Welcome to the Invelos forums. Please read the forum rules before posting.

Read access to our public forums is open to everyone. To post messages, a free registration is required.

If you have an Invelos account, sign in to post.

  Invelos Forums->General: Announcements Page: 1 2  Previous   Next
Private setting for Email Addresses
Author Message
Invelos Software, Inc. RepresentativeKen Cole
Invelos Software
Registered: March 10, 2007
United States Posts: 4,276
Posted:
PM this userEmail this userVisit this user's homepageView this user's DVD collectionDirect link to this postReply with quote
It was called to my attention this morning that there existed a way to access email addresses of forum users regardless of their email address privacy setting.  I investigated and identified the method, which involved manually creating falsified URLs.  I have corrected the issue so this is no longer possible.

I apologize for any trouble this may have caused for any of our users.  As an additional step, we will perform a full audit to ensure that no additional ways exist to bypass email address or other privacy.
Invelos Software, Inc. Representative
DVD Profiler Unlimited RegistrantStar Contributorwidescreenforever
Under A Double DoubleW
Registered: March 13, 2007
Reputation: High Rating
Canada Posts: 5,259
Posted:
PM this userVisit this user's homepageView this user's DVD collectionDirect link to this postReply with quote
would this explain all the viagra spam I also get....  ??   

Thanks  Ken.. !
In the 60's, People took Acid to make the world Weird. Now the World is weird and People take Prozac to make it Normal.

Terry
DVD Profiler Desktop and Mobile RegistrantMarEll
Registered: June 9, 2007
United Kingdom Posts: 1,208
Posted:
PM this userView this user's DVD collectionDirect link to this postReply with quote
I thought all posts in the Anouncements board were supposed to be locked?? 
Invelos Software, Inc. RepresentativeKen Cole
Invelos Software
Registered: March 10, 2007
United States Posts: 4,276
Posted:
PM this userEmail this userVisit this user's homepageView this user's DVD collectionDirect link to this postReply with quote
This one is open for comment for a period of time.
Invelos Software, Inc. Representative
DVD Profiler Unlimited RegistrantStar Contributorwidescreenforever
Under A Double DoubleW
Registered: March 13, 2007
Reputation: High Rating
Canada Posts: 5,259
Posted:
PM this userVisit this user's homepageView this user's DVD collectionDirect link to this postReply with quote
I received this alert when I was 'surfing' around Invelos the other day.,, This is what I found out about 'TCP Fin Scan':
The firewall alert that you are seeing indicates that someone has
attempted to scan your computer using the TCP FIN Scan. What this does
is attempt to determine which ports are open on your computer so that
they may be used to intrude. The fact that you have been alerted to the
scan by the Shaw Secure firewall is your assurance that the scan was not
successful, as it was blocked by Shaw Secure. It is impossible to
prevent someone from attempting to scan your computer, since the
Internet is, by its very nature, a shared medium, and so the defence is
to block the scan. So there is no cause for concern because Shaw Secure
has protected your computer from being scanned.

Is this what this Post is about Ken ??

In the 60's, People took Acid to make the world Weird. Now the World is weird and People take Prozac to make it Normal.

Terry
 Last edited: by widescreenforever
DVD Profiler Desktop and Mobile RegistrantStar ContributorSH84
Registered: March 13, 2007
Reputation: High Rating
Germany Posts: 922
Posted:
PM this userView this user's DVD collectionDirect link to this postReply with quote
No, what Ken meant is that it was possible to get my mail address (mine should be private) by switching the username in a legit url like http://www.invelos.com/ConfirmNotAutomated.aspx?task=email&alias=widescreenforever to my username: http://www.invelos.com/ConfirmNotAutomated.aspx?task=email&alias=SH84. Prior to this patch everyone could "solve" the test and get my mail address, now that's not possible.

And you got a simple portscan, script kiddies do them all day long and try to get an infected pc to play with. It's nothing to worry about if your computer is clean.

Deutsches DVD Profiler Forum: www.dvdprofiler-forum.de
 Last edited: by SH84
DVD Profiler Unlimited RegistrantFredLooks
phpDVDProfilerDude D5/7/2
Registered: March 13, 2007
Canada Posts: 349
Posted:
PM this userEmail this userVisit this user's homepageView this user's DVD collectionDirect link to this postReply with quote
... and the one you posted appears to originate from France somewhere ...
-fred
DVD Profiler Desktop and Mobile Registrantpauls42
Reg: 31/01/2003
Registered: March 13, 2007
United Kingdom Posts: 2,690
Posted:
PM this userEmail this userVisit this user's homepageView this user's DVD collectionDirect link to this postReply with quote
Quoting widescreenforever:
Quote:
I received this alert when I was 'surfing' around Invelos the other day.,, This is what I found out about 'TCP Fin Scan':
The firewall alert that you are seeing indicates that someone has
attempted to scan your computer using the TCP FIN Scan.


