The Arcive of Official vBulletin Modifications Site.It is not a VB3 engine, just a parsed copy! |
|
#1
|
|||
|
|||
Tor project enables anonymous hack attempts - how to combat it?
In the past 5 days, I've been getting swamped with email from registered forum users who are responding to the vB note that gets sent out when someone fails after 5 login attempts. Every one of them was telling me "it wasn't me".
Investigation of the IP addresses they're coming from reveals that they're bouncing off exit nodes from the Tor network. The Tor network is a distributed cryptographic anonymizing proxy service. It is not possible at this time to identify the actual source. So in layman's terms - the hack attempts are coming from someone who is abusing the Tor network in order to anonymously attempt to log in to this forum as a legitimate user. If they succeed, they're most likely going to use it to spam the forum with ads. I've been firewalling out IP addresses right and left, but this is proving to be useless since there are hundreds, or maybe thousands of Tor servers out there, and the hackers simply find another one to continue their barrage. And since Tor is totally anonymous, there's no way to identify the originator, and therefore no way to halt the break in attempts. I found an abuse FAQ, and it has some hints on how to determine whether an IP is a Tor exit server. What I'd like to do is have a hack that can identify a server as a Tor server, and simply block all registration and login attempts from those servers. Has anyone does this? Any different suggestions? |
Thread Tools | |
Display Modes | |
|
|
X vBulletin 3.8.12 by vBS Debug Information | |
---|---|
|
|
More Information | |
Template Usage:
Phrase Groups Available:
|
Included Files:
Hooks Called:
|