What's new
  • As of today ICMag has his own Discord server. In this Discord server you can chat, talk with eachother, listen to music, share stories and pictures...and much more. Join now and let's grow together! Join ICMag Discord here! More details in this thread here: here.

Important Informatiom On IP logging

G

Guest

this is from a concerned web master
So, OG's Gone...Think you're safe?
So, OG's Gone...Think you're safe?
By rick at Sun, 2006-02-05 18:41

Better Think again!

Nearly all of the major Marijuana Cultivation websites on the Internet run a bulletin board software by the name of vBulletin. This is not an open source project, however, the source code is available and easily modified to suit any developers needs. Through the years, website owners have believed that they have been safe by not logging IP address with users posts. This is an option in the administration section of the vBulletin software; Dont log IP, Log IP, Log for only admin".

The typical setup is to completey shutoff, or "Dont Log IP". However, this severely missleading! Please take note and re-read this if you need to! vBulletin stores your registering IP Address as well as the exact time of that registration. This info is stored automatically and is typicaly not known to the developer. With these two pieces of information it would be possible to uniquely identify anyone who was not using additional security precautions such as a proxy server.

How does this relate to the recent news of OG? Well, assuming that RC did not know about this, just as I did not know about this until early this morning during an additional security audit of HempCultivation.Com, it could mean that potentially comprimising information was obtained, plain and simple. This "feature" is used on every version of vB that I have tested and ran myself. I imagine it was in the original versions and always carried along. Not sure why...But be aware.

What we need to know is if RC had manually disabled this...I dont know.

Now, this is directly to Gypsy of ICMAG.Com. IF YOU KNOW GYPSY, PLEASE BE CERTAIN THAT HE SEE'S THIS!~

Gypsy, please do not take this as an attack. I tried to post this directly to you but it appears that my posting priviledges at ICMag have been removed or there is some other problem. This is the best way for me to reach you.

Your vBulletin installation is probably vulnerable to the ip information stored above. You have a great deal of the OG refugees on your site, and that's great that they have come together, however, these folks have already been jeopordized once to at least some degree. I am going to post some directions for you to follow to eliminate all IP addresses stored in your database as well as eliminate the future storage of this information by the database. This is something that we need to do immediately for the sake of the users.

First, you will need to edit the file registration.php - look for the line:

'$userdata->set('ipaddress', IPADDRESS);'
Replace that line with this:
$userdata->set('ipaddress','');

This will prevent new users registering from having their ip address stored in the db.

Next you are going to want to access you mySQL db and issue the following command:

UPDATE user SET ipaddress='';

This will empty out all ip adresses that have been stored from user registrations.

If you dont know how to do any of this or if you would simply like assistance I'd be happy to help you. The most important this is that this be done immediately.

Other cultivation websites should also pay attention to the "feature" of discussion boards and you may wish to manually disable it yourself.

~r
Click to expand...

this issue was addressed by Gypsy and the webmaster here a while back
whether RC had this turned off or on I don't know
but rest assured we have it turned off and only when you are logged on is your IP stored
within a minute or two of you logging off its gone.

OP
 
Sleepy

Sleepy

Active member
Veteran
thanks for reassuring us.

Gypsy, Dutchgrown, Green Lantern Old Pink, & crew always look after our security. :woohoo:
 
Protostele

Protostele

Member
oldpink said:
..... and only when you are logged on is your IP stored
within a minute or two of you logging off its gone.

OP
Click to expand...

If I shut down my computer at night I always logged off OverGrow, but if my wife shut down my computer for me she always just closed Opera. Did the server retain my IP address at such times? I am not too concerned about it, but perhaps I should change my habits if it makes a difference.

Now....I wonder who shut down my computer last time I was on OG, me or the wife. :confused:

Protostele

<edit> Oldpink's tirade below was aimed at a since deleted post from someone else.....not me....I think...LOL
 
Last edited:
G

Guest

what does the NSA have to do with a RCMP bust on a seed company have in common
Nothing,
sorry your talking crap here and have no idea of the subject in hand so please stay out of it till you have anythng usefull to post

OP
 
J

johnboi2006

New member
does your local server record your internet traffic?

does your local server record your internet traffic?

Does anyone know this? I mean does your local internet provider store data on your traffic out of their servers? Does anyone know if you can access local proxy servers without accessing your internet providers servers?
 
R

Ron Bennett

New member
Personal communications is where it really matters... not revealing too much.

Personal communications is where it really matters... not revealing too much.

johnboi2006 said:
Does anyone know this? I mean does your local internet provider store data on your traffic out of their servers?
Click to expand...

Many ISPs log resources, such as websites, accessed by its users. The logging often isn't that detailed beyond that ... so it's not like they log everything, but one should assume, at minimum, the remote IPs of sites visited along with possibly urls to be logged by their ISP.

Dynamic IP allocation doesn't affect logging in any meaningful way - even users on shared IPs are a cinch for an ISP to log. Again, assume all remote IPs and possibly urls to be logged.

johnboi2006 said:
Does anyone know if you can access local proxy servers without accessing your internet providers servers?
Click to expand...