It seems you only get the warning if you are using IE6 or IE7.
Paul
 Last edited: by pauls42
DVD Profiler Desktop and Mobile RegistrantDr. Killpatient
Here's my card
Registered: May 19, 2007
Reputation: Highest Rating
United States Posts: 5,832
Posted:
PM this userView this user's DVD collectionDirect link to this postReply with quote
That scan alert didn't come from Invelos - it's not related to your browsing but is a probe being performed by someone else.
DVD Profiler Unlimited RegistrantStar Contributorwidescreenforever
Under A Double DoubleW
Registered: March 13, 2007
Reputation: High Rating
Canada Posts: 5,259
Posted:
PM this userVisit this user's homepageView this user's DVD collectionDirect link to this postReply with quote
it just seemed funny that i got that intrusion while I was on an Invelos page..
In the 60's, People took Acid to make the world Weird. Now the World is weird and People take Prozac to make it Normal.

Terry
DVD Profiler Desktop and Mobile Registrantr.nagtegaal
expect the unexpected
Registered: April 4, 2007
Netherlands Posts: 83
Posted:
PM this userEmail this userView this user's DVD collectionDirect link to this postReply with quote
I had the same..an intrusion warning when i was on the invelos site!!!
I get the warning from mine firewall Kaspersky.

R.N
DVD Profiler Unlimited RegistrantStar Contributorsnarbo
Registered: March 13, 2007
United Kingdom Posts: 1,242
Posted:
PM this userDirect link to this postReply with quote
A damn good firewall with settings to allow you out and un-warranted intruders out will stop any intrusion.

@Terry: just because you where on the Invelos site at the time the attack occured doen't mean it's Invelos site related. I have seen them come up on a freinds PC when he was only downloading his email's.

Steve
DVD Profiler Desktop and Mobile RegistrantStar ContributorRander
I hate mondays...
Registered: March 13, 2007
Denmark Posts: 589
Posted:
PM this userEmail this userVisit this user's homepageView this user's DVD collectionDirect link to this postReply with quote
Quoting widescreenforever:
Quote:
Is this what this Post is about Ken ??



No, the screenshot shows that the scan originated from the IP-address 83.115.198.142, which has nothing to do with Invelos - it belongs to a private costumer in France (with the ISP Wanadoo)...

That you got it while visiting the Invelos website has nothing to do with anything - you would have gotten it no matter which site you were on when the scan was initiated - you would even have gotten it if your browser was closed at the time...
The future is here. It's just not widely distributed yet. (William Gibson)
DVD Profiler Unlimited RegistrantStar Contributorhydr0x
Registered: April 4, 2007
Germany Posts: 813
Posted:
PM this userView this user's DVD collectionDirect link to this postReply with quote
Well, if two of you were being "attacked" by a french private person not even hiding their IP while browsing this forum there is a possibility it is one of our french users :/
- Jan
DVD Profiler Desktop and Mobile RegistrantDr. Killpatient
Here's my card
Registered: May 19, 2007
Reputation: Highest Rating
United States Posts: 5,832
Posted:
PM this userView this user's DVD collectionDirect link to this postReply with quote
Well, if they want to see what ports are open, they have to have their IP visible.  If they spoof their IP address, they don't get any response back because the response goes somewhere else.
DVD Profiler Unlimited RegistrantStar ContributorSrehtims
Registered: March 13, 2007
United States Posts: 1,796
Posted:
PM this userView this user's DVD collectionDirect link to this postReply with quote
Quoting widescreenforever:
Quote:
would this explain all the viagra spam I also get....  ??   

Thanks  Ken.. !


Not to mention enhancement spam for certain body parts.
but your oversight wasn't as noticeable cause of spam increase compare to:
Moat on my spam increased when I amplified for Social Security, an other example of how our government is looking out for you.
My spam blocker catches about 150 to 200 a day, not mention 25 to 40 possible spam.
We don't need stinkin' IMDB's errors, we make our own.
Ineptocracy, You got to love it.
"Nearly all men can stand adversity, but if you want to test a man's character, give him power." - Abraham Lincoln
 Last edited: by Srehtims
  Invelos Forums->General: Announcements Page: 1 2  Previous   Next