Register Members List Search Today's Posts Mark Forums Read

Reply
 
Thread Tools
  #121  
Old 12 Jun 2013, 16:50
Kirkus Kirkus is offline
 
Join Date: Feb 2007
I had 17 attempts this morning. China? Go figure. I've banned the entire country from my web server.

This isn't really related to this thread, and probably not the place to post it, but I've been using SpamTrawler on my vBulletin site (and several other of my sites) for several months now and it's done a fantastic job of keeping most of the spammers out.
Reply With Quote
  #122  
Old 12 Jun 2013, 17:24
Hakan39's Avatar
Hakan39 Hakan39 is offline
 
Join Date: Feb 2009
Real name: Hakan
My account

222.124.19.210
110.74.218.146
125.216.144.199
110.50.80.30
61.153.98.6
178.217.9.18
119.36.87.32
210.43.128.18
80.191.48.210
190.0.17.202
95.161.7.13
189.11.198.141
177.135.236.245
189.115.138.217
223.4.233.162
201.73.70.33
125.39.66.149
78.38.23.242
92.39.54.161
220.132.19.136
222.73.233.146
74.221.211.12


Dear Hakan39,

Your account on vBulletin.org Forum has been locked because someone has tried to log into the account with the wrong password more than 5 times. You will be able to attempt to log in again in another 15 minutes.

The person trying to log into your account had the following IP address: 110.74.218.146

Don't forget that the password is case sensitive. Forgotten your password? Use the link below:
http://www.vbulletin.org/forum/login.php?do=lostpw

All the best,
vBulletin.org Forum


these not my ip number i dont use these any. i think one wanted to seize my account.
at www.vbulletin.org

Last edited by Hakan39; 12 Jun 2013 at 17:31.
Reply With Quote
  #123  
Old 12 Jun 2013, 17:32
korny's Avatar
korny korny is offline
 
Join Date: Jan 2004
Real name: Bryan
I have had almost 50 emails saying my account as been locked. Someone is trying to hack in and alot. Every email has a different IP address so posting then would take awhile.
Reply With Quote
  #124  
Old 12 Jun 2013, 17:42
Hakan39's Avatar
Hakan39 Hakan39 is offline
 
Join Date: Feb 2009
Real name: Hakan
Same problem. What is the solution?
Reply With Quote
  #125  
Old 12 Jun 2013, 18:25
Kickin' Wing Kickin' Wing is offline
 
Join Date: Dec 2009
Woke up to a bunch of emails this morning, all within a few seconds of each other.

I know it would lead to a DoS situation, but can the 15 minute lockout apply to any IP trying to access that account? Or at least any IP that hasn't previously logged in, since vBulletin does track that.

:edit:

Figured I would add that all my emails are dated the 12th, but the banner says my last visit was on the 10th. So it doesn't look like they got anywhere.
Reply With Quote
  #126  
Old 12 Jun 2013, 18:45
Hakan39's Avatar
Hakan39 Hakan39 is offline
 
Join Date: Feb 2009
Real name: Hakan
why the authorities can not find the solution?
Reply With Quote
  #127  
Old 12 Jun 2013, 18:51
BirdOPrey5's Avatar
BirdOPrey5 BirdOPrey5 is offline
 
Join Date: Jun 2008
Real name: Joe D.
There is no real solution. There are much too many IP addresses to block. For the most part these are IP addresses of "innocent" people whose computers are compromised by a virus and being used in this attack.

While we understand it is annoying the reality is for any one user they will get emails for a few minutes to a few hours, after which they stop and move on.

Short of shutting off all forum email (which would cause more issues for people trying to register or change email addresses, and waiting for thread updates) there isn't a whole lot that can be done.

Code modifications can be discussed in the future but they will not come soon enough to help anyone who has already been hit.
__________________
-Joe
Former vb.org Moderator. Retired.

@BirdOPrey5 | All Things BOP5 | Joe's Ultimate Off Topic
Note - I no longer making new VB mods, sorry.
Reply With Quote
  #128  
Old 12 Jun 2013, 19:07
Hakan39's Avatar
Hakan39 Hakan39 is offline
 
Join Date: Feb 2009
Real name: Hakan
Thank you BirdOPrey5
Reply With Quote
  #129  
Old 12 Jun 2013, 19:14
Kesha Kesha is offline
 
Join Date: Apr 2010
There is something wrong with the cookie that tells the forum that I'm locked out of my account, or however it works. I've been trying every 15 minutes to get into this account and I'm being denied access every single time, no matter which browser I use or which computer I use. I had to reset my password because the password that I was using for this account was not working. I'm currently using a different machine on a completely different connection, which seems to be working fine for me at the moment.

Does 15 minutes really mean something like 60 minutes?
Reply With Quote
  #130  
Old 12 Jun 2013, 19:15
Max Taxable's Avatar
Max Taxable Max Taxable is offline
 
Join Date: Feb 2011
I've never been hit by this here at vB dot org. And I am wondering if it's because I run "invisible." The brute force attacks might or might not be random - they might be getting active accounts to target from the bottom of the main forum page, the aggregate "what's going on" area.

Just a theory.
Reply With Quote
  #131  
Old 12 Jun 2013, 19:26
Kat-2's Avatar
Kat-2 Kat-2 is offline
 
Join Date: Feb 2011
Possible correct theory, but I run visible, and between 5 and 5:30 AM (central time), I received approximately 30 emails saying I was locked out. Umm...I was sound asleep then, so sure was not showing online...
Reply With Quote
  #132  
Old 12 Jun 2013, 19:27
Max Taxable's Avatar
Max Taxable Max Taxable is offline
 
Join Date: Feb 2011
Originally Posted by Kat-2 View Post
Possible correct theory, but I run visible, and between 5 and 5:30 AM, I received approximately 30 emails saying I was locked out. Umm...I was sound asleep then, so sure was not showing online...
We don't know how long they keep us showing online though, and we also don't know when the brute force attackers are gathering their target lists. Could be minutes, hours, days? Between gathering the info and launching the attacks.

I only know I have never been targeted and also have never run visible here.
Reply With Quote
  #133  
Old 12 Jun 2013, 19:30
Kat-2's Avatar
Kat-2 Kat-2 is offline
 
Join Date: Feb 2011
Originally Posted by Max Taxable View Post
We don't know how long they keep us showing online though, and we also don't know when the brute force attackers are gathering their target lists. Could be minutes, hours, days? Between gathering the info and launching the attacks.

I suppose. Would have definitely had to have been keeping me showing online for a good 10/12 hours I'd say...if that were the case.
Reply With Quote
  #134  
Old 12 Jun 2013, 19:31
Max Taxable's Avatar
Max Taxable Max Taxable is offline
 
Join Date: Feb 2011
Originally Posted by Kat-2 View Post
I suppose. Would have definitely had to have been keeping me showing online for a good 10/12 hours I'd say...if that were the case.
Not necessarily. It depends on when the attackers gathered their target data. This, we have no way to know.
Reply With Quote
  #135  
Old 12 Jun 2013, 19:33
Kat-2's Avatar
Kat-2 Kat-2 is offline
 
Join Date: Feb 2011
All is null as far as I am concerned. Was not a successful attack anyhow.
Reply With Quote
Reply



Currently Active Users Viewing This Thread: 1 (0 members and 1 guests)
 
Thread Tools

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off


New To Site? Need Help?

All times are GMT. The time now is 22:00.

Layout Options | Width: Wide Color: