The Arcive of Official vBulletin Modifications Site.

Bluemax712 · #11 06-09-2013, 07:23 PM

Here's another IP to toss on the barbie - 85.234.22.126

BirdOPrey5 · #12 06-09-2013, 07:57 PM

I got it too... Note the usernames... All A's and B's... they go in alphabetical order.

Simon Lloyd · #13 06-09-2013, 08:18 PM

They've done this before and given up!

bada_bing · #14 06-09-2013, 09:22 PM

Is someone from vb.org going to control these attacks
To break into people's accounts ? Please add a block
Based on the IP addressed reported by members or invest into WAF to prevent this in
The future.

bleros · #15 06-09-2013, 09:59 PM

WTF ? this is not first time

BirdOPrey5 · #16 06-09-2013, 10:38 PM

Unfortunately short of disabling board emails there's nothing worthwhile to be done. There are hundreds, maybe thousands of IP addresses involved so banning individual ones is not feasible.

This usually lasts a couple days and then ends- in the mean time the easiest/best course of action is just to delete the emails.

Paul M · #17 06-09-2013, 10:41 PM

Quote:

Originally Posted by bleros

this is not first time

Nor will it be the last time.

This happens every few months.
The software does what it is designed to do, it blocks them, and informs you.

Change your password if it worries you, otherwise just delete them.

BfB · #18 06-09-2013, 10:50 PM

If they aren't members, how are they getting our usernames?!

Simon Lloyd · #19 06-09-2013, 10:59 PM

Quote:

Originally Posted by BfB

If they aren't members, how are they getting our usernames?!

Just scraping them off the members list!

Avros · #20 06-09-2013, 11:20 PM

This sort of thing has been happening all the time on many sites and forum, so it was inevitable that it will happen here eventually. New Bots are being written to seek out lits of embers and then using brute force attacks to find weak passwords. This is why you always need to change your passwords.

I implemented a very simple, yet effective ways to fight these Bots. There are on the other hand a real person attack 'Hacker' which can visit your site. With some ISP providing proxy IPs and redirects, blocking IP number will be a total waste of time.

I can tell you that most of the attacks are coming out of Asia, Poland, Turkey, Federation, Germany, Ukrane, UK and yes USA. So if you block these IPs you also block possible effective members.

I too received the same notifications of attacks to my account, and when I read the IPs I just laughed. You see these all the time on my other sites, and they will tire and soon return as always. Scan you user database for weak passwords, notify the user to regularly change them. Most importantly, implement a simple and effect means to filter those Bots.

Sorry for this lengthy reply, but we do tend to panic over very simple and rectifiable problems.

Proverb: If your house has a door, expect some one to knock on it....

Thread Tools
Show Printable Version Email this Page
Display Modes
Linear Mode Switch to Hybrid Mode Switch to Threaded Mode

X vBulletin 3.8.12 by vBS Debug Information
Page Generation 0.06070 seconds Memory Usage 2,272KB Queries Executed 14 (?)
More Information
Template Usage: (1)SHOWTHREAD (1)ad_footer_end (1)ad_footer_start (1)ad_header_end (1)ad_header_logo (1)ad_navbar_below (1)ad_showthread_beforeqr (1)ad_showthread_firstpost (1)ad_showthread_firstpost_sig (1)ad_showthread_firstpost_start (2)bbcode_quote (1)footer (1)forumjump (1)forumrules (1)gobutton (1)header (1)headinclude (1)navbar (3)navbar_link (120)option (1)pagenav (1)pagenav_curpage (3)pagenav_pagelink (10)post_thanks_box (3)post_thanks_box_bit (10)post_thanks_button (1)post_thanks_javascript (1)post_thanks_navbar_search (2)post_thanks_postbit (10)post_thanks_postbit_info (10)postbit (1)postbit_attachment (10)postbit_onlinestatus (10)postbit_wrapper (1)spacer_close (1)spacer_open (1)tagbit_wrapper Phrase Groups Available: global inlinemod postbit posting reputationlevel showthread	Included Files: ./showthread.php ./global.php ./includes/init.php ./includes/class_core.php ./includes/config.php ./includes/functions.php ./includes/class_hook.php ./includes/modsystem_functions.php ./includes/functions_bigthree.php ./includes/class_postbit.php ./includes/class_bbcode.php ./includes/functions_reputation.php ./includes/functions_post_thanks.php Hooks Called: init_startup init_startup_session_setup_start init_startup_session_setup_complete cache_permissions fetch_postinfo_query fetch_postinfo fetch_threadinfo_query fetch_threadinfo fetch_foruminfo style_fetch cache_templates global_start parse_templates global_setup_complete showthread_start showthread_getinfo forumjump showthread_post_start showthread_query_postids showthread_query bbcode_fetch_tags bbcode_create showthread_postbit_create postbit_factory postbit_display_start post_thanks_function_post_thanks_off_start post_thanks_function_post_thanks_off_end post_thanks_function_fetch_thanks_start fetch_musername post_thanks_function_fetch_thanks_end post_thanks_function_thanked_already_start post_thanks_function_thanked_already_end postbit_imicons bbcode_parse_start bbcode_parse_complete_precache bbcode_parse_complete postbit_display_complete post_thanks_function_can_thank_this_post_start postbit_attachment post_thanks_function_fetch_thanks_bit_start post_thanks_function_show_thanks_date_start post_thanks_function_show_thanks_date_end post_thanks_function_fetch_thanks_bit_end post_thanks_function_fetch_post_thanks_template_start post_thanks_function_fetch_post_thanks_template_end pagenav_page pagenav_complete tag_fetchbit_complete forumrules navbits navbits_complete showthread_complete
Messages:

2 благодарности(ей) от:
Amaury, CableSux

The Arcive of Official vBulletin Modifications Site.

It is not a VB3 engine, just a parsed copy!