No. To effectively avoid one's ISP, one needs to use someone elses, such as in a coffee shop, via wifi, etc.

But as I replied to Rick's post on HempCultivation, IP addresses are the least of one's worries ... it's personal communications, such as email, PM, IM, meeting in person, exchanging goods, etc where the real threat to one's safety / privacy really is.

IPs in and of themselves are of little value; near impossible to build any court case on IPs alone for both technical and social reasons...

An IP, assuming its correct [an assumption one can't always bank on] doesn't identify who is actually conducting the activity ... it could be a friend, relative, rogue program, or simply a stranger from elsewhere else piggybacking on one's IP.

Ultimately, privacy is one's personal responsibility, not that of a website, etc; be wary of revealing personal details one doesn't want others to know. Simple as that.

Ron

p.s. many VB boards have IMG turned on by default ... before even bothering with proxies or whatnot, turn off IMG in UserCP, at least for PMs.
 
ixnay007

ixnay007

"I can't remember the last time I had a blackout"
Veteran
Most ISPs, unless they're required to by law, won't be monitoring where their clients are going, unless the have tons of empty space on their hard drives going to waste. About all most ISPs will keep is a record of the user name, password, connecting number (if dialup) or some other identifer with DSL or cable, IP address assigned, and when you requested the IP (disconnection times also with dialup). Basic Radius type info.

If you do have reason to believe your ISP might be monitoring your web browsing habits, read their TOS, and if necessary change providers.
 
G

Guest

What about the chat server? Is this located in the same place as the servers or hosted in a different place? also how secure is this vs the board? thx.
 
G

Guest

interesting question,, i fell asleep with mine on the site many of times...
 
T

Tejas

New member
I'll try to make this as short as possible. I'm on dial-up with a big local IPS.
Not even in North America...somewhere in East Asia.
Yesterday I installed ZoneLab Firewall.After that I spent 2 hours on this site and it said it blocked 230+ attempts to connect. Then I installed a "route tracer" and entered a random dozen of the IP addresses.
It could not find the address of any of them.
The first thing Zone Alarm reported this morning was "windows messenger" was trying to count keystrokes and mouse movements.
I was not even on the web yet, WTF???

I'm at a web cafe right now as I'm concerned about using my home 'puter.
I'm pretty much computer and web illiterate so any gurus out there give me a shout please.

Is this amount of attempts and the keystroke/mouse thing normal?
 
Drfeelgood

Drfeelgood

New member
So where do you think we stand

So where do you think we stand

I am not sure what to worry about. I have been a long time member of OG and have tried to be very careful and even joined so i could use the Https: site. How safe do you think we are as a possible grower in the US?

Thoughts?

DFG :fsu:
 
G

Guest

Idiots that run my ISP can't find their asses with both hands! Add on fifteen layers of incompetent US Government Bureaurocracy and what do you get?

:fsu:
 
Last edited:
potheadpixie

potheadpixie

Member
DrFeelgood, we just don't know really, it's all speculation right now, paranoia is understandably rampant, and in the poll asking how safe people feel the majority are one the fence or think it'll be ok, the smaller % believe people should be cleaning house of any stuff.
 
G

Guest

OK, for those of you who are concerned about IP logging, this might be some useful information for you, if you understand enough about IP networking. Otherwise it may be gibberish.

I use a broadband ISP. My ISP has a security problem with IP addresses.

They assign a single dynamic IP address to each modem. If a customer wants to network several computers behind the modem, they use a router with NAT functionality.

I didn't trust the story about the modem only providing a single IP address. Here's what I did. I installed a bridge behind the modem. I connected the router to one of the bridge ports, and left it configured to use the dynamically assigned IP address. I directly connected one of my PCs to another bridge port, and manually assigned it the next host address above the one assigned by the modem to the router.

Bingo, it works. Now I can surf from the directly connected PC using an address that I "borrowed". Who's address is it? Good question. It may simply be unassigned, or it may belong to another customer. The key is, it doesn't belong to me.

Hypothetically, if there was a LEO witch hunt, and they claimed to trace postings back to me, they would have a shaky case, based on the ability of customers to borrow IP addresses that don't belong to them. Who's to say someone didn't borrow my address to post at OG and IC?

Meanwhile, I can surf and post using this borrowed address, and they can't trace it back to me. When I disconnect, the tracks are gone.

Whether or not this will work for others depends on how well their ISP manages their network. It works for me in any case.
 
potheadpixie

potheadpixie

Member
^^^Nice to know, probably best understood and implemented by the more knowledgeable among us, although at the moment I guess that's water under the bridge if LEO has been monitoring people for some indeterminate amount of time.
 
00420

00420

full time daddy
Veteran
i just talk to green lantern and he said we are cool.... " kid's stuff"

icmag nor og had this
 
Last edited:
You must log in or register to reply here.

Latest posts

Latest posts

Top