Announcement

Collapse
No announcement yet.

Attempted hack

Collapse
X
 
  • Filter
  • Time
  • Show
Clear All
new posts

  • Attempted hack

    As a FYI, I just got this attempted login report. The user was coming in via a Tor anonymizer.

    Dear timk519,

    Someone has tried to log into your account on JMSNews Forums with an incorrect password at least 5 times. This person has been prevented from attempting to login to your account for the next 15 minutes.

    The person trying to log into your account had the following IP address: 92.220.210.218

    All the best,
    JMSNews Forums

  • #2
    Thanks, Tim. Every once in a while we get a number of these from potential spammers. So far, at least as far as I know, only one has slipped through. Unfortunately, the only way to prevent that would be to block entire segments of IP addresses (if I understand what DougO told me) so the fact that you had a good password was the perfect defense.

    Thanks,
    Jan
    "Fascism always comes in quietly, holding a flag in one hand and a holy book in the other, inching its way in. The bugles and drums only sound after they've already taken over and believe it's too late to do anything about it." JMS Twitter Dec. 24, 2017

    Comment


    • #3
      Originally posted by timk519 View Post
      As a FYI, I just got this attempted login report. The user was coming in via a Tor anonymizer.

      Dear timk519,

      Someone has tried to log into your account on JMSNews Forums with an incorrect password at least 5 times. This person has been prevented from attempting to login to your account for the next 15 minutes.

      The person trying to log into your account had the following IP address: 92.220.210.218

      All the best,
      JMSNews Forums
      What Jan stated is correct. DougO, would have to block a range of IP addresses, since Internet Service Providers dynamically assign IP addresses to their customers.

      http://whois.domaintools.com/92.220.210.218
      IP Location - Norway Norway Stavanger Altibox Residential Customer Linknets
      ASN - Norway AS29695 ALTIBOX_AS Altibox AS (registered Nov 14, 2003)

      Comment


      • #4
        I just got one of those messages:

        Someone has tried to log into your account on JMSNews Forums with an incorrect password at least 5 times. This person has been prevented from attempting to login to your account for the next 15 minutes.

        The person trying to log into your account had the following IP address: 77.109.141.138

        All the best,
        JMSNews Forums
        I was quite surprised, but I see it is not that uncommon.

        Comment


        • #5
          I had an attempted hack as well.

          I looked up the IP and it is on most block lists as of yesterday.

          tor-proxy-readme1.casperlefantom.net [176.31.191.26]

          Comment


          • #6
            Blacklisting IPs is tricky business and is more of a headache than it is worth. These are just bots grabbing usernames and running a handful of simplistic passwords and then quitting after they fail. So make sure your password isn't Summer15 or something equally ridiculous and you should be fine.

            Comment


            • #7
              Just joined the club. Bots are cute like that.
              Radhil Trebors
              Persona Under Construction

              Comment


              • #8
                Same here, yesterday. Seems to have had little success though.
                Captain John Sheridan: I really *hate* it when you do that.

                Kosh: Good!

                Comment


                • #9
                  Same here.

                  Comment


                  • #10
                    As I type this, there are 16 'guests' viewing user profiles. I don't know whether they're mining those profiles from the membership lists or from posts but I've emailed a suggestion to DougO to see if possibly making the membership list hidden to any but Admins might help stop some of this.

                    Until they figure out something else, of course.

                    Jan
                    "Fascism always comes in quietly, holding a flag in one hand and a holy book in the other, inching its way in. The bugles and drums only sound after they've already taken over and believe it's too late to do anything about it." JMS Twitter Dec. 24, 2017

                    Comment


                    • #11
                      DougO has disabled viewing of the Membership List. We'll see if that helps with the attempts. I don't think it can hurt!

                      Jan
                      "Fascism always comes in quietly, holding a flag in one hand and a holy book in the other, inching its way in. The bugles and drums only sound after they've already taken over and believe it's too late to do anything about it." JMS Twitter Dec. 24, 2017

                      Comment


                      • #12
                        Originally posted by Jan View Post
                        DougO has disabled viewing of the Membership List. We'll see if that helps with the attempts. I don't think it can hurt!

                        Jan
                        Jan, I regret this became necessary.

                        Comment


                        • #13
                          Had it been viewable even if not logged on? I was just at another site looking for an acquaintance's posts and I'm required to log in before viewing the list. So, I guess that's a thing now.

                          Comment


                          • #14
                            I don't know if it was or not but we've got thousands and thousands of 'people' (probably 'bots) registered who've never had any activity at all. When these periodic attacks would crop up I always wondered how many 'bots' were getting hacked. Since 99.999% of them had never answered the verification email we used to have, that would get them nowhere.

                            Jan
                            "Fascism always comes in quietly, holding a flag in one hand and a holy book in the other, inching its way in. The bugles and drums only sound after they've already taken over and believe it's too late to do anything about it." JMS Twitter Dec. 24, 2017

                            Comment

                            Working...
                            X