Google Groups no longer supports new Usenet posts or subscriptions. Historical content remains viewable.
Dismiss

killing a hackers web session

20 views
Skip to first unread message

Brian Gibson

unread,
Jan 22, 2011, 5:35:29 PM1/22/11
to
Hi all,

Another student's account got hacked through a phishing attempt and was
sending out spam but I noticed even after I changed their password they
still had web sessions active. I couldn't seem to find an easy way to
kill their session other than having our firewall admin block their IPs
for a bit, then I added the IPs to the Denied IP Addresses section in CGPro.

How are other people handling this (other than doing a better job
educating their users NOT to give out their password.... oh man that
kills me).

Thanks

--

++++++++++++++++++++++++++++
Brian Gibson
Systems Administrator
Wheaton College

Are you a musician? If so visit my Arbans Online music site at http://arbansonline.com and listen& contribute


#############################################################
This message is sent to you because you are subscribed to
the mailing list <CGat...@mail.stalker.com>.
To unsubscribe, E-mail to: <CGateP...@mail.stalker.com>
To switch to the DIGEST mode, E-mail to <CGatePr...@mail.stalker.com>
To switch to the INDEX mode, E-mail to <CGatePr...@mail.stalker.com>
Send administrative queries to <CGatePro...@mail.stalker.com>

Nicolas Hatier

unread,
Jan 22, 2011, 6:02:47 PM1/22/11
to
Restart CGP?

NH


On 2011-01-22 17:35, Brian Gibson wrote:
Hi all,

Another student's account got hacked through a phishing attempt and was sending out spam but I noticed even after I changed their password they still had web sessions active. I couldn't seem to find an easy way to kill their session other than having our firewall admin block their IPs for a bit, then I added the IPs to the Denied IP Addresses section in CGPro.

How are other people handling this (other than doing a better job educating their users NOT to give out their password.... oh man that kills me).

Thanks


--

Nicolas Hatier, ing. <nicolas...@niversoft.com>
Niversoft idées logicielles - http://www.niversoft.com

Brian Gibson

unread,
Jan 22, 2011, 6:22:49 PM1/22/11
to
wow, there really is no way within the admin console to kill a session.... I thought I was just missing something :(

Technical Support, Stalker Labs

unread,
Jan 22, 2011, 7:30:58 PM1/22/11
to
Hello,
Brian Gibson on 23.01.2011 2:22 wrote:


Rename the account.

> wow, there really is no way within the admin console to kill a
> session.... I thought I was just missing something :(
>
> On 1/22/2011 6:02 PM, Nicolas Hatier wrote:
>> Restart CGP?
>>
>> NH
>>
>> On 2011-01-22 17:35, Brian Gibson wrote:
>>> Hi all,
>>>
>>> Another student's account got hacked through a phishing attempt and
>>> was sending out spam but I noticed even after I changed their
>>> password they still had web sessions active. I couldn't seem to find
>>> an easy way to kill their session other than having our firewall
>>> admin block their IPs for a bit, then I added the IPs to the Denied
>>> IP Addresses section in CGPro.
>>>
>>> How are other people handling this (other than doing a better job
>>> educating their users NOT to give out their password.... oh man that
>>> kills me).
>>>
>>> Thanks
>>>
>>
>> --
>>

>> *Nicolas Hatier, ing.* <nicolas...@niversoft.com
>> <mailto:nicolas...@niversoft.com>>
>> Niversoft id�es logicielles - http://www.niversoft.com
>>
>


--
Sincerely,
Roman
=======================================================================
When answering to letters sent to you by the tech.support staff, make
sure the original message you have received is included into your reply.

Rob Logan

unread,
Jan 22, 2011, 8:32:01 PM1/22/11
to
null route the attacker's IP

Karl Zander

unread,
Jan 23, 2011, 9:31:33 AM1/23/11
to

Would the CLI be helpful?

CLI: killaccountsessions

$ telnet yourCGPserver 106
USER postm...@masterdoamin.tld
PASS <password>
killaccountsessions user@domain


http://www.communigate.com/CommuniGatePro/CLI.html#Account

KILLACCOUNTSESSIONS accountName
Use this command to interrupt all Account sessions (POP, IMAP, FTP, WebUser, etc.).

accountName : string
This parameter specifies the name of an existing Account. The name can include the Domain name (see above).

Note: All Domain Administrators can use this command.


--Karl

Brian Gibson

unread,
Jan 23, 2011, 10:14:38 AM1/23/11
to
These are all great suggestions, thanks!

Jeff Wark

unread,
Jan 23, 2011, 9:13:09 PM1/23/11
to
Just chiming in....this is what I was thinking [maybe more the perl
version].

Although, technical supports suggestion is quick and easy as well.

willis...@gmail.com

unread,
May 7, 2018, 11:18:05 PM5/7/18
to
Find out if your spouse is cheating. Hack any mobile phone (both physically &remotely). Hack any website/database. Fix your credit score. Remove Bad Records and a whole lot more. Contact - cyberfil...@gmail.com

wizardcyp...@gmail.com

unread,
Apr 10, 2019, 11:41:48 AM4/10/19
to

I strongly recommend the service of a GREAT Hacker to you and his email is
(wizardcyp...@gmail.com) I have used him quite a number of times and he has never disappointed me.


He does all types of mobile hacks, get unrestricted and unnoticeable access to your Partner/Spouse, Skype, Facebook Account, Email(s), Whatsapp, Instagram, Text messages, In coming and Out going calls, Twitter, Snap Chats, Bank accounts, Deleted files,bitcoin address etc. He can also help you boost your credit score limit and also clear all debts on your card(s).

Getting the job done is as simple as sending an email to (wizardcyp...@gmail.com) stating what you want to do.and is services is cheap and affordables.
0 new messages