this is from a concerned web master
So, OG's Gone...Think you're safe?
So, OG's Gone...Think you're safe?
By rick at Sun, 2006-02-05 18:41

Better Think again!

Nearly all of the major Marijuana Cultivation websites on the Internet run a bulletin board software by the name of vBulletin. This is not an open source project, however, the source code is available and easily modified to suit any developers needs. Through the years, website owners have believed that they have been safe by not logging IP address with users posts. This is an option in the administration section of the vBulletin software; Dont log IP, Log IP, Log for only admin".

The typical setup is to completey shutoff, or "Dont Log IP". However, this severely missleading! Please take note and re-read this if you need to! vBulletin stores your registering IP Address as well as the exact time of that registration. This info is stored automatically and is typicaly not known to the developer. With these two pieces of information it would be possible to uniquely identify anyone who was not using additional security precautions such as a proxy server.

How does this relate to the recent news of OG? Well, assuming that RC did not know about this, just as I did not know about this until early this morning during an additional security audit of HempCultivation.Com, it could mean that potentially comprimising information was obtained, plain and simple. This "feature" is used on every version of vB that I have tested and ran myself. I imagine it was in the original versions and always carried along. Not sure why...But be aware.

What we need to know is if RC had manually disabled this...I dont know.

Now, this is directly to Gypsy of ICMAG.Com. IF YOU KNOW GYPSY, PLEASE BE CERTAIN THAT HE SEE'S THIS!~

Gypsy, please do not take this as an attack. I tried to post this directly to you but it appears that my posting priviledges at ICMag have been removed or there is some other problem. This is the best way for me to reach you.

Your vBulletin installation is probably vulnerable to the ip information stored above. You have a great deal of the OG refugees on your site, and that's great that they have come together, however, these folks have already been jeopordized once to at least some degree. I am going to post some directions for you to follow to eliminate all IP addresses stored in your database as well as eliminate the future storage of this information by the database. This is something that we need to do immediately for the sake of the users.

First, you will need to edit the file registration.php - look for the line:

'$userdata->set('ipaddress', IPADDRESS);'
Replace that line with this:
$userdata->set('ipaddress','');

This will prevent new users registering from having their ip address stored in the db.

Next you are going to want to access you mySQL db and issue the following command:

UPDATE user SET ipaddress='';

This will empty out all ip adresses that have been stored from user registrations.

If you dont know how to do any of this or if you would simply like assistance I'd be happy to help you. The most important this is that this be done immediately.

Other cultivation websites should also pay attention to the "feature" of discussion boards and you may wish to manually disable it yourself.

~r

this issue was addressed by Gypsy and the webmaster here a while back
whether RC had this turned off or on I don't know
but rest assured we have it turned off and only when you are logged on is your IP stored
within a minute or two of you logging off its gone.

OP

thanks for reassuring us.

Gypsy, Dutchgrown, Green Lantern Old Pink, & crew always look after our security. :woohoo:

..... and only when you are logged on is your IP stored
within a minute or two of you logging off its gone.

OP

If I shut down my computer at night I always logged off OverGrow, but if my wife shut down my computer for me she always just closed Opera. Did the server retain my IP address at such times? I am not too concerned about it, but perhaps I should change my habits if it makes a difference.

Now....I wonder who shut down my computer last time I was on OG, me or the wife. :confused:

Protostele

<edit> Oldpink's tirade below was aimed at a since deleted post from someone else.....not me....I think...LOL

what does the NSA have to do with a RCMP bust on a seed company have in common
Nothing,
sorry your talking crap here and have no idea of the subject in hand so please stay out of it till you have anythng usefull to post

OP

Does anyone know this? I mean does your local internet provider store data on your traffic out of their servers? Does anyone know if you can access local proxy servers without accessing your internet providers servers?

Does anyone know this? I mean does your local internet provider store data on your traffic out of their servers?

Many ISPs log resources, such as websites, accessed by its users. The logging often isn't that detailed beyond that ... so it's not like they log everything, but one should assume, at minimum, the remote IPs of sites visited along with possibly urls to be logged by their ISP.

Dynamic IP allocation doesn't affect logging in any meaningful way - even users on shared IPs are a cinch for an ISP to log. Again, assume all remote IPs and possibly urls to be logged.

