>
>>>>>> Contents were:
>>>>>>
>>>>>> WARNING
>>>>>>
>>>>>> I am incompetent. Do not hire me!
>>>>>>
>>>>>> Question:
>>>>>>
>>>>>> WHO AND MOST IMPORTNTANLY HOW DID HE MANAGED TO UPLOAD THIS FILE ON MY
>>>>>> ACCOUNT?
>>>>>>
>>>>>> PLEASE ANSWER ME, I WONT GET MAD, BUT THIS IS AN IMPORTANT SECURITY
>>>>>> RISK.
>>>>>>
>>>>>> SOMEONES MUST HAVE ACCESS TO MY ACCOUNT, DOES THE SOURCE CODE OF MY
>>>>>> MAIN
>>>>>> PYTHON SCRIPT APPEARS SOMEPLACE AGAIN?!?!
>>>>>
>>>>>
>>>>>
>>>>> Would you please stop posting, I've almost burst my stomach laughing at
>>>>> this.  You definetely have a ready made career writing comedy.
>>>>
>>>>
>>>>
>>>> Okey smartass,
>>>>
>>>> Try to do it again, if you be successfull again i'll even congratulate
>>>> you
>>>> myself.
>>>>
>>>> --
>>>> https://mail.python.org/mailman/listinfo/python-list
>>>
>>>
>>> It looks like you are accusing someone of doing something without any
>>> proof whatsoever.  Would you like help with the fallout of the lawsuit
>>> that I hope Mark might (should!) come up with?i'am
>>>
>>>
>>> Speaking of “try again”, I doubt it would be hard…  As long as a FTP
>>> daemon is running somewhere (and you clearly do not know better); or
>>> even you have a SSH daemon and you do not know better, an attacker
>>> can:
>>>
>>> a) wait for you to publish your password yet again;
>>> b) get you to download an exploit/keylogger/whatever;
>>> c) brute-force.
>>>
>>> Well, considering it’s unlikely you actually have a long-as-shit
>>> password, (c) is the best option.  Unless your password is very long,
>>> in which case is not.
>>>
>>> I’m also wondering what language your password is in.  If you actually
>>> used a Greek phrase, how long will it take you to get locked out due
>>> to encoding bullshit?
>>
>>
>> Like i use grek letter for my passwords
>
> Did you know that you just lowered the amount of characters an
> attacker should check while brute-forcing your password from 256/164
> (UTF-*/ISO-8859-7) to just 95?  No?  Congratulations anyways, Nikos!

Yes' iam aware of that, iam helping you as you see.
Brute force then, after a few fail attempts you will be fobribben to 
even try a a new connection.

[toc] | [prev] | [next] | [standalone]

#55208

On Tue, 01 Oct 2013 16:42:31 +0300, Νίκος wrote:

> Στις 1/10/2013 4:27 μμ, ο/η Chris “Kwpolska” Warrick έγραψε:
>> On Tue, Oct 1, 2013 at 3:15 PM, Νίκος <nikos.gr33k@gmail.com> wrote:
>>> Στις 1/10/2013 4:06 μμ, ο/η Mark Lawrence έγραψε:
>>>>
>>>> On 01/10/2013 10:58, Νίκος wrote:
>>>>>
>>>>> Just logged in via FTP to my server and i saw an uploade file named
>>>>> "Warnign html"
>>>>>
>>>>> Contents were:
>>>>>
>>>>> WARNING
>>>>>
>>>>> I am incompetent. Do not hire me!
>>>>>
>>>>> Question:
>>>>>
>>>>> WHO AND MOST IMPORTNTANLY HOW DID HE MANAGED TO UPLOAD THIS FILE ON
>>>>> MY ACCOUNT?
>>>>>
>>>>> PLEASE ANSWER ME, I WONT GET MAD, BUT THIS IS AN IMPORTANT SECURITY
>>>>> RISK.
>>>>>
>>>>> SOMEONES MUST HAVE ACCESS TO MY ACCOUNT, DOES THE SOURCE CODE OF MY
>>>>> MAIN PYTHON SCRIPT APPEARS SOMEPLACE AGAIN?!?!
>>>>
>>>>
>>>> Would you please stop posting, I've almost burst my stomach laughing
>>>> at this.  You definetely have a ready made career writing comedy.
>>>
>>>
>>> Okey smartass,
>>>
>>> Try to do it again, if you be successfull again i'll even congratulate
>>> you myself.
>>>
>>> --
>>> https://mail.python.org/mailman/listinfo/python-list
>>
>> It looks like you are accusing someone of doing something without any
>> proof whatsoever.  Would you like help with the fallout of the lawsuit
>> that I hope Mark might (should!) come up with?i'am
>>
>> Speaking of “try again”, I doubt it would be hard…  As long as a FTP
>> daemon is running somewhere (and you clearly do not know better); or
>> even you have a SSH daemon and you do not know better, an attacker can:
>>
>> a) wait for you to publish your password yet again;
>> b) get you to download an exploit/keylogger/whatever;
>> c) brute-force.
>>
>> Well, considering it’s unlikely you actually have a long-as-shit
>> password, (c) is the best option.  Unless your password is very long,
>> in which case is not.
>>
>> I’m also wondering what language your password is in.  If you actually
>> used a Greek phrase, how long will it take you to get locked out due to
>> encoding bullshit?
> 
> Like i use grek letter for my passwords or like i'am gonna fall for any
> of your 3 dumbass reasons.
> 
> I already foudn the weakness and corrected it.


i hope whoever is taking on your roll has a better basic understating of 
programming & systems administration.

good luck with you new career



-- 
This place just isn't big enough for all of us.  We've got to find a way
off this planet.

[toc] | [prev] | [next] | [standalone]

#55211

Στις 1/10/2013 4:57 μμ, ο/η Alister έγραψε:
> On Tue, 01 Oct 2013 16:42:31 +0300, Νίκος wrote:
>
>> Στις 1/10/2013 4:27 μμ, ο/η Chris “Kwpolska” Warrick έγραψε:
>>> On Tue, Oct 1, 2013 at 3:15 PM, Νίκος <nikos.gr33k@gmail.com> wrote:
>>>> Στις 1/10/2013 4:06 μμ, ο/η Mark Lawrence έγραψε:
>>>>>
>>>>> On 01/10/2013 10:58, Νίκος wrote:
>>>>>>
>>>>>> Just logged in via FTP to my server and i saw an uploade file named
>>>>>> "Warnign html"
>>>>>>
>>>>>> Contents were:
>>>>>>
>>>>>> WARNING
>>>>>>
>>>>>> I am incompetent. Do not hire me!
>>>>>>
>>>>>> Question:
>>>>>>
>>>>>> WHO AND MOST IMPORTNTANLY HOW DID HE MANAGED TO UPLOAD THIS FILE ON
>>>>>> MY ACCOUNT?
>>>>>>
>>>>>> PLEASE ANSWER ME, I WONT GET MAD, BUT THIS IS AN IMPORTANT SECURITY
>>>>>> RISK.
>>>>>>
>>>>>> SOMEONES MUST HAVE ACCESS TO MY ACCOUNT, DOES THE SOURCE CODE OF MY
>>>>>> MAIN PYTHON SCRIPT APPEARS SOMEPLACE AGAIN?!?!
>>>>>
>>>>>
>>>>> Would you please stop posting, I've almost burst my stomach laughing
>>>>> at this.  You definetely have a ready made career writing comedy.
>>>>
>>>>
>>>> Okey smartass,
>>>>
>>>> Try to do it again, if you be successfull again i'll even congratulate
>>>> you myself.
>>>>
>>>> --
>>>> https://mail.python.org/mailman/listinfo/python-list
>>>
>>> It looks like you are accusing someone of doing something without any
>>> proof whatsoever.  Would you like help with the fallout of the lawsuit
>>> that I hope Mark might (should!) come up with?i'am
>>>
>>> Speaking of “try again”, I doubt it would be hard…  As long as a FTP
>>> daemon is running somewhere (and you clearly do not know better); or
>>> even you have a SSH daemon and you do not know better, an attacker can:
>>>
>>> a) wait for you to publish your password yet again;
>>> b) get you to download an exploit/keylogger/whatever;
>>> c) brute-force.
>>>
>>> Well, considering it’s unlikely you actually have a long-as-shit
>>> password, (c) is the best option.  Unless your password is very long,
>>> in which case is not.
>>>
>>> I’m also wondering what language your password is in.  If you actually
>>> used a Greek phrase, how long will it take you to get locked out due to
>>> encoding bullshit?
>>
>> Like i use grek letter for my passwords or like i'am gonna fall for any
>> of your 3 dumbass reasons.
>>
>> I already foudn the weakness and corrected it.
>
>
> i hope whoever is taking on your roll has a better basic understating of
> programming & systems administration.
>
> good luck with you new career

Carred remaisn and it will remain the same.

Thanks for visting my website: you help me increase my google page rank 
without actually utilizing SEO.

Here:  http://superhost.gr/?show=log&page=index.html

[toc] | [prev] | [next] | [standalone]

#55214

[Multipart message — attachments visible in raw view] — view raw

On 02/10/2013 12:05 AM, "Νίκος" <nikos.gr33k@gmail.com> wrote:

> Thanks for visting my website: you help me increase my google page rank
without actually utilizing SEO.
>
> --
> https://mail.python.org/mailman/listinfo/python-list

1) You need links, not page views to improve your Google rank.

2) I just signed up the this mailing list. To the regulars, is this what
normally happens on this list?

3) I'm a bit late to the party. Is Nikos a real sysadmin or is this some
horrible inside joke I don't get?

[toc] | [prev] | [next] | [standalone]

#55267

On Wed, 02 Oct 2013 00:24:35 +1000, Daniel Stojanov wrote:

> 2) I just signed up the this mailing list. To the regulars, is this what
> normally happens on this list?

No.

> 3) I'm a bit late to the party. Is Nikos a real sysadmin or is this some
> horrible inside joke I don't get?

Nikos is not a real sysadmin. He is a wanna-be web developer who barely 
knows Python. He is arrogant and annoying. Unfortunately he is not the 
real problem here. The real problem is a bunch of vigilantes have 
appointed themselves the anti-Nikos lynch mob and take every opportunity 
they can to mock him, insult him, bait him into responding to their 
taunts, and even make public death threats against him. And now it 
appears that one of them may have hacked into his web site in an attempt 
to put him out of business.

These vigilantes have decided to save this mailing list from Nikos, even 
if it means destroying it. Nikos at least does ask Python questions. The 
vigilantes hardly talk about Python at all, they're too busy laughing at 
Nikos and insulting him. Nikos doesn't learn from his errors; neither do 
the vigilantes, no matter how many times they have failed they are sure 
that if they mock him just a little bit harder he will go away. He won't, 
they keep baiting him even more, and this place is going to shit thanks 
to them.





P.S. this mailing list is mirrored on Usenet as comp.lang.python, and it 
is considered rude to post HTML if you can avoid it.

-- 
Steven

[toc] | [prev] | [next] | [standalone]

#55276

Op 02-10-13 04:30, Steven D'Aprano schreef:
> On Wed, 02 Oct 2013 00:24:35 +1000, Daniel Stojanov wrote:
> 
>> 2) I just signed up the this mailing list. To the regulars, is this what
>> normally happens on this list?
> 
> No.
> 
>> 3) I'm a bit late to the party. Is Nikos a real sysadmin or is this some
>> horrible inside joke I don't get?
> 
> Nikos is not a real sysadmin. He is a wanna-be web developer who barely 
> knows Python. He is arrogant and annoying. Unfortunately he is not the 
> real problem here. The real problem is a bunch of vigilantes have 
> appointed themselves the anti-Nikos lynch mob and take every opportunity 
> they can to mock him, insult him, bait him into responding to their 
> taunts, and even make public death threats against him. And now it 
> appears that one of them may have hacked into his web site in an attempt 
> to put him out of business.

That is your slant of things. My take is that the real problem is those
that keep spoon feeding the help vampire, collaborating to the nuissance
and encouraging Nikos to come back.

> These vigilantes have decided to save this mailing list from Nikos, even 
> if it means destroying it. Nikos at least does ask Python questions. The 
> vigilantes hardly talk about Python at all, they're too busy laughing at 
> Nikos and insulting him. Nikos doesn't learn from his errors; neither do 
> the vigilantes, no matter how many times they have failed they are sure 
> that if they mock him just a little bit harder he will go away. He won't, 
> they keep baiting him even more, and this place is going to shit thanks 
> to them.

Maybe the people venting their frustration think the mailing list is
already partly gone to shit. So why should they care it is going to shit
too for those who collaborate to the nuisance. The latter didn't care
much the mailing list was going to shit for the first. The latter only
started to care about the shit level when they themselves though it
became too high for them. And then they complain about those venting
their frustration but they won't look at how their own behaviour
contributes to the frustration of those venting.

-- 
Antoon.

[toc] | [prev] | [next] | [standalone]

#55281

On 02/10/2013 07:51, Antoon Pardon wrote:
> Op 02-10-13 04:30, Steven D'Aprano schreef:
>> On Wed, 02 Oct 2013 00:24:35 +1000, Daniel Stojanov wrote:
>>
>>> 2) I just signed up the this mailing list. To the regulars, is this what
>>> normally happens on this list?
>>
>> No.
>>
>>> 3) I'm a bit late to the party. Is Nikos a real sysadmin or is this some
>>> horrible inside joke I don't get?
>>
>> Nikos is not a real sysadmin. He is a wanna-be web developer who barely
>> knows Python. He is arrogant and annoying. Unfortunately he is not the
>> real problem here. The real problem is a bunch of vigilantes have
>> appointed themselves the anti-Nikos lynch mob and take every opportunity
>> they can to mock him, insult him, bait him into responding to their
>> taunts, and even make public death threats against him. And now it
>> appears that one of them may have hacked into his web site in an attempt
>> to put him out of business.
>
> That is your slant of things. My take is that the real problem is those
> that keep spoon feeding the help vampire, collaborating to the nuissance
> and encouraging Nikos to come back.
>
>> These vigilantes have decided to save this mailing list from Nikos, even
>> if it means destroying it. Nikos at least does ask Python questions. The
>> vigilantes hardly talk about Python at all, they're too busy laughing at
>> Nikos and insulting him. Nikos doesn't learn from his errors; neither do
>> the vigilantes, no matter how many times they have failed they are sure
>> that if they mock him just a little bit harder he will go away. He won't,
>> they keep baiting him even more, and this place is going to shit thanks
>> to them.
>
> Maybe the people venting their frustration think the mailing list is
> already partly gone to shit. So why should they care it is going to shit
> too for those who collaborate to the nuisance. The latter didn't care
> much the mailing list was going to shit for the first. The latter only
> started to care about the shit level when they themselves though it
> became too high for them. And then they complain about those venting
> their frustration but they won't look at how their own behaviour
> contributes to the frustration of those venting.
>

No guessing which camp I'm in.

-- 
Cheers.

Mark Lawrence

[toc] | [prev] | [next] | [standalone]

#55271

On Tuesday, October 1, 2013 7:54:35 PM UTC+5:30, Daniel Stojanov wrote:
> 2) I just signed up the this mailing list. To the regulars, is this what normally happens on this list?
> 
> 3) I'm a bit late to the party. Is Nikos a real sysadmin or is this some horrible inside joke I don't get?

Thanks Daniel!!!
Lurker here: I too was wondering whether I have got into the wrong place

[toc] | [prev] | [next] | [standalone]

#55359

On 10/01/2013 08:24 AM, Daniel Stojanov wrote:
> On 02/10/2013 12:05 AM, "Νίκος" <nikos.gr33k@gmail.com> wrote:
> 
>> Thanks for visting my website: you help me increase my google page
>> rank without actually utilizing SEO.
>> 
>> -- https://mail.python.org/mailman/listinfo/python-list
> 
> 1) You need links, not page views to improve your Google rank.
> 
> 2) I just signed up the this mailing list. To the regulars, is this
> what normally happens on this list?

Recently, it seems to have become normal.

> 3) I'm a bit late to the party. Is Nikos a real sysadmin or is this
> some horrible inside joke I don't get?

Nikos is running a website he wrote in Python and seems to 
be learning as he goes.  He offends a number of people here 
by refusing to take "advice" such as hire someone, spend a 
few years learning python, system administration, webserver 
administration, and the like given without the slightest 
knowledge of Nikos' circumstances.  He also repeatedly re-
asks questions when he doesn't understand or like the answers
received, seems to prefer to find answers to questions by 
asking here rather than researching himself (tho it is not 
clear how much being a non-native English speaker plays into 
that.)  He is also willing to respond in kind to hostile remarks
addressed to him, and does not display proper deference to 
the regulars here in other way too.

All of the above irritates a number of people here, who, being
rather like Nikos themselves in their complete disregard for 
the signal-to-noise ratio or atmosphere of the group, find in 
him a good excuse to vent their own frustrations by responding 
with more patently useless "advice", insults, ridicule, threats 
and other vitriolic noise.  They rationalize this as applying 
social pressure blithely ignoring that it's shown no signs of
working.

In other words, many of Nikos' threads degenerate into a plain
old-fashioned flame war.  Probably the vast majority of readers
do their best to simply ignore the trash posts but there is 
small (but large enough) group of regulars who enjoy participating 
in such flame wars to degrade the quality of the group far more
than would be the case if they were able to follow the time-tested
advice of "don't feed the trolls".

