************************************************
************************************************

Unfortunately, this site has restricted functionality as this browser does not support the HTML button formaction attribute.

Unfortunately, this site has restricted functionality as this browser has HTML web storage turned off.

70 of 74 files bust or takedown

2020 September 1

Following the 'SPARKS piracy busts'.
[+] Configuration Copy text
Hello, fellow sceners... Since no official notice has been going around with more information this writeup will hopefully shed some light onto the whole 'corona era bust' or in other words, the SPARKS busts as the feds like to call it. The scene has been hit hard by various agencies from around the globe. Totaling over 29 sites has been busted within 14 country's, mostly within Europe. As from the looks now it is certain to say that the bust took a big bite out of the iSO scene. without a doubt, this will not be the last of it since there will be more information available for the feds to chunk through now. Rumors has it that there was a bust in France from a known user that was also running an IRC server for the linknet IRC network. This is not confirmed nor denied. So please use linknet only with the common security practices (Ssl, Blowfish, Channel encryption). This rumor should not be taken lightly and it's advised to keep sites off linknet and use a private IRCD for any site related actions if possible. As it will take time to rebuild and get everything back online here are some best practices that might help you understand the risks. Remember full mitigation is not possible so use your brain!! ## For Siteop's 1) Reset the full affil and user database. Make sure that every person either from group or trading is being readded with up2date information that you find secure. 2) In addition to rebuilding the user/affil database make sure that the users either have set up a fresh bouncer/znc or connect through socks. 3) Upgrade the site to maximum version; v2.10a (2019-12-30, glftpd) This version is prior to any ongoing problems, If needed downgrade, also check SSL!! 4) Upgrade the server with the last possible kernel/packages to avoid any vulnerabilities that might compromise the server. 5) Make sure there is no logging enabled and that everything is encrypted as it should be with either luks(Linux Unified Key Setup) or another variant. 6) Did you host any busted groups? Consider rebuilding as suggested above but also rename the site, change port and also change ip's and domain names. 7) Avoid adding users with the same/old bouncer information or with the same username. Suggest to them to change it all before being added back. 8) Don't accept IP wildcards make sure it is either backed up with an ident and the first 3 octets of the IP range. 9) Please use common sense when re-adding users, fall back on oldskool intuition. ## For Users/Curry's 1) Got a bouncer? Make sure to change the information -> domain name, port, and IP address. 2) Change username/ident for all sites. 3) Make sure to clear all logs and crypt any shells that are being used for scene related tasks. 4) Auto trading bots should be reconfigured to fresh values including the above measures. 5) Avoid insecure sites or sites that are ignoring the security measures. Especially within iso sites. This writeup has been put together for the love of the scene, we will back and we will thrive again! Thoughts are with the fallen ones
163x42 Font
163