Does anyone know if you can access local proxy servers without accessing your internet providers servers?

No. To effectively avoid one's ISP, one needs to use someone elses, such as in a coffee shop, via wifi, etc.

But as I replied to Rick's post on HempCultivation, IP addresses are the least of one's worries ... it's personal communications, such as email, PM, IM, meeting in person, exchanging goods, etc where the real threat to one's safety / privacy really is.

IPs in and of themselves are of little value; near impossible to build any court case on IPs alone for both technical and social reasons...

An IP, assuming its correct [an assumption one can't always bank on] doesn't identify who is actually conducting the activity ... it could be a friend, relative, rogue program, or simply a stranger from elsewhere else piggybacking on one's IP.

Ultimately, privacy is one's personal responsibility, not that of a website, etc; be wary of revealing personal details one doesn't want others to know. Simple as that.

Ron

p.s. many VB boards have IMG turned on by default ... before even bothering with proxies or whatnot, turn off IMG in UserCP, at least for PMs.

WTF!

op....?????
whats happening?
more confused now

Most ISPs, unless they're required to by law, won't be monitoring where their clients are going, unless the have tons of empty space on their hard drives going to waste. About all most ISPs will keep is a record of the user name, password, connecting number (if dialup) or some other identifer with DSL or cable, IP address assigned, and when you requested the IP (disconnection times also with dialup). Basic Radius type info.

If you do have reason to believe your ISP might be monitoring your web browsing habits, read their TOS, and if necessary change providers.

What about the chat server? Is this located in the same place as the servers or hosted in a different place? also how secure is this vs the board? thx.

Is there any less security in PMs than posting on the boards for any reason?

interesting question,, i fell asleep with mine on the site many of times...

I'll try to make this as short as possible. I'm on dial-up with a big local IPS.
Not even in North America...somewhere in East Asia.
Yesterday I installed ZoneLab Firewall.After that I spent 2 hours on this site and it said it blocked 230+ attempts to connect. Then I installed a "route tracer" and entered a random dozen of the IP addresses.
It could not find the address of any of them.
The first thing Zone Alarm reported this morning was "windows messenger" was trying to count keystrokes and mouse movements.
I was not even on the web yet, WTF???

I'm at a web cafe right now as I'm concerned about using my home 'puter.
I'm pretty much computer and web illiterate so any gurus out there give me a shout please.

Is this amount of attempts and the keystroke/mouse thing normal?

I am not sure what to worry about. I have been a long time member of OG and have tried to be very careful and even joined so i could use the Https: site. How safe do you think we are as a possible grower in the US?

Thoughts?

DFG :fsu:

Idiots that run my ISP can't find their asses with both hands! Add on fifteen layers of incompetent US Government Bureaurocracy and what do you get?

:fsu:

DrFeelgood, we just don't know really, it's all speculation right now, paranoia is understandably rampant, and in the poll asking how safe people feel the majority are one the fence or think it'll be ok, the smaller % believe people should be cleaning house of any stuff.

OK, for those of you who are concerned about IP logging, this might be some useful information for you, if you understand enough about IP networking. Otherwise it may be gibberish.

I use a broadband ISP. My ISP has a security problem with IP addresses.

They assign a single dynamic IP address to each modem. If a customer wants to network several computers behind the modem, they use a router with NAT functionality.

I didn't trust the story about the modem only providing a single IP address. Here's what I did. I installed a bridge behind the modem. I connected the router to one of the bridge ports, and left it configured to use the dynamically assigned IP address. I directly connected one of my PCs to another bridge port, and manually assigned it the next host address above the one assigned by the modem to the router.

Bingo, it works. Now I can surf from the directly connected PC using an address that I "borrowed". Who's address is it? Good question. It may simply be unassigned, or it may belong to another customer. The key is, it doesn't belong to me.

Hypothetically, if there was a LEO witch hunt, and they claimed to trace postings back to me, they would have a shaky case, based on the ability of customers to borrow IP addresses that don't belong to them. Who's to say someone didn't borrow my address to post at OG and IC?

Meanwhile, I can surf and post using this borrowed address, and they can't trace it back to me. When I disconnect, the tracks are gone.

Whether or not this will work for others depends on how well their ISP manages their network. It works for me in any case.

^^^Nice to know, probably best understood and implemented by the more knowledgeable among us, although at the moment I guess that's water under the bridge if LEO has been monitoring people for some indeterminate amount of time.

i just talk to green lantern and he said we are cool.... " kid's stuff"

icmag nor og had this

00420, what do you mean by the above?

00420, what do you mean by the above?


well i dont like posting pm's but in this case im going to

Original Pm by 00420

this taking care of?


http://www.icmag.com/ic/showthread....7547#post327547



original pm green lantern


yeah man, kid stuff.

og diddnt have it either.


:lurk:

p.s. many VB boards have IMG turned on by default ... before even bothering with proxies or whatnot, turn off IMG in UserCP, at least for PMs.


whats up with this???? why should we so we know i trust u but info is allways nice :D

ill post what shabang posted on og years ago. i think its in that same thread someone posted from google chache on ip security.

http://www.icmag.com/gallery/data/500/314Image66.jpg

Tejas: The first thing Zone Alarm reported this morning was "windows messenger" was trying to count keystrokes and mouse movements.

Dude, sounds like you have a keylogger trojan on your puter, I suggest running your spyware program

"windows messenger"


control panel/admintools/services

then look for messanger and disable it

it dont turn off msger it turns its internet services off
(it one of them backdoor for spyware to get in n out)
( lil gray window's popup on u ? ) not no more if u do this

u for sure have spyware..... if its counting keystokes....lol

id go check out some computer tech fourms for spyware removal more then one program is needed......

XP SP2 has the messenger svc disabled as a default.

Who's to say someone didn't borrow my address to post at OG and IC?



Yes! Who says that images are really yours? Maybe the're from google... I live in a small country, 2 million people... We have growing forums that run for several years now and I am a part of the team. They have never checked who is on forums, they never used any evidence from there and they could, easily get to the info, if they watnted to... They leave small growers alone. Who would bother for fucking a guy with 10 plants he uses for himself and some friends. There are better things to do.

Peace and love,
Agnes

They leave small growers alone. Who would bother for fucking a guy with 10 plants he uses for himself and some friends. There are better things to do.


There are lots of folks hoping the same thing, probably the majority are "small closet space sized gardeners". It's hard to believe they'd go right down the list knocking down these small spaced gardens. I would think that'd be a publicity nightmare....you leo's spent how many thousands of dollars on this "investigation" and you're getting all these 10 plant gardens....wow! Impressive. Anyway.....here's hoping for the best.

It amuses me that this type of conversation keeps popping up. The internet is pretty much still the 'wild west' when it comes to getting in trouble for stuff.

Stay away from child pron-n-terrorism and I think you'll be alright.

no face, no name, no address? No problem!

Hey Peeps,
I have also read that if you setup an open wireless connection(hub/router) behind your modem, should a case ever be brought against you based on IP information, said info would be worthless in court if you have verifiable proof of the open wireless connection which would allow any one access to you internet connection. I'm relaying what I have read, again everyone is responsible for your own personal security, the mods here are only accountable on their end not your end. Stay safe, stay green, peace.

Hey Peeps,
I have also read that if you setup an open wireless connection(hub/router) behind your modem, should a case ever be brought against you based on IP information, said info would be worthless in court if you have verifiable proof of the open wireless connection which would allow any one access to you internet connection. I'm relaying what I have read, again everyone is responsible for your own personal security, the mods here are only accountable on their end not your end. Stay safe, stay green, peace.

The only problem you have with Wireless. Is anyone around you can crack it and see what you are up too.

You guys keep up this good work/posting about security, because it helps to keep it in the forefront of our brains. When I drive now, heck everything I do now, I'm much more alert about my safety and legal issuses. It's a form of survival mode, to protect us from harm. Thanks so much!

The only problem you have with Wireless. Is anyone around you can crack it and see what you are up too.


True, but what are you logging into when you go wireless at an internet cafe or such, the same situation. Any computer geek in the place that really wants to see what's on your pc while your logged in can do it unless you've protected yourself before logging on. I would not recommend an unlocked wireless connection to anyone that uses there pc for financial situations. I don't recommend wireless to businesses unless they are willing to accept the risk. When properly set-up wireless can be very convenient and quit secure but for the best security, a piece of Cat5 is the way to go. For the average joe shmoe user that reads sites like this, plays games or what have ya, wireless is great.
I was just throwing it out there for a defense should someone have the worst luck possible and find themselves on the ground breaking end of an IP based bust. With an open wireless connection on your network, there is always the possibilty somone else could have used your internet connection. I'm definately not telling everyone they should run out and buy a wireless link for their network, please don't think this is my intention, it's just some info to pass along. Stay safe everyone.

The only problem you have with Wireless. Is anyone around you can crack it and see what you are up too.

Maybe your grandmas wireless but now a days they have plenty better encryption and access lists. Sure you could break it after parking your ass outside my house for a few years but when you can drive a few more miles and tap into Mr. Zerosecurity why wait?

By utilizing the least protective security measures you can fend off about 99.99% of all the attackers.

Then remember that an open unprotected system is in a grey area of the law right now, sure it not yours but open and unprotected [ ie does not need a hack to get in ] generally means open for public use. Theres a few cases pending in NYC a other densly populated areas where people tend to suck away a lot of "free" bandwidth knowing someone is paying for it.

didn't mean to get flamed. But most non internet friendly people out there don't know shit about security. And I sure in the hell would not want my neighbor to know im growing.

To stay safe is to not post pot pictures on the internet period. Where there is a will there is a way ;)

don't flame me . Its just better safe then sorry locked up in prison. You can learn learn learn off these sites without bragging about your grow.

Or better yet.. take pictures... and post them after you harvested ;)

All good points made and taken to heart here. That's what I was asking for: point blank security measures to keep out of the pokie.

Believe me, you werent flamed. I have plenty examples of those if you need. I merely pointed out what your post didnt. My post was informative and had the technical information to back it to ease up on all the fear mongering people have been posting around here. Seems your follow up was more of the same.

I think you give peeps a whole lot less credit than knowing they shouldnt run an open wireless computer network in their grow house. I guess neon potleaf signs in the window are a no no too?

lol good point and well taken. ;)

. . . .

I spoke to an Absolute Expert regarding this "IP Logging" debacle,and he assured me that there's not fuckall of a way to get a warrant simply based on posts from a particular IP.
If you used your "real" email addy to activate an OG/CW account,that'd be one way to track you,but I-f'ing P's are NOT going to be the downfall of anybody posting on these VB sites.
QuitfuckingWORRYING.


Thanks.

I would not be so sure on that Rez. If you use a Cable connection. Your marked!

I use heavily-cloaked DSL,myself,but I checked into the cable-based IP's,and dropped a WHOIS on a random selection of a few friends,with different providers....what I got for info....ain't much....and posts certainly can't be linked to any specific computer, provided you keep a clean HD,and don't save/copy emails/forums.
(Why anybody would ever save emails is a complete mystery to me!)
Also,anybody running open-source internet,essentially,giving it away,is even less likely to to have any hassles regarding posts made from any specific IP addy.
So,post heavily cloaked and give away some bandwidth,is my suggestion.

Ciao!

. . . .

I spoke to an Absolute Expert regarding this "IP Logging" debacle,and he assured me that there's not fuckall of a way to get a warrant simply based on posts from a particular IP.
If you used your "real" email addy to activate an OG/CW account,that'd be one way to track you,but I-f'ing P's are NOT going to be the downfall of anybody posting on these VB sites.
QuitfuckingWORRYING.


Thanks.



I read most of the posts in OG's Security and Legal forum for over a year before OG died. I never heard of anyone being busted due to random information gathered as a result of electronic surveillance. Why...because it's simply not legal under the U.S. justice system; I expect not under Canada's either.

Go back to the Marc Emery thing, all of the Marc the Narc blah blah blah. It was a huge DEA-driven bust. But, nobody other than Emery and his two employees were busted. Why...because authorities are going for maximum return on investment; bust the big seed distributors instead of trying to chase down every podunk grower on the North American continent.

On the other hand, I did read dozens of "I just got bustid because I'm stoopid" threads. One of my favorites was the bonehead who walked past a parked cop car and couldn't prevent himself from flippin' the bird. Good thinkin, dude!

