Forum administration issue: How do you take care of a hacker?

[Jim Prower]

My friend and I run a small forum. A member recently joined, one whom may or have not have wiped an entire other forum, apparently on a whim. The group is on Invisionfree. Both me and my friend are the only admins, and we use numbers, characters, and symbols in our passwords, but we're wondering what we should do about this member. He's had a history, but the whole hacking thing doesn't make us feel easy about banning him. I'm hoping some here with more experience can help us.

 

[tlowr4]

Well, ask him about it. Be straight, don't fart around. Ask him about his possible past, but don't go so far as to make it sound like a threat, might set him off. He'll more than likely reply "No, nothing of the sort" etc, so run a background check. Google his username, and anything related to him. If you want me to do some running around with little Russian friends of mine, shoot me a PM. However, if he launches an attack on your forum...

Ban him, and hack him back. Easy.

Seriously though, just do something simple, like break into his ISP connection, gain access to his computer, and move his mouse around a bit. Spook him, and tell him "You do something like that again, and that's the least we'll do."

I know many will say this is stupid, and in all honesty it is, but where I come from, that's what we do.

 

[Grayfox]

You know you can contact the provider who can give you logs(you can do this too) of who logged on and what they really did, they may be able to restore a backup.

The provider can trace it if he used a proxy.
And they can also contact his ISP.

But you can't just hack into a forum he has to know your details some how.

Run a scan on your PCs for any keylogger or other malware.
Change your passwords(i take it this was the first things you did)
If you use firefox and tell it to store passwords be careful of who uses that PC as you can find out a password to a site by going to tools>options>security>saved passwords>show passwords.

 

[Jim Prower]

Got some more dirt on this guy.

He's had a history of cracking admin profiles. He claims he's changed since one of our members last saw him, but the recent wipe he committed of a board he was once cast a bit of suspicion.

 

[Azuremen]

A wipe of a board could very well be done with a SQL injection, not a admin password crack.

If he cracked a password, he probably spoofed some info for it.

Just download a backup to your computer in case. Not a huge deal with most forums these days.

Wait, wait, just actually read this:

I know many will say this is stupid, and in all honesty it is, but where I come from, that's what we do.

You mean the magical script kiddie land were people talk about hacking but don't know anything beyond some how-to for loading a trojan?