faivdolla

Fair enough :) I suppose it's case closed then..

Tnx for all the input. Infiltrator we are not asking anyone to take blame for this crusade, this is actually the point, all the blame should point to us- IF they want, they can take us to court (wich they won't do) We have talked to people, who have experience with these sorts of things, even they say, that theres nothing they can do (something to do with that new company they made). But theres something fishy also, thats why they won't co to court themselves..more likely want to start a "fistfight" :D Jarmo More or less, that what we did, at first. We stop't development and closed down site, with notice "unpayed bills" or something. After we did that they called as, asking "why would u do that and everithing is fine, u'll get ur money" and after a few days, they brought in that other guy, who was also coding it for some time. And he opend it up again and changed all the passwords. Some time ago we still had access to win2003 server, with remote desktop (limited user rights, i think), witch was sitting at the same network that those linux and win 7 machine- if that would help.. I'ts good to know, that people are willing to help, and as i stated above, we are not planning to blame anyone, only ourselves. And as i understand, from some interesting choises of words, this kind of case is certanly not the first one.. Someone offerd me to ddos that site- as i understand, it only blocks that site, not removes it completly? And if ddos attack ends, then site comes back up? But..is what i am asking, even doable? all the best :)

Seems like the lageal issue is pure point on view, i'm not saying that ur wrong, and theres no hard feeling for that :) Going to court will need money, wich we don not have sadly.. pluss here, where we live, courts does not seem to work that well lol, my friend just called me, and gave me the cookie, for me to access the web app itself(that he still can do), seems like today 4 contracts for accounting were made :D

As i said before, English is not my native language, maybe i wrote something wrong at some point :) I have IP's and user names ( at least the ones that were in use before they desided to kick us out), i do not have passwords. And we do not have nessesery skills to do this.. For that ongoing legal issue :) I talked it over with my friend and said everithing U have- he is still confident, that it's legal. Because We have ongoing contract(where is written that program belongs to us), He is project leader and that means, he can allow anyone who he pleases to access that system. We dont "hack" the machine, we are accessing application, as i said before- "security audit" :D Pluss, he is confident that all they will do is coming knocking on our door. They can not go to authorities, their companis paperwork is only good on someones head..basically they are "milking the country" as we have discovered :D

digip Tnx for honest point of view :) As i understand this eff.org operates in US, we are far from it- Baltic region to be exact.. Ur point in this, i don't think it's true- fact remains, program belongs to us, and contract is valid. On paper we have every right to access that machine.. So how is this illegal, could u please explain, maybe theres something we are missing. Oh, and i forgot, IF the deed is done, we had planned to contact them, and say it out, that we did it..maybe then, they want to talk with us again :D

Police sample is nice and all, but the police gives u a paper or something, saying that car is in our posession and u have no right to it..something like that. In our case, as far as we are conserned (and they are to, probably) the contract has not been ended, on paper atleast( and thats what counts), meaning, they have not said officially(on paper) that we can not access our app. Thats whay i said that we shall call it a security audit :) We talked it throu and agreed, that legally this should be fine..

That’s actually a really good question, I thought about that myself, I think it’s a question of trust most of all.. We have have exact path of app, database, virtual drive to (at least I think and hope he knows that), but most certainly he has that real app and code and so on.. I know it’s not mutch..but maybe it’s enough, or is there anything else we should have to prove our point? Dont get me wrong, i know exactly how it all sound :D

Hi First up, i have no idea where to put this threat, so I’ll start it here, if It’s in a wrong place, please admins, move it. If this threat is not acceptable or bad in any other way, please, let me know and delete it, no hard feelings. :) I would like to point out, that English is not my native language, so please be kind :P I thought long and hard, how to present this case to u all and I think honesty should be my best bet. OK, here we go. A ~2 years ago my friend was asked to make an accounting program (web app), it was a huge project and money was good. He was the team leader and there were few other coders. Everything was ok, had all the contracts and other paper works as it should..(he has his own firm, from under he made that project) Then the company (ordering side), changed- new name, same people- telling us, that everything is ok, and let’s keep on working. So we did. Contracts remain with old names. We knew that this isn’t right, but they were paying and everything else didn’t matter. (I know, stupid) At some point, they started to delay with payments, and so on, until they stop paying at all, but here’s the kicker- they said “ that doesn’t mean that u should stop making it, everything is fine “ :D Of course my friend, good heart as he have, continued his work, for .. I honestly don’t know for how long, four months or maybe more. Our accountant sent all the bills with interest, and all the replay we had was “why have u stopt making it”. As he made this program, he had a remote access to the server, where the web app and databases were and using that access he closed the program down, but left it in there. Now, them fellows paid (as far as I know) pretty good amount to another programmer there (who were “let go” few months earlier.. or something) to reopen that program and to block/delete my friends access and change passwords) ..fun huh? :) And the best part, they are now using it and making money.. app itself is far from finished, but usable – they needed it fast. Now, because he’s just a coder and I’m a good friend :) (somewhat involved in his business), I thought I’ll give it a try. Maybe u guys here, can help. I am 100% certain that they have no intend to pay us, so, my big plan was as follows- IF there is any chance to completely remove it, then, IF they want to keep using it, they pay what they owe and get it back ( so called buy it out, because the app belongs to our company, until its finished, and they have said them selves, that it isn’t finished ) But I would point out, that this is not about money , my friend has completely lost hope, and given up, and he is certain that he won’t see that money (and all this has shaken his confidence). Me, I just want to give those guys what they deserve, IF we get that money, all the better.. :) As I understand it, there is an linux (opensuse) machine where the databases stand on, and on that linux there is a virtual drive with win7 where’s that web/app runs on IIS. In front of all that, there should be some sort of firewall that redirects traffic, because suse and win have the same ip, just different ports. So, if someone could delete that virtual drive, that would be enough.. As far as I know, no one has updated those systems, for a long time.. The good thing about this all, is that all of this is legal, as I discussed it with my friend, because the app still belongs to us and we shall call it a “ security audit” ;) that’s why we don’t want to touch the databases, only the program.. but, if the databases will be lost, that’s not our problem- they knew that it’s not finished and there’s no backup system implemented yet and they choose to use it anyway. Maybe here is someone whos willing to take on that nice little challange.. :) I have that ip, some ports- that were open sometime ago and some user names for opensuse. I would prefer to give them out to people that ask, not to put them out here for public..or should I just put them out here? I know that this probably is a lost cause, but hey, no shame in trying.. I try to answer every question to this subject as good as I can, please, no remarks how he should have handled this, what’s done is done. Tnx in advance and let’s hope for the best (what doesn’t kill, makes u stronger, right) :)

tnx to u all, that was just the thing i needed, and it works. tnx again :) --edit-- guessing im getting greedy now but is there a some sort of asking feature to? meaning that there is them static ips (192.168...so on) and then there are client ips, that we need to check every time and they are never the same. it would be great if theres somesort of asking system - i run bat, it then asks ip - get ip, ask mask- get mask ask gateway - or something like that. point is to get past that Network propertis - lan - tcp/ip...its frustrating if u have to do it every day over and over, every time different ip's, specialy with touchpad :D hope its possible..

well, i can use our so called technican to :D what else is there..? does that work only to ip? i would like to change ip;mask;gw and when all is done then back to automatical..if its possible..

hey all! in my work i need to use many tifferent ip's, to config different routers and so on. it's annoying to go every time into tcp/ip settings and type them.. is there a possibility to do this automatically - meaning i have lets say 3 different .bat files in my desktop with different ip setting ? tnx all