Announcement

Collapse
No announcement yet.

Attempted hack

Collapse
X
 
  • Filter
  • Time
  • Show
Clear All
new posts

  • Jan
    replied
    I don't know if it was or not but we've got thousands and thousands of 'people' (probably 'bots) registered who've never had any activity at all. When these periodic attacks would crop up I always wondered how many 'bots' were getting hacked. Since 99.999% of them had never answered the verification email we used to have, that would get them nowhere.

    Jan

    Leave a comment:


  • Babel-17
    replied
    Had it been viewable even if not logged on? I was just at another site looking for an acquaintance's posts and I'm required to log in before viewing the list. So, I guess that's a thing now.

    Leave a comment:


  • Dan Dassow
    replied
    Originally posted by Jan View Post
    DougO has disabled viewing of the Membership List. We'll see if that helps with the attempts. I don't think it can hurt!

    Jan
    Jan, I regret this became necessary.

    Leave a comment:


  • Jan
    replied
    DougO has disabled viewing of the Membership List. We'll see if that helps with the attempts. I don't think it can hurt!

    Jan

    Leave a comment:


  • Jan
    replied
    As I type this, there are 16 'guests' viewing user profiles. I don't know whether they're mining those profiles from the membership lists or from posts but I've emailed a suggestion to DougO to see if possibly making the membership list hidden to any but Admins might help stop some of this.

    Until they figure out something else, of course.

    Jan

    Leave a comment:


  • Babel-17
    replied
    Same here.

    Leave a comment:


  • Ubik
    replied
    Same here, yesterday. Seems to have had little success though.

    Leave a comment:


  • Radhil
    replied
    Just joined the club. Bots are cute like that.

    Leave a comment:


  • ednemo
    replied
    Blacklisting IPs is tricky business and is more of a headache than it is worth. These are just bots grabbing usernames and running a handful of simplistic passwords and then quitting after they fail. So make sure your password isn't Summer15 or something equally ridiculous and you should be fine.

    Leave a comment:


  • ednemo
    replied
    I had an attempted hack as well.

    I looked up the IP and it is on most block lists as of yesterday.

    tor-proxy-readme1.casperlefantom.net [176.31.191.26]

    Leave a comment:


  • nottenst
    replied
    I just got one of those messages:

    Someone has tried to log into your account on JMSNews Forums with an incorrect password at least 5 times. This person has been prevented from attempting to login to your account for the next 15 minutes.

    The person trying to log into your account had the following IP address: 77.109.141.138

    All the best,
    JMSNews Forums
    I was quite surprised, but I see it is not that uncommon.

    Leave a comment:


  • Dan Dassow
    replied
    Originally posted by timk519 View Post
    As a FYI, I just got this attempted login report. The user was coming in via a Tor anonymizer.

    Dear timk519,

    Someone has tried to log into your account on JMSNews Forums with an incorrect password at least 5 times. This person has been prevented from attempting to login to your account for the next 15 minutes.

    The person trying to log into your account had the following IP address: 92.220.210.218

    All the best,
    JMSNews Forums
    What Jan stated is correct. DougO, would have to block a range of IP addresses, since Internet Service Providers dynamically assign IP addresses to their customers.

    http://whois.domaintools.com/92.220.210.218
    IP Location - Norway Norway Stavanger Altibox Residential Customer Linknets
    ASN - Norway AS29695 ALTIBOX_AS Altibox AS (registered Nov 14, 2003)

    Leave a comment:


  • Jan
    replied
    Thanks, Tim. Every once in a while we get a number of these from potential spammers. So far, at least as far as I know, only one has slipped through. Unfortunately, the only way to prevent that would be to block entire segments of IP addresses (if I understand what DougO told me) so the fact that you had a good password was the perfect defense.

    Thanks,
    Jan

    Leave a comment:


  • timk519
    started a topic Attempted hack

    Attempted hack

    As a FYI, I just got this attempted login report. The user was coming in via a Tor anonymizer.

    Dear timk519,

    Someone has tried to log into your account on JMSNews Forums with an incorrect password at least 5 times. This person has been prevented from attempting to login to your account for the next 15 minutes.

    The person trying to log into your account had the following IP address: 92.220.210.218

    All the best,
    JMSNews Forums
Working...
X