If getting busted due to a random sweep of IP addresses is your biggest worry, you are in really good shape.

ever heard of a Mac Address as well? Thats how your pc gets marked with a id.

But your right. people at the moment are not getting busted. But dont you here about those stories about Child Porn on some guys pc's. A teachers, a father yada yada yada.. They may have not used it on us.. but it is a very good possibility

Stay Safe

ever heard of a Mac Address as well? Thats how your pc gets marked with a id.

But your right. people at the moment are not getting busted. But dont you here about those stories about Child Porn on some guys pc's. A teachers, a father yada yada yada.. They may have not used it on us.. but it is a very good possibility

Stay Safe

Nobody here can see my MAC address or yours. MAC addresses aren't sent across the network, they are local to the physical link that your PC is connected to. You are going through dozens of routers in the network; routers strip your MAC address and subsitute theirs when they forward traffic.

Assholes who get busted for child porn do it because they lead investigators to themselves...stings, solicitations, chat, etc., not through IP address surveillance. People around here get it backwards...first you make some dipshit move to become a target of investigation, then the surveillance starts, not the other way around.

If I get busted it won't be through IP address logging or any information on this site, it will because I screwed up somewhere along the line.

Caution is key in staying safe, but much of what is thrown around here right now is unfounded uninformed paranoia.

People around here get it backwards...first you make some dipshit move to become a target of investigation, then the surveillance starts, not the other way around.

If I get busted it won't be through IP address logging or any information on this site, it will because I screwed up somewhere along the line.

Caution is key in staying safe, but much of what is thrown around here right now is unfounded uninformed paranoia.
One of the most sensible things I've seen posted in days...

Im not really all that upset but I have medical so Im not tripp'n. They can come a knockin and leave with a pissed off attitude.

The proxy programs are helpful but aren't fool proof, something about java apps still giving up your ip which runs through a different port other than the web browser. Its cool when you open firefox up and the homepage loads in italian because it sees your ip/computer coming from somewhere in Italy. Anybody got a tip on the java side of running through a proxy?

Useful thread for a change, glad to see it. :smile:

IMBoggled had a good informative article about using tor and privoxy. If I can find it I'll add a link.

Its cool when you open firefox up and the homepage loads in italian because it sees your ip/computer coming from somewhere in Italy. .

Exactly, I know what city my ISP's proxy is in; there's a site I go to that has a web "dating" service as a sponsor; they're always showing all the hot babes in that city who want to meet me!

Their proxy is secure for sure; I've verified it, but once again, people have to understand their own situations and act accordingly.

Good you guys don't keep ip logs. Wonder what prog i should use to bounce or mask my ip.

Nobody here can see my MAC address or yours. MAC addresses aren't sent across the network, they are local to the physical link that your PC is connected to.

Well kind of. First I am speaking with knowledge since I have been involved in the cable space for many years and am well versed on what information gets passed back to the network. Most of this can be found in the DOCSIS - Data over cable service interface specification - which was created and run by CableLabs. CL is funded by the cable comapnies as a standardization body.

Anyway, MAC addresses for the first device behind a cable modem are accessible (viewable) by the cable provider. If you are a single PC setup this is your PC; if you use a router/gateway than this is what is shown. Before I forget this information applies to capabilites available from the network side, i.e. there does not need to be any client software. Now with the XP Media Center and several other local (client side) solutions there are many ways to use the local device to gather a MAC address or other relevant table and present it to a remote location. TO DATE I DO NOT KNOW OF ANY CABLE OPERATOR DOING THIS. However in order to solve some issues, like supporting a home network setup from the network side, many companies are looking and potetentially deploying solutions that have htis capability even if this is not the intended use.

And finally for those that dont believe this call you cable operator with a home netowrk installed and ask for support. You may need to get to a level 2 technician but you will most likely find that they will TELL YOU that you have a network in place and that they cannot support you. This is all done by MAC address since like IP's the pool of #'s are controlled and contain identifiers to define the equipment provider and associated type of device.

Wonder what prog i should use to bounce or mask my ip.


not sure, im looking for a better alternative when im at the home computer..but i use "hipe IP platunim"..when i run it, it shows my ip in diff country

Thanks i'll have to try that one out.