Everyone PLEASE READ IMPORTANT-- We are under ATTACK

If you experience any problems registering please email info@boatlessfishing.com , I will fix issue ASAP, you should be activated with in 24 hours.
User avatar
BoatlessFisherman
Fisherman - Owner - Administrator
Posts: 5690
Joined: Fri Oct 21, 2005 1:26 pm
Location: South Florida
Contact:

Everyone PLEASE READ IMPORTANT-- We are under ATTACK

Post by BoatlessFisherman »

Need every ones help need some questions answered.

This has to do with the Data base crashes.

1. Have you received at the time of log in a message that said you have exceeded your log in attempts and had to put the captcha code in ? I already know "YES the captcha code is very difficult" has to be and you will learn why soon? If so did it happen on first attempt or did you try a few times previous? If you had tried a few times previous NO need to answer, But those that had only tried once or none I want to hear from you.

2. For those people that it did happen to, What Operating system are you using XP, Vista, 7 and so on.


I will explain after we hear from a few people, I believe I have this in hand but I am verifying a few things across the forum before I say anything.


Explanation

We have been getting hit by Brute Force attacks

EVERYONE the security has been working that is why you are seeing the message, that is another reason for more complicated captcha.

But please tighten up your passwords 8 character passwords are OK but 12 character is better and combination letters and numbers is even better.

DO NOT USE PERSONAL PASSWORDS like ones you use for networks or bank accounts always keep them different.

I am on it, just waiting to see what PHPBB is doing from that side - is there a new script "bot" what ever is out there that losers are using.
-Tommy A-

click, click, click, Fish ON - Over, Under, Over, Under Get out of my Way. Sound familiar.

User avatar
Miamipescador
KING MACKEREL
Posts: 954
Joined: Mon Jan 31, 2011 11:05 pm

Re: Everyone PLEASE READ Have some questions ???? IMPORTANT

Post by Miamipescador »

Tommy i received the invalid login at my first attempt and i was putting the right PW, which is why i emailed you about it.

I tried it on my phone and on a different browser and it said the same thing, once you changed the pw it was fine though, maybe it stopped crashing?

I am running Windows 7.
Image

User avatar
Miamipescador
KING MACKEREL
Posts: 954
Joined: Mon Jan 31, 2011 11:05 pm

Re: Everyone PLEASE READ Have some questions ???? IMPORTANT

Post by Miamipescador »

The "View new posts" icon is now flashing for me...
Image

User avatar
BoatlessFisherman
Fisherman - Owner - Administrator
Posts: 5690
Joined: Fri Oct 21, 2005 1:26 pm
Location: South Florida
Contact:

Re: Everyone PLEASE READ Have some questions ???? IMPORTANT

Post by BoatlessFisherman »

Good Ron, Thanks
Everyone that is the screen that you should have seen
-Tommy A-

click, click, click, Fish ON - Over, Under, Over, Under Get out of my Way. Sound familiar.

gdm phil
SHARKER
Posts: 2223
Joined: Mon Sep 07, 2009 11:22 am
Location: wellington, FL
Contact:

Re: Everyone PLEASE READ Have some questions ???? IMPORTANT

Post by gdm phil »

Happ to me on my iPad now I can't get back on with my ipad
Philthy sport fishing
Come get philthy!
561-542-2515
Affordable offshore trips fir the boat less fishermen

crashmister
BLACK FIN TUNA
Posts: 3490
Joined: Thu Feb 05, 2009 8:48 am

Re: Everyone PLEASE READ Have some questions ???? IMPORTANT

Post by crashmister »

The wife's puter is still doing it (Windows 7) Mine's still not having problem's. (XP)
Nice Boat! Now get it outa my driveway!

goodolmikey
Seasoned Fisher
Posts: 181
Joined: Thu Nov 11, 2010 11:21 pm
Location: plantation, fl

Re: Everyone PLEASE READ Have some questions ???? IMPORTANT

Post by goodolmikey »

Tommy it has happened to me twice over the last couple months once on 11-27 and again on 2-8 I dont remember what the message was ,,sorry I cant be any more help

goodolmikey
Seasoned Fisher
Posts: 181
Joined: Thu Nov 11, 2010 11:21 pm
Location: plantation, fl

Re: Everyone PLEASE READ Have some questions ???? IMPORTANT

Post by goodolmikey »

sorry Tommy I forgot it happen while I was at work so I was using xp

landcaster
Seasoned Fisher
Posts: 145
Joined: Sat Jul 24, 2010 11:57 pm

Re: Everyone PLEASE READ Have some questions ???? IMPORTANT

Post by landcaster »

Hi,

the only issue i had on xp was i would hit enter after entering password and the page would be blank and I would have to backspace..seems to have gone away

crashmister
BLACK FIN TUNA
Posts: 3490
Joined: Thu Feb 05, 2009 8:48 am

Re: Everyone PLEASE READ Have some questions ???? IMPORTANT

Post by crashmister »

I just logged on and all I get is Porn. I don't want you to fix it, I'm just braggin :mrgreen:
Nice Boat! Now get it outa my driveway!

fishaddict0916
Old Salt
Posts: 403
Joined: Thu Jul 02, 2009 12:45 pm

Re: Everyone PLEASE READ Have some questions ???? IMPORTANT

Post by fishaddict0916 »

Tommy, I got the exact screen that Ron had up one day last week, but I got it on the first attempt. I normally have automatic login, but when I went to login, I got that screen and the CAPTCHA was impossible to read! After several attempts, I finally gave up. Then when I got home and tried from my desk top, I had no issues at all. I use XP on both computers.

User avatar
BoatlessFisherman
Fisherman - Owner - Administrator
Posts: 5690
Joined: Fri Oct 21, 2005 1:26 pm
Location: South Florida
Contact:

Re: Everyone PLEASE READ Have some questions ???? IMPORTANT

Post by BoatlessFisherman »

Ok, I know some have figured it out but for those that have not.

Someone, it appears, has been attempting to brute force the user accounts, but I am also suspecting a possible bug, so I am watching.

I have been aware for two weeks that something is off and I have been monitoring IPs and the server.

This is not only here, I have found that different forums ( not only PHPBB3 ) have been seeing this for the same amount of time.

I have connected one ip used in this site as attempting to obtain passwords at another site and I am viewing my server logs and have contacted the ip's server for further investigation because it seems related in the forum also.

This may have relevance or it may not, but it is very coincidental.

They may be aware, also they may not.

But if you are I will give you a hint, for only you, so you realize a HAIL of T REX puckies are coming your way. I will give you that hint in a little while SWEAT and under appreciate my abilities for now.

I have been told I do not play well with others - I guess you may be asking me to come out and play.

EVERYONE the security has been working that is why you are seeing the message, that is another reason for more complicated captcha.

But please tighten up your passwords 8 character passwords are OK but 12 character is better and combination letters and numbers is even better.

DO NOT USE PERSONAL PASSWORDS like ones you use for networks or bank accounts always keep them different.

I am on it, just waiting to see what PHPBB is doing from that side - a bug or is there a new script "bot" what ever is out there that losers are using.
-Tommy A-

click, click, click, Fish ON - Over, Under, Over, Under Get out of my Way. Sound familiar.

User avatar
rshields
GOLIATH GROUPER
Posts: 1173
Joined: Mon Nov 17, 2008 11:20 pm

Re: Everyone PLEASE READ Have some questions ???? IMPORTANT

Post by rshields »

I use the auto log in feature. I just logged out and back in and had no problems XP is my OS. I never had a problem

User avatar
BoatlessFisherman
Fisherman - Owner - Administrator
Posts: 5690
Joined: Fri Oct 21, 2005 1:26 pm
Location: South Florida
Contact:

Re: Everyone PLEASE READ IMPORTANT-- We are under ATTACK

Post by BoatlessFisherman »

This is just one method

Attack anatomy
To perform the attack, the attacker registers an account on the forum and tests that the memberlist is available for them to obtain lists of users. The attacker then uses an automated process to login and download thousands of user names from the memberlist, After collecting this data the attacker attempts to brute-force account credentials by repeatedly sending login requests to the forum. As the attack does not attempt to solve the invalid login attempts CAPTCHA, it is limited to the amount of attempts specified in the "Maximum number of login attempts" configuration option.

Signs
Visible signs of this attack include:

* Users being required to enter a CAPTCHA after an initial login attempt.
* Increased server load.
* Repeated POST requests to ucp.php?mode=login from the same IP address.

Prevention
phpBB provides several tools that enable users to mitigate these efforts.

* To prevent successful brute-forcing, an administrator may ensure that "Maximum number of login attempts" , ensuring that a CAPTCHA will be required if an excessive number of failed login attempts occur.

* Additionally, this attack may be mitigated by proper password selection. Ensure that your password contain letters and numbers and are not common words, phrases, combinations (password, 1234, etc.).
-Tommy A-

click, click, click, Fish ON - Over, Under, Over, Under Get out of my Way. Sound familiar.

User avatar
BoatlessFisherman
Fisherman - Owner - Administrator
Posts: 5690
Joined: Fri Oct 21, 2005 1:26 pm
Location: South Florida
Contact:

Re: Everyone PLEASE READ IMPORTANT-- We are under ATTACK

Post by BoatlessFisherman »

They would have to get real Lucky in 3 shots and if that's the case they should be buying LOTTO tickets, Not trying to breach accounts.
-Tommy A-

click, click, click, Fish ON - Over, Under, Over, Under Get out of my Way. Sound familiar.

User avatar
BoatlessFisherman
Fisherman - Owner - Administrator
Posts: 5690
Joined: Fri Oct 21, 2005 1:26 pm
Location: South Florida
Contact:

Re: Everyone PLEASE READ IMPORTANT-- We are under ATTACK

Post by BoatlessFisherman »

I am not convinced that they got our member list, it seems that those effected on here post a lot, I believe the culprit is using member names that they see easy as in posting and I think it may just be one of are users playing around, not realizing the laws they are breaking.

Like I said I have been tracking a user and will post a little something for them later so they know I know, but I want them to wonder and pee pee in there pants especially if this is intentional.

Its all part of the Game.

8-16=
0101100101101111011101010100110001101111011100110110010101110010
-Tommy A-

click, click, click, Fish ON - Over, Under, Over, Under Get out of my Way. Sound familiar.

User avatar
BoatlessFisherman
Fisherman - Owner - Administrator
Posts: 5690
Joined: Fri Oct 21, 2005 1:26 pm
Location: South Florida
Contact:

Re: Everyone PLEASE READ IMPORTANT-- We are under ATTACK

Post by BoatlessFisherman »

Its Simple oh so simple
-Tommy A-

click, click, click, Fish ON - Over, Under, Over, Under Get out of my Way. Sound familiar.

goodolmikey
Seasoned Fisher
Posts: 181
Joined: Thu Nov 11, 2010 11:21 pm
Location: plantation, fl

Re: Everyone PLEASE READ IMPORTANT-- We are under ATTACK

Post by goodolmikey »

good luck with kicking hacker butt tommy

fixed80
BLACK FIN TUNA
Posts: 3341
Joined: Tue Jan 13, 2009 1:55 am
Location: herethere

Re: Everyone PLEASE READ IMPORTANT-- We are under ATTACK

Post by fixed80 »

for some reason the " View new post" keeps blinking on and off. maybe thats only on my account. dont know if it is ordoes everyone else see that to.

ricky9
Old Salt
Posts: 439
Joined: Sun Apr 16, 2006 1:57 pm
Location: Hialeah
Contact:

Re: Everyone PLEASE READ IMPORTANT-- We are under ATTACK

Post by ricky9 »

good luck tommy...

i had to sign in today and must say the new captcha had me really working my eye sight lol. but its all for a good cause.

ricky9
Old Salt
Posts: 439
Joined: Sun Apr 16, 2006 1:57 pm
Location: Hialeah
Contact:

Re: Everyone PLEASE READ IMPORTANT-- We are under ATTACK

Post by ricky9 »

fixed80 wrote:for some reason the " View new post" keeps blinking on and off. maybe thats only on my account. dont know if it is ordoes everyone else see that to.
Seems to be working fine for me...

User avatar
Green Tide
SHARKER
Posts: 2600
Joined: Wed Aug 30, 2006 9:52 pm
Location: Monroe County wannabe

Re: Everyone PLEASE READ IMPORTANT-- We are under ATTACK

Post by Green Tide »

thanks for the watchful eye.
i havent been affected using vista or my phone.
but i use auto sign for both and have the 8 character/number type pw

there is also a program that lets you bypass captcha by appscene . i don't know if that applies to this.

if it is my ip it is coincidence and not malicious

i have blinking view new posts also
Image

You shoulda been here yesterday!!!

User avatar
BoatlessFisherman
Fisherman - Owner - Administrator
Posts: 5690
Joined: Fri Oct 21, 2005 1:26 pm
Location: South Florida
Contact:

Re: Everyone PLEASE READ IMPORTANT-- We are under ATTACK

Post by BoatlessFisherman »

I did that to the new post link so it was more obvious.
-Tommy A-

click, click, click, Fish ON - Over, Under, Over, Under Get out of my Way. Sound familiar.

tom123
Weekend Warrior
Posts: 53
Joined: Fri Nov 05, 2010 1:58 pm
Location: Melbourne Beach, FL

Re: Everyone PLEASE READ IMPORTANT-- We are under ATTACK

Post by tom123 »

fixed80 wrote:for some reason the " View new post" keeps blinking on and off. maybe thats only on my account. dont know if it is ordoes everyone else see that to.
Its doing the same thing for me.

Post Reply

Return to “User Help for BF Forums and Rule of use”