While Stephen D'Aprano is often enough an abrasive poster in his
own right, his comments on the current situation are the most 
sensible I've seen in this disscussion:

 https://mail.python.org/pipermail/python-list/2013-October/656691.html
 https://mail.python.org/pipermail/python-list/2013-October/656716.html

[toc] | [prev] | [next] | [standalone]

#55218

Daniel,

I'm sorry your initial interactions with the list were tainted
by this experience.  Modulo these degenerative threads (usually
started by Nikos), it *really* is a helpful and friendly place.

On 2013-10-02 00:24, Daniel Stojanov wrote:
> 2) I just signed up the this mailing list. To the regulars, is this
> what normally happens on this list?

There's "all the other very helpful, very on-topic traffic" and
there's the "Nikos flailing around trying to get other people to
write his code and solve his problems for him without actually taking
the time to understand the actual problem/solution, and demanding that
helpful/working solutions be contorted to fit his perspective of what
the solution *should* look like" threads.

When things boil up sufficiently, I tend to just use my mail/usenet
client's "kill-thread" feature to auto-block threads where the FROM
header contains Nikos's gmail or "superhost.gr", and suddenly the list
reverts mostly to the "very helpful, very on-topic traffic".

> 3) I'm a bit late to the party. Is Nikos a real sysadmin or is this
> some horrible inside joke I don't get?

You don't leave much wiggle-room there.  I'm afraid he is a "real"
"sysadmin" (for some definition of "real" and "sysadmin") or at
least he has development/deployment access on a shared-hosting
system where he alleges to have <strike>suckers</strike>actual
clients depending on his "services". I wish it was a horrible joke (or
maybe it is).

The site "hacking" referred to in this thread appears to be the result
of his repeated antagonization of the list through his intentional
disregard for advice given; also a result of his failure to heed
instructions on securing the site--especially with regards to
publishing passwords on mailing-lists (or the URLs to the code
containing those plain-text credentials).

Again, I'm sorry this is how you meet the list.

-tkc

[toc] | [prev] | [next] | [standalone]

#55220

On 10/1/13 10:24 AM, Daniel Stojanov wrote:
>
> 2) I just signed up the this mailing list. To the regulars, is this 
> what normally happens on this list?
>

This is not what normally happens here.  Usually we have concise and 
helpful conversations.

Unfortunately, every online community has to struggle with the 
occasional troublemaker.  We are currently struggling with that. The 
best approach is to simply ignore people that you either can't help or 
don't care to help.

> 3) I'm a bit late to the party. Is Nikos a real sysadmin or is this 
> some horrible inside joke I don't get?
>

Please don't contribute to the problem by discussing Nikos.

Thanks,

--Ned.

[toc] | [prev] | [next] | [standalone]

#55221

Στις 1/10/2013 5:52 μμ, ο/η Ned Batchelder έγραψε:
> On 10/1/13 10:24 AM, Daniel Stojanov wrote:
>>
>> 2) I just signed up the this mailing list. To the regulars, is this
>> what normally happens on this list?
>>
>
> This is not what normally happens here.  Usually we have concise and
> helpful conversations.
>
> Unfortunately, every online community has to struggle with the
> occasional troublemaker.  We are currently struggling with that. The
> best approach is to simply ignore people that you either can't help or
> don't care to help.
>
>> 3) I'm a bit late to the party. Is Nikos a real sysadmin or is this
>> some horrible inside joke I don't get?
>>
>
> Please don't contribute to the problem by discussing Nikos.
>
> Thanks,
>
> --Ned.

Excuse me...but i;am no troublemaker, i ask question and read the 
answers and comment on those.

And also i was the one being hacked here, not ther other way around, i 
did not started this.

[toc] | [prev] | [next] | [standalone]

#55253

On 2/10/2013 1:34 AM, Νίκος wrote:
> i ask question and read the answers and comment on those.

Citation needed.

[toc] | [prev] | [next] | [standalone]

#55238

[Multipart message — attachments visible in raw view] — view raw

On 2 October 2013 00:00, Νίκος <nikos.gr33k@gmail.com> wrote:

>
> Thanks for visting my website: you help me increase my google page rank
> without actually utilizing SEO.
>
> Here:  http://superhost.gr/?show=log&**page=index.html<http://superhost.gr/?show=log&page=index.html>


Speaking of which, I would strongly advise against *anyone* going to Nikos'
web site. With the length of time his credentials have been available for
anyone in the world to obtain and use it's highly likely that by now his
website is a malware-spewing zombie member of a botnet.

Of course, I'm not going to risk it by going there to check myself ...

Tim Delaney

[toc] | [prev] | [next] | [standalone]

Page 1 of 5  [1] 2 3 4 5  Next page →

Back to top | Article view | comp.lang.python

csiph-web