+ Reply to Thread
Page 1 of 2 1 2 LastLast
Results 1 to 10 of 14

Thread: How safe from viruses and hackers am I when using the Milsurps.Com web site?

Click here to increase the font size Click here to reduce the font size
  1. #1
    Administrator

    Site Owner
    Badger's Avatar
    Join Date
    Oct 2006
    Last On
    @
    Location
    Toronto, Canada
    Age
    76
    Posts
    12,972
    Real Name
    Doug
    Local Date
    12-11-2024
    Local Time
    11:34 PM
    My Videos in Video Club
    12

    Question How safe from viruses and hackers am I when using the Milsurps.Com web site?

    Today’s Internet exposes computer users and the web sites they access, to a wide range of malicious pieces of infectious software code, designed to attack either, or both platforms.

    Many Internet gun web sites offer little in the way of anything, to insulate their members against these kinds of dangerous activities. In fact, we've been advised by members of one popular gun site currently carrying a software virus, that when their members click on a certain link, it actually transmits a common Trojan horse software virus to their desktop computer, thereby infecting the user’s computer.

    We at Milsurps.Com take the safety and security of our members very seriously.

    Toward that end and after weeks of internal testing, we've invested some of your donations and implemented an on-line firewall that insulates our site (and you) from these threats. CloudProxy (Sucuriicon’s Website Firewall) is a cloud-based protective layer, which automatically protects our website from brute force attacks, malware, DDoS, blacklisting and many other issues that webmasters face every day.

    Here’s a graphic picture as to what it does:

    Attachment 79475
    Click PIC to Enlarge)

    As you can see, the Sucuri's CloudProxy Network sits between you and the Milsurps.Com server, forcing all digital traffic to go though the cloud, before it gets to our server for a response, then back to you.

    High Availability Infrastructure is one of CloudProxy’s features and Sucuri's servers are spread all around the world.

    Attachment 79474
    Click PIC to Enlarge)

    One of CloudProxy's special features is its caching. So, you not only get protection but also speed optimization due to the network's high performance caching. Most member's should see an overall general performance increase, as the result of the site using Sucuri's CloudProxy Network.

    With an intermediate firewall now protecting our site which essentially inserts another processing environment between your computer and our site's server, you may experience the odd time when you can't connect. It's technically called Error 504 or Error 502. If that happens, you will most likely see web pages generated by Sucuri's CloudProxy Network that looks like either of the pics below. To resolve the error, simply wait a few minutes and try to load our site again.

    Attachment 79473 ---- Attachment 85021
    (Click PICS to Enlarge)


    Note: If this error occurs immediately after you've typed a post and just submitted it, we understand how frustrating this can be in losing everything you've typed. So, try to use the web page backup function key on your web browser, to see if you can get back to the original page on which you were composing your text. If you can, make sure you highlight and select all your text with your mouse and save it, using the "copy" function (right mouse click). This puts a copy of your post text in your local computer's memory, which you can then use the "paste" function (right mouse click), to re-create a new thread quickly, should you get disconnected from our sever, or experience a time out 504 error. It's a really good practice to always being doing this from time to time, as you are creating and typing very long messages, just so you don't have to start all over again!!!!

    If after trying several times over a period of 10 to 15 minutes, you continue to receive a connection error message, then it's possible that our site is truly actually down for some reason.

    If our site is offline (you are getting a timeout message or it does not open), try this.

    Check if it is only you. Go HERE and type in "milsurps.com", to see if it is down for everyone or just you.

    If the site is up for everyone else, it might be that just your specific IP address is being blocked for some reason by Sucuri's CloudProxy Network. It is very rare for it to happen by mistake, but if Sucuri found any suspicious activity coming from your IP address, they can block it for 30 minutes. You can try to wait a few more minutes to see if it will come back for you, or you can email the webmaster@milsurps.com and we will investigate with Sucuri for you.

    If possible, please make sure to include your current IP address to allow us to troubleshoot the issue. If you aren't sure of what your public IP address is, then check Google - What is my IP address? (click here) and it will tell you. Cut-n-paste that IP address into your email when you report your problem.

    It is also possible that you may be able to access our site fine, except when viewing specific web pages, you a shown a screen similar to this.

    Attachment 79472
    Click PIC to Enlarge)

    That means that Sucuri's CloudProxy Network is protecting you and has detected what it believes is a virus attack contained on that web page. Don't panic!!!

    99% of the time these are what are called false positive error messages and there's actually nothing wrong at all. It's usually just a case of Sucuri's CloudProxy Network intrusion software detecting some piece of information incorrectly, interpreting it as being malicious when it's not, but it's better to be safe then sorry. If you see receive this type of error page, then once again, simply send an email to the webmaster@milsurps.com, ideally with a screen shot of the error page you're seeing. It's important that you let us know which of our web pages (copy the Internet link), from which you're receiving the error message when you're trying to access it!

    Finally, what if you think our site is running too slow for you? It may be that our site is running fine, but there's something wrong with the speed performance you're receiving locally.

    To check that, have you tried running a speed test to see what performance your own ISP (Internet Service Provider) is giving you right to your own local computer? Here's a way you can test that to find out what speed you are being allowed by your ISP. Note: This link also appears under the Members Only tabbed drop down box located at the top of the forum.

    General Internet Speed Test

    You can use this test for ANY Internet provider service..

    I use Bell's DSL service, which is all that's available where I live and it's rated at a VERY SLOW 6 Mb/second. Here's an example of my most current test.

    Attachment 79477
    Click PIC to Enlarge)

    .. and here's the results of the same test when I connect from my high speed Internet connection at work rated at a VERY FAST 56 Mb/second !!

    Attachment 79476
    Click PIC to Enlarge)

    Finally, if you're ever unsure about the safety and security of any web site you frequent, simply got to the link below and check to ensure that it's not blacklisted, as well as virus and malware free.

    Free Website Malware and Security Scanner (click here)

    We hope our new Sucuri CloudProxy Network firewall, helps all our members feel even more safe and comfortable when using our site ...

    Regards,
    Doug
    Information
    Warning: This is a relatively older thread
    This discussion is older than 360 days. Some information contained in it may no longer be current.
    Last edited by Badger; 11-21-2021 at 01:34 PM.

  2. The Following 16 Members Say Thank You to Badger For This Useful Post:


  3. #2
    Contributing Member Gil Boyd's Avatar
    Join Date
    Apr 2013
    Last On
    12-09-2024 @ 01:56 PM
    Location
    Home of The Parachute Regiment & 16 Air Assault Brigade
    Posts
    4,772
    Real Name
    Gil Boyd
    Local Date
    12-12-2024
    Local Time
    04:34 AM
    Doug, Worth every penny being a contributing member, keep up the appreciated work on all our behalf
    'Tonight my men and I have been through hell and back again, but the look on your faces when we let you out of the hall - we'd do it all again tomorrow.' Major Chris Keeble's words to Goose Green villagers on 29th May 1982 - 2 PARA

  4. The Following 2 Members Say Thank You to Gil Boyd For This Useful Post:


  5. Avoid Ads - Become a Contributing Member - Click HERE
  6. #3
    Contributing Member CINDERS's Avatar
    Join Date
    Nov 2009
    Last On
    Yesterday @ 09:33 AM
    Location
    South West Western Australia
    Posts
    8,004
    Real Name
    CINDERS
    Local Date
    12-12-2024
    Local Time
    12:34 PM
    Yes same sentiments here Doug like all things that are worth protecting this site deserves the best it can afford and I do not mind being part of the donations clientele..........so come on forumers how's about a donation to help out this site we all enjoy...........!

  7. The Following 3 Members Say Thank You to CINDERS For This Useful Post:


  8. #4
    Legacy Member enfield303t's Avatar
    Join Date
    Jan 2010
    Last On
    12-05-2022 @ 03:54 PM
    Location
    Okanagan BC
    Posts
    1,166
    Real Name
    Donald
    Local Date
    12-11-2024
    Local Time
    08:34 PM
    Thanks Doug, good to know just how much goes into making this a informative and safe site for users.

    What does BOGGLE my mind is the lack of people who use it that DON'T contribute financially to help defray costs. It cost so very little and there are such great benefits.
    Why use a 50 pound bomb when a 500 pound bomb will do?

  9. The Following 3 Members Say Thank You to enfield303t For This Useful Post:


  10. #5
    Administrator

    Site Owner
    Badger's Avatar
    Join Date
    Oct 2006
    Last On
    @
    Location
    Toronto, Canada
    Age
    76
    Posts
    12,972
    Real Name
    Doug
    Local Date
    12-11-2024
    Local Time
    11:34 PM
    Thread Starter
    My Videos in Video Club
    12

    Thumbs up

    I thought some of you might be interested to know that since the beginning of the month of March 2016, this new Sucuriicon CloudProxy Firewall, has stopped 182 DDos attacks on our site, including 35 last night alone.

    For those of you who are technically minded..

    DDoS is short for Distributed Denial of Service.

    DDoS is a type of DOS attack where multiple compromised systems, which are often infected with a Trojan, are used to target a single system causing a Denial of Service (DoS) attack. Victims of a DDoS attack consist of both the end targeted system and all systems maliciously used and controlled by the hacker in the distributed attack.


    Regards,
    Doug
    Last edited by Badger; 03-07-2016 at 09:55 AM.

  11. The Following 5 Members Say Thank You to Badger For This Useful Post:


  12. #6
    Contributing Member muffett.2008's Avatar
    Join Date
    Feb 2011
    Last On
    Yesterday @ 04:40 AM
    Location
    Scone, NSW. Australia
    Posts
    2,186
    Real Name
    kevin muffett
    Local Date
    12-12-2024
    Local Time
    03:34 PM
    Doug. Just a heads up, my computer has recently been attacked, losing years of research and files.
    The virus was one of the Cryptolocker style, a new variation for 2016, it entered via a US FedEx notification and remained dormant until activated by a Adware Virus, and was able to bypass my Security and track into my backup storage when it was accessed by me.

    The security system I was using was McAffee......the emphasis on was, it just ignored the virus and kept telling me my system was clean, even when pointed to the problem.
    The Adware virus was picked up on the Gunboards forum, since the change of ownership there seems to be a spate of strange performance issues...........now I can associate them to viral activety, my current Malware system blocking that site until I manually scan and clean the forums I used to access freely.
    Hope this warning helps others to avoid the costly loss of information.......unless they want to pay big time to retrieve it.
    So it's not just the computer at risk now, backup storage is also at risk.

  13. The Following 2 Members Say Thank You to muffett.2008 For This Useful Post:


  14. #7
    Contributing Member muffett.2008's Avatar
    Join Date
    Feb 2011
    Last On
    Yesterday @ 04:40 AM
    Location
    Scone, NSW. Australia
    Posts
    2,186
    Real Name
    kevin muffett
    Local Date
    12-12-2024
    Local Time
    03:34 PM
    Doug, yes this is the cleanest and safest of the forums.
    I used Microsoft Security Essentials on a Windows 7 computer to clean the contaminated hardrive on my go to XP computer.
    The advantage of MSE and Defender are that they are constantly updating the virus definitions and will tell you exactly where and what access points malware use to attack your system.
    The IP address in the scan result was the give away for the other forum.

  15. The Following 2 Members Say Thank You to muffett.2008 For This Useful Post:


  16. #8
    Advisory Panel Surpmil's Avatar
    Join Date
    Feb 2008
    Last On
    @
    Location
    West side
    Posts
    4,891
    Local Date
    12-11-2024
    Local Time
    08:34 PM
    There is only one answer to this kind of problem that I am aware of, and it is a program known as "Deep Freeze", produced by Faronics out of Vancouver BC. Have a look at their website and corporate clients and you will see that what they have works. I have used it for years without any issues.

    It is about $45 CAD for a license (per computer) and $7 a year for "maintenance" if you want it. I've never found it needed any.

    The program locks up the computer on the kernel level. It is stated that you can make ANY change, install ANY program etc. and when you reboot it is all restored to the previous state. I have found this to be true in my experience. Hardly surprising since otherwise companies like MS and Toyota wouldn't be buying it!

    Of course you are forced to store your data on remote drives; which is a good thing! No more losing years of work or photos etc. through hacks or hard drive crashes - unless your remote drives fail and duplicate backups is the only way to prevent that in any case.

    You must "unfreeze" the system by entering a password and rebooting into an "unfrozen" state to make any permanent software changes. You can set the program to reboot unfrozen as many times in a row as you wish, or even permanently. Quite often two reboots are needed to install software for example.

    You might wonder why a program like this isn't more widely known and used? I wonder that too!

    Installed on a CLEAN hard drive this program ensures that NOTHING can get in for longer than one session.
    “There are invisible rulers who control the destinies of millions. It is not generally realized to what extent the words and actions of our most influential public men are dictated by shrewd persons operating behind the scenes.”

    Edward Bernays, 1928

    Much changes, much remains the same.

  17. #9
    Administrator

    Site Owner
    Badger's Avatar
    Join Date
    Oct 2006
    Last On
    @
    Location
    Toronto, Canada
    Age
    76
    Posts
    12,972
    Real Name
    Doug
    Local Date
    12-11-2024
    Local Time
    11:34 PM
    Thread Starter
    My Videos in Video Club
    12

    Security Improvements

    January 2017 Update

    Last year was a particularly tough year for various firearms and collectors web sites, being hacked with viruses, malware and trojan horse infections. To name a few, it was reported to have happened to Gunboards, Joustericon, and of late, the Ross Rifle Forum were subject of attacks. Sometimes these hacks were more then just infecting their members computers with malware, but also stealing personal information such as UserID's and Passwords.

    As ZDnet reported .... Hacker steals 45 million accounts from hundreds of car, tech, sports forums The company that runs the forums admitted failings, but underplayed the hack.

    More information....

    Warning .. Ross Rifle web site infected with malware (click here)

    Gunboards Hacked (click here)

    We’ve now implemented additional security features to help protect our members from viruses, malware, trojan horse infections as well as theft of personal information they may have stored privately on our site.

    What is DKIMicon?

    Our new milsurps mail server is now fully functional and using DKIM (Domain Keys Identified Mail). DKIM is the ultra-modern method of verifying the source of an email message. DKIM will help alleviate issues with remote sites seeing mail from milsurps as "spam" as all email sent from the server will be cryptographically analyzed and then signed with a "private" encryption key. When remote mail servers receive the mail, they can do a DNSicon lookup on the new milsurps email sever and fetch a copy of the PUBLIC key which is then used in conjunction with the digitally signed message, to verify that it did indeed originate from an authorized server.

    Short version; Mail is more secure!


    What Is SSLicon?

    SSL (Secure Sockets Layer) is a standard security technology for establishing an encrypted link between a server and a client—typically a web server (website) and a browser, or a mail server and a mail client (e.g., Outlook). SSL allows sensitive information such as credit card numbers, social security numbers, and login credentials to be transmitted securely. Normally, data sent between browsers and web servers is sent in plain text—leaving you vulnerable to eavesdropping. If an attacker is able to intercept all data being sent between a browser and a web server, they can see and use that information.

    What is https?

    Hyper Text Transfer Protocol Secure (HTTPS) is the secure version of HTTP, the protocol over which data is sent between your browser and the website that you are connected to. The 'S' at the end of HTTPS stands for 'Secure'. It means all communications between your browser and the website are encrypted.

    By implementing all of the above protocols, the result for our members is that our site is much more secure then most other firearms and collectors web sites, that you may frequent and browse over the Internet .

    Click the pics below to view the various authentication certificates and site checks for milsurps.com, as well as the browsers supported.

    Attachment 79427 Attachment 79469 Attachment 79488Attachment 79487

    Besides milsurps.com, at the time of writing this, here is a list of various firearms and collectors web sites that DO use encryption. Click the pics below to view the various authentication certificates returned by browsers when performing site checks.

    Attachment 79572

    At the time of writing this, here is a list of various firearms and collectors web sites that DO NOT use any encryption. Click the pics below to view the various authentication certificates returned by browsers when performing site checks.

    Attachment 79432 Attachment 79429 Attachment 79433 Attachment 79428 Attachment 79431 Attachment 79434 Attachment 79430 Attachment 79438 Attachment 79435

    When we first setup milsurps.com over 10 years ago, we didn't have a lot of disk storage space for pictures, so we used an external photo storage web site ImageEvent Picture Storage. Most of the pics shown in the various articles in the MKLicon, fall under this category.

    The external ImageEvent Picture Storage site is not currently encrypted and depending upon your browser's handling of security notices, you may notice various types of warning messages as shown below. This would apply only if any pics shown to you here on our site, such as in the Knowledge Libraryicon, are actually sourced and displayed to you from that external storage. It's not something you need to worry about, as we have full control over the photo content stored on their site, so the likelihood of a security issue with any of those pics is very small. Therefore, it's perfectly fine to inform your browser to allow access as a permanent security exception.

    Examples of browser security notices.

    Attachment 79470 Attachment 79515

    Once we accumulate enough funds, our next project will be to migrate all of the external pics stored externally on ImageEvent Picture Storage, back onto our own milsurps.com server, where they will be handled with full encryption.

    For the technical inclined, you may want to take some time to view the various videos that appear in the auto linking pop-ups, showing the various definitions of these acronyms.

    We hope that these security changes and additions to our site, ensures that milsurps.com will continue to be one of the most highly reliable, safe, secure and enjoyable firearms collectors web sites on the Internet.

    Regards,
    Doug
    Last edited by Badger; 01-11-2017 at 01:32 PM.

  18. Thank You to Badger For This Useful Post:


  19. #10
    FREE MEMBER
    NO Posting or PM's Allowed
    GOVTMOD's Avatar
    Join Date
    Nov 2018
    Last On
    12-03-2018 @ 10:49 PM
    Location
    Greater Portland, OR
    Posts
    17
    Local Date
    12-11-2024
    Local Time
    08:34 PM
    Possible breach.

    I received an scam/phishing email with my user name and password to this site in the subject line. Threatening to "expose" me to my contact list. This is the only place I have used that username and PW combo so the info might be from here.

    I've regularly do maintenance on my PC so I don't think I was the source you might want to check.

+ Reply to Thread
Page 1 of 2 1 2 LastLast

Similar Threads

  1. My screen is too dark !! How do I change my colour scheme on the milsurps.com site?
    By Badger in forum Q&A - VBBS Bulletin Board Software
    Replies: 0
    Last Post: 02-02-2011, 01:35 PM
  2. Can I access the milsurps.com site from dial-up, cell phone, iPhone or Blackberry?
    By Badger in forum Q&A - VBBS Bulletin Board Software
    Replies: 0
    Last Post: 09-02-2009, 12:08 PM

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts