Register Members List Search Today's Posts Mark Forums Read

Closed Thread
 
Thread Tools
  #16  
Old 10 Jun 2013, 00:38
BirdOPrey5's Avatar
BirdOPrey5 BirdOPrey5 is offline
 
Join Date: Jun 2008
Real name: Joe D.
Unfortunately short of disabling board emails there's nothing worthwhile to be done. There are hundreds, maybe thousands of IP addresses involved so banning individual ones is not feasible.

This usually lasts a couple days and then ends- in the mean time the easiest/best course of action is just to delete the emails.
__________________
-Joe
Former vb.org Moderator. Retired.

@BirdOPrey5 | All Things BOP5 | Joe's Ultimate Off Topic
Note - I no longer making new VB mods, sorry.
  #17  
Old 10 Jun 2013, 00:41
Paul M's Avatar
Paul M Paul M is offline
 
Join Date: Sep 2004
Real name: Paul M
Originally Posted by bleros View Post
this is not first time
Nor will it be the last time.

This happens every few months.
The software does what it is designed to do, it blocks them, and informs you.

Change your password if it worries you, otherwise just delete them.
__________________
Former vBulletin.org Staff Member


Cable Forum
Please do not PM me about custom work - I no longer undertake any.
Note: I will not answer support questions via e-mail or PM - please use the relevant thread or forum.
  #18  
Old 10 Jun 2013, 00:50
BfB BfB is offline
 
Join Date: Jul 2002
If they aren't members, how are they getting our usernames?!
  #19  
Old 10 Jun 2013, 00:59
Simon Lloyd's Avatar
Simon Lloyd Simon Lloyd is offline
 
Join Date: Aug 2008
Real name: Simon
Originally Posted by BfB View Post
If they aren't members, how are they getting our usernames?!
Just scraping them off the members list!
__________________
Kind regards,
Simon Microsoft Office Help
My Mods: Find my modifications here
Please do not pm me for support unless i have invited you to!
  #20  
Old 10 Jun 2013, 01:20
Avros's Avatar
Avros Avros is offline
 
Join Date: Jun 2012
Real name: Shane
This sort of thing has been happening all the time on many sites and forum, so it was inevitable that it will happen here eventually. New Bots are being written to seek out lits of embers and then using brute force attacks to find weak passwords. This is why you always need to change your passwords.

I implemented a very simple, yet effective ways to fight these Bots. There are on the other hand a real person attack 'Hacker' which can visit your site. With some ISP providing proxy IPs and redirects, blocking IP number will be a total waste of time.

I can tell you that most of the attacks are coming out of Asia, Poland, Turkey, Federation, Germany, Ukrane, UK and yes USA. So if you block these IPs you also block possible effective members.

I too received the same notifications of attacks to my account, and when I read the IPs I just laughed. You see these all the time on my other sites, and they will tire and soon return as always. Scan you user database for weak passwords, notify the user to regularly change them. Most importantly, implement a simple and effect means to filter those Bots.

Sorry for this lengthy reply, but we do tend to panic over very simple and rectifiable problems.

Proverb: If your house has a door, expect some one to knock on it....
  #21  
Old 10 Jun 2013, 01:34
Bluemax712 Bluemax712 is offline
 
Join Date: Oct 2010
I kind of feel unworthy since they only used 1 IP to try to crack my password
  #22  
Old 10 Jun 2013, 01:41
Biker_GA Biker_GA is offline
 
Join Date: Oct 2004
Nice to see the typical corporate response to something like this. Ignore it and it'll go away.

What would shock me is if someone actually started to get proactive with crap like this. You have server logs. Turn the cretins in.
  #23  
Old 10 Jun 2013, 01:47
Bluemax712 Bluemax712 is offline
 
Join Date: Oct 2010
Originally Posted by Biker_GA View Post
Nice to see the typical corporate response to something like this. Ignore it and it'll go away.

What would shock me is if someone actually started to get proactive with crap like this. You have server logs. Turn the cretins in.
Well since they can get a new ip as quick as anyone can block them
it is pretty much useless to block them by IP

the vB s/w is doing it's job - doesn't seem like anything more need or can be done to be proactive -do you have any ideas?
  #24  
Old 10 Jun 2013, 01:54
Simon Lloyd's Avatar
Simon Lloyd Simon Lloyd is offline
 
Join Date: Aug 2008
Real name: Simon
There are many many ways of limiting their access, here's one if you know their useragent http://www.vbulletin.org/forum/showthread.php?t=264932, but there are simpler thinsg you can do, don't allow guests to view members list, dont allow guests to view who's online, force password changing (vb3.8 onwards) every xx days.......the list goes on
__________________
Kind regards,
Simon Microsoft Office Help
My Mods: Find my modifications here
Please do not pm me for support unless i have invited you to!
  #25  
Old 10 Jun 2013, 02:02
Bluemax712 Bluemax712 is offline
 
Join Date: Oct 2010
Originally Posted by Simon Lloyd View Post
There are many many ways of limiting their access, here's one if you know their useragent http://www.vbulletin.org/forum/showthread.php?t=264932, but there are simpler thinsg you can do, don't allow guests to view members list, dont allow guests to view who's online, force password changing (vb3.8 onwards) every xx days.......the list goes on
Looking at my logs under last attack - noticed they rotated through multiple User Agents all in the same 1 minute span ..that option of defense really seems to be a very minor hindrance to a real attack. Highly Agree about blocking the member list to guests help - vB.org should really consider this - especially the way this last attack occured alphabetically - I don't even see a valid reason to make the list available to registered users . Hate forced password changes myself - seems to encourage users to pin them to their workstation to keep up.

Last edited by Bluemax712; 10 Jun 2013 at 02:20.
  #26  
Old 10 Jun 2013, 02:17
Avros's Avatar
Avros Avros is offline
 
Join Date: Jun 2012
Real name: Shane
Set guest to post limits of five or more before they can view lists. As we all mentioned earlier, it is only when a human spammer directly invades your forum, that you need to worry and report them. Bots just like any other insect, is a pest that can be dealt with in very simple precautionary measures.

As for cataloging these IP, that has already been done at 'stopforumspam.com' they already have a long list of reported IPs you can check against.
  #27  
Old 10 Jun 2013, 02:21
Simon Lloyd's Avatar
Simon Lloyd Simon Lloyd is offline
 
Join Date: Aug 2008
Real name: Simon
Originally Posted by Avros View Post
Set guest to post limits of five or more before they can view lists......
Whaaaaaat!!!! DON'T ALLOW GUESTS TO POST, bad, bad, bad!

--------------- Added 10 Jun 2013 at 02:22 ---------------

Originally Posted by Avros View Post
As for cataloging these IP, that has already been done at 'stopforumspam.com' they already have a long list of reported IPs you can check against.
Unfortunately i stopped using this a long long while ago as it kept catching legitimate users!
__________________
Kind regards,
Simon Microsoft Office Help
My Mods: Find my modifications here
Please do not pm me for support unless i have invited you to!
  #28  
Old 10 Jun 2013, 02:23
Avros's Avatar
Avros Avros is offline
 
Join Date: Jun 2012
Real name: Shane
I meant to say they cannot view members list
  #29  
Old 10 Jun 2013, 02:37
Black Tiger's Avatar
Black Tiger Black Tiger is offline
 
Join Date: Apr 2004
don't allow guests to view members list, dont allow guests to view who's online
I second that. Especially if that's the way they get the names.
At this moment the are busy with BL from the alphabet, because I could dozens of mails since yesterday evening.
__________________
Greetings, Black Tiger
  #30  
Old 10 Jun 2013, 02:51
Black Hole Black Hole is offline
 
Join Date: May 2006
I've received 27 emails, all with different IP's attempting to login to my account.
Closed Thread



Currently Active Users Viewing This Thread: 1 (0 members and 1 guests)
 
Thread Tools

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off


New To Site? Need Help?

All times are GMT. The time now is 18:29.

Layout Options | Width: Wide Color: