After 39 years of computing, I’ve learned a thing or two about the hacker/script kiddy mind…and, oh boy, it’s going to be fun when they come knocking again…
It’s been a couple of months since this website was rebooted. What that means is that I backed up EVERYTHING…all downloads, themes, tools, html, javascript, all databases… EVERY. SINGLE. FILE. (You might want to write down any of these words you don’t understand, so you can figure out what millions of websites of OTHER people also battle with).
This website started November 1st, 1997…25 years ago. Just a single page…that took off like a rocket. Six months later, I had my first hack…a simple defacing. Someone…probably a “script kiddy”…found out how to replace my home page with new code, same filename, and THAT was when this stupid deathmatch game started.
I’d put my files back…they’d hack it again…and then I started my research on how to stay ahead of these asses of dumb.
I’ve dealt with these morons over a hundred times now…and with each chess move of hacks, attacks, defacings, deletions, and absolute devastation, I’ve learned more, invested more, and locked up more. And yet, things kept heating up.
I don’t like people messing with my shit, my tens of thousands of hours of work (yes, that’s over twenty-five years!), untold tens of thousands of dollars invested, including three college degrees, paying off ALL my $33k of student loans, and burning through a pile of computer hardware and software that would fill up a walk-in closet in the last 39 years.
I’ve helped millions of people since 9/11, had terabytes of my unique one-of-a-kind files downloaded, all over the world, and made thousands of friends the world over. I’m **helping people** and found my life’s calling at the same time. How many people do you know that can say that? Still, the storm clouds keep building.
The “Reason Why” I did a Complete and Total Reboot This Past Spring… (like I said, everything online the last 12 years is and has been backed up offline)
I started LAST summer trying to get all of SurvivalRing brought back to life, full speed ahead. The three years before that turned out to be the worst time of my life in the last 30 years…health issues in several areas, two major surgeries, moving across country…twice, and my concern that I was physically falling apart…at freefall speed.
After some long-term recuperation, I felt much better, but it took quite a while to get to where I wanted to be. Some of it was age related, and some was health related due to injuries going back to my teens.
The big decision was to fight back against bad actors that have continued to leave a mark, get inside, brute force, find weak links, or just do any damage that they could. It never stops, but neither do I.
I just take a breather here or there as needed, and sit back, grab a cup of joe, or tea, or lemonade, and do a bit of digging. Unfortunately, d*ckheads, *ssh*les, and scum seem to never take a break…and there are millions of them,
What I found already starting since this reboot
I started working last fall to get this site back up to speed, and around Thanksgiving, the turd heads got in, and really crapped on the site. A script kiddy found a hole, and uploaded a hacking shell called FoxWSO, and really messed up the gears.
I had backed up the entire site, all code, and all databases January of ’21, with everything weighing in at just over 65 gigabytes, and again this past January. The last one downloaded everything, including the code and hack tools (using eval base64 to hide everything).
Once I found this shell, and its insidious payload, and just exactly what it did, I cleaned up all 43,000 or so files in the desktop system backup folder…inserted into every. single. folder. on the site.
Trying to clean up that number of files online would have taken weeks, and although it might have taken less if I had used a command line interface, but I’m not ready to throw that into the mix.
2 factor, really long passwords, and actual very random characters in those passwords are going to be what keeps those scummy bastards at bay. How do I now?? Here’s a clue.
I’ll give them this…my password is 20 characters, of random, custom generated text. If you look at the chart just above, in the far right column, on the 18 character row, you’ll see that it will take 438 years to brute force this password. Crack THAT, ya heathens…
What I’m doing about…*them*
Currently, becoming a registered member of this website, is locked down, until the full site is back up to speed. Commenting is allowed, so your thoughts and suggestions will get through to me. A new function will be added to SurvivalRing the secures and locks down content and major downloads to “members only”.
Understand this is only to block freeloaders and hackers, securing entirely new sections of NEW files, that will ONLY be available on SurvivalRing. I mean, I’ve been giving way THOUSANDS of files for 25 years now…I think a quarter century of self-serve files is more than fair.
SO…** THEM **. The idiots, morons, and imbeciles who continue to try my nerves, my kindness, and my offerings.
The Black List
Since reinstalling my content management system I’ve used for 14 years, I’ve found thousands of hack attempts from all over the planet, and around 11,000 or so in the past three months.
Some are trying to guess my username, or trying multiple brute force attempts to guess my username AND password…sometimes hundreds of times in a row. Yep…these buttheads think they’re going to guess their way in. Not gonna happen.
They’re even trying other names or email addresses. Nope…not getting in that way either. Each of these hack attempts leave little footprints with every single try. For one, each leaves their IP address…what username they were trying to use to get in, and more.
If you didn’t know how the internet works, your computer/phone/table/etc. leaves an attempt with your VERY OWN IP address…and that’s trackable all the way back to YOUR internet provider. You try more than a few times, I’ll contact your provider and get YOU removed from the internet…
Using the bad guys IP address, I can look up what city, state, or even country you were visiting from, when you visit my website. For example, here’s how I look up the source IP address of each login fail…
A) The lookup tool. IP to Country Lookup, Resolve IP to Country | IPVoid
https://www.ipvoid.com/ip-to-country/
B) A user’s IP address ::
1) Enter the hacker’s IP address and hit the blue “Get IP Country” button.
2) Once you hit enter, the middle box shows the IP address, the continent, and then the country.
3) Using Google Maps, it shows the city or part of the country (or Earth) that the hack came from. All very simple, yes?
C) Future Blocked Bad Boi visits won’t see anything, once I block (or blacklist) their IP address. The tools l use on the backend of the website captures the IP address, the attempted username, how long they tried to logon before being disconnected (usually a second or less), the browser they used, and even more detailed info.
Then, another very good security tool allows me to block that IP address, that city, that state, or that country. Yes, I have blocked entire countries now. China, Russia, Pakistan, Iran…you know the drill…and yes, those countries really do have hackers attempting to get into Lil’ Ol’ SurvivalRing, don’t cha know…
Using this site, I look up the country code, and then enter that into the security tool. Takes less than a minute to stop these doofesses in their tracks. I’ve had to deal with these digital thugs for most of twenty years now, and I’ve gotten really good at mashing them quickly.
How far back do these hacks go?
Hack attempts (successful or not) go back to the late nineties, when I was using AOL Hometown to serve pages and content. At first, I had no idea what was going on. Even back to the eighties, when I was running BBS systems, there were some hacks, but the most common were man-in-the-middle (MITM) attempts that damaged files, software, logs, but rarely hardware. MITM attempts usually came after trying to help someone learn how to run a BBS and capturing some part of the password.
People I thought were friends, were quickly cold shouldered out of my life. Software was updated, or completely changed, phone numbers were moved, or similar events occurred.
Trust is a very hard-earned thing in people’s lives, and in this world on the brink of real nuclear war, it’s even harder to earn, or earn back.
If you TRULY want access to EVERYTHING that SurvivalRing has offered…
…then stay tuned. Subscribe to the website, bookmark the RSS feed, or email me with your questions or comments. I’ll be starting up a weekly newsletter and will post the info on that when it is set up.
Memberships, subscription models, and a few more things will be added soon. Believe me, it will be worth it.
I’m not going to take any shit…foreign OR domestic…
There’s a phrase I feel very dear about. “Enemies foreign or domestic”, as mentioned here…
I feel very strongly about trying to keep a level playing field for everyone. I’ll help anyone that needs it, and that I can afford to help. That don’t go for people who take advantage of me…ever.
Some Background about the Fleetwood Clan…
My great, great maternal grand father Basil Fuchs emigrated to America in the late 1800s. He came in through the New Orleans Port of Entry. On my dad’s side of the family, our Fleetwood clan came in through what would become Bertie County, North Carolina in the late 1600s.
Sir. William Fleetwood, Recorder of London
Before that, there were many generations of Fleetwoods in England, with two of great note. William “The Recorder” Fleetwood, who played a large part of serving as recorder of legal decisions, documents, and other thignas of historical note, of the last Parliament of Queen Mary, and the first two Parliaments of Queen Elizabeth the 1st, and his writings of the day still exist.
George Fleetwood, Regicide of King George 1
The other Fleetwood relative (perhaps the more interesting one) was George Fleetwood (1623–1672) , one of fifty-six Regicides who signed the death warrant of King Charles the 1st. George Fleetwood was the grandson of Sir George Fleetwood (died December 1620), and the son of Charles Fleetwood (died 1628) and inherited the family estate of the Vache, near Chalfont St Giles in Buckinghamshire, on the death of his father.
After Oliver Cromwell succeeded Charles, he was respected for his fierce defense of England. Ultimately, Charles II returned to claim the crown, and Cromwell paid for his sins.
A leading advocate of the Execution of Charles I in January 1649, which led to the establishment of the Republican Commonwealth of England, Scotland and Ireland, he ruled as Lord Protector from December 1653 until his death in September 1658.
Funny thing though, even though Grandpa George was convicted of regicide, he was never executed, although he did spend some years in the Tower of London. Even funnier, a Charles Fleetwood married one of Cromwell’s daughters, Miss Bridgett Cromwell..
Lesson to be learned? Don’t mess with a Fleetwood…
Simple tools…to block thy ass…
The tools and software I use, are all open source, and locked down to my level of comfort. I reserve the right to keep anyone I deem necessary locked out of my website, because their actions have proven that they are not to be trusted. If you’re blocked, that’s on you…NOT me.
I’m officially retired now…which means I will use every tool at MY disposal to mess with your Zen, should you cross me…and hacking falls EXACTLY under that purview.
Bottom Line…
I’ve spent MORE than twenty-five years creating the content, investing in the raw public domain materials, setting up and paying for hosting, domains, hardware, software, and even a college education, started AFTER I had already begun building this website, AND PAYNG OFF more than $33,000 in student loans…just to give away my hard work to strangers…and friends.
I reserve the right to monetize my work in any way I see fit…or to give it away to whomever I chose.
Be nice, ask to use, or bear the brunt of copyright infringement of MY work.
