Thread: Miscellaneous Hacks - Disable User Lockout Emails
View Single Post
  #8  
Old 25 Mar 2015, 13:23
kh99 kh99 is offline
 
Join Date: Aug 2009
Real name: Kevin
Originally Posted by woodmj View Post
I found the IPs the attacks seemed to be coming from were member IPs so I was banning my members when I was blocking them. Is it possible the attacks just fake IPs?
Yeah, we were talking about that on vbulletin.com I think. I guess it's possible but I don't know enough about it to know how it's done. I mean, I know an IP packet could contain a fake source ip, but then whoever sent it isn't going to get a response, so I don't see how that helps someone guess passwords. Could be something else is going on there. Have you been in contact with any of those users so that you know they had nothing to do with it?

Hmm, well, I guess maybe someone spoofing IPs could blindly send the right packets to try a login, then use a different ip to see if the user is online. In that case I think the "HV on login" mod should stop that, if the HV is something that can't be guessed.

Last edited by kh99; 25 Mar 2015 at 13:44.
Reply With Quote