Everyone PLEASE READ IMPORTANT-- We are under ATTACK
- BoatlessFisherman
- Fisherman - Owner - Administrator
- Posts: 5691
- Joined: Fri Oct 21, 2005 1:26 pm
- Location: South Florida
- Contact:
Everyone PLEASE READ IMPORTANT-- We are under ATTACK
Need every ones help need some questions answered.
This has to do with the Data base crashes.
1. Have you received at the time of log in a message that said you have exceeded your log in attempts and had to put the captcha code in ? I already know "YES the captcha code is very difficult" has to be and you will learn why soon? If so did it happen on first attempt or did you try a few times previous? If you had tried a few times previous NO need to answer, But those that had only tried once or none I want to hear from you.
2. For those people that it did happen to, What Operating system are you using XP, Vista, 7 and so on.
I will explain after we hear from a few people, I believe I have this in hand but I am verifying a few things across the forum before I say anything.
Explanation
We have been getting hit by Brute Force attacks
EVERYONE the security has been working that is why you are seeing the message, that is another reason for more complicated captcha.
But please tighten up your passwords 8 character passwords are OK but 12 character is better and combination letters and numbers is even better.
DO NOT USE PERSONAL PASSWORDS like ones you use for networks or bank accounts always keep them different.
I am on it, just waiting to see what PHPBB is doing from that side - is there a new script "bot" what ever is out there that losers are using.
This has to do with the Data base crashes.
1. Have you received at the time of log in a message that said you have exceeded your log in attempts and had to put the captcha code in ? I already know "YES the captcha code is very difficult" has to be and you will learn why soon? If so did it happen on first attempt or did you try a few times previous? If you had tried a few times previous NO need to answer, But those that had only tried once or none I want to hear from you.
2. For those people that it did happen to, What Operating system are you using XP, Vista, 7 and so on.
I will explain after we hear from a few people, I believe I have this in hand but I am verifying a few things across the forum before I say anything.
Explanation
We have been getting hit by Brute Force attacks
EVERYONE the security has been working that is why you are seeing the message, that is another reason for more complicated captcha.
But please tighten up your passwords 8 character passwords are OK but 12 character is better and combination letters and numbers is even better.
DO NOT USE PERSONAL PASSWORDS like ones you use for networks or bank accounts always keep them different.
I am on it, just waiting to see what PHPBB is doing from that side - is there a new script "bot" what ever is out there that losers are using.
-Tommy A-
click, click, click, Fish ON - Over, Under, Over, Under Get out of my Way. Sound familiar.
click, click, click, Fish ON - Over, Under, Over, Under Get out of my Way. Sound familiar.
- Miamipescador
- KING MACKEREL
- Posts: 954
- Joined: Mon Jan 31, 2011 11:05 pm
Re: Everyone PLEASE READ Have some questions ???? IMPORTANT
Tommy i received the invalid login at my first attempt and i was putting the right PW, which is why i emailed you about it.
I tried it on my phone and on a different browser and it said the same thing, once you changed the pw it was fine though, maybe it stopped crashing?
I am running Windows 7.
I tried it on my phone and on a different browser and it said the same thing, once you changed the pw it was fine though, maybe it stopped crashing?
I am running Windows 7.
- Miamipescador
- KING MACKEREL
- Posts: 954
- Joined: Mon Jan 31, 2011 11:05 pm
Re: Everyone PLEASE READ Have some questions ???? IMPORTANT
The "View new posts" icon is now flashing for me...
- BoatlessFisherman
- Fisherman - Owner - Administrator
- Posts: 5691
- Joined: Fri Oct 21, 2005 1:26 pm
- Location: South Florida
- Contact:
Re: Everyone PLEASE READ Have some questions ???? IMPORTANT
Good Ron, Thanks
Everyone that is the screen that you should have seen
Everyone that is the screen that you should have seen
-Tommy A-
click, click, click, Fish ON - Over, Under, Over, Under Get out of my Way. Sound familiar.
click, click, click, Fish ON - Over, Under, Over, Under Get out of my Way. Sound familiar.
-
- SHARKER
- Posts: 2224
- Joined: Mon Sep 07, 2009 11:22 am
- Location: wellington, FL
- Contact:
Re: Everyone PLEASE READ Have some questions ???? IMPORTANT
Happ to me on my iPad now I can't get back on with my ipad
Philthy sport fishing
Come get philthy!
561-542-2515
Affordable offshore trips fir the boat less fishermen
Come get philthy!
561-542-2515
Affordable offshore trips fir the boat less fishermen
-
- BLACK FIN TUNA
- Posts: 3491
- Joined: Thu Feb 05, 2009 8:48 am
Re: Everyone PLEASE READ Have some questions ???? IMPORTANT
The wife's puter is still doing it (Windows 7) Mine's still not having problem's. (XP)
Nice Boat! Now get it outa my driveway!
-
- Seasoned Fisher
- Posts: 181
- Joined: Thu Nov 11, 2010 11:21 pm
- Location: plantation, fl
Re: Everyone PLEASE READ Have some questions ???? IMPORTANT
Tommy it has happened to me twice over the last couple months once on 11-27 and again on 2-8 I dont remember what the message was ,,sorry I cant be any more help
-
- Seasoned Fisher
- Posts: 181
- Joined: Thu Nov 11, 2010 11:21 pm
- Location: plantation, fl
Re: Everyone PLEASE READ Have some questions ???? IMPORTANT
sorry Tommy I forgot it happen while I was at work so I was using xp
-
- Seasoned Fisher
- Posts: 145
- Joined: Sat Jul 24, 2010 11:57 pm
Re: Everyone PLEASE READ Have some questions ???? IMPORTANT
Hi,
the only issue i had on xp was i would hit enter after entering password and the page would be blank and I would have to backspace..seems to have gone away
the only issue i had on xp was i would hit enter after entering password and the page would be blank and I would have to backspace..seems to have gone away
-
- BLACK FIN TUNA
- Posts: 3491
- Joined: Thu Feb 05, 2009 8:48 am
Re: Everyone PLEASE READ Have some questions ???? IMPORTANT
I just logged on and all I get is Porn. I don't want you to fix it, I'm just braggin
Nice Boat! Now get it outa my driveway!
-
- Old Salt
- Posts: 403
- Joined: Thu Jul 02, 2009 12:45 pm
Re: Everyone PLEASE READ Have some questions ???? IMPORTANT
Tommy, I got the exact screen that Ron had up one day last week, but I got it on the first attempt. I normally have automatic login, but when I went to login, I got that screen and the CAPTCHA was impossible to read! After several attempts, I finally gave up. Then when I got home and tried from my desk top, I had no issues at all. I use XP on both computers.
- BoatlessFisherman
- Fisherman - Owner - Administrator
- Posts: 5691
- Joined: Fri Oct 21, 2005 1:26 pm
- Location: South Florida
- Contact:
Re: Everyone PLEASE READ Have some questions ???? IMPORTANT
Ok, I know some have figured it out but for those that have not.
Someone, it appears, has been attempting to brute force the user accounts, but I am also suspecting a possible bug, so I am watching.
I have been aware for two weeks that something is off and I have been monitoring IPs and the server.
This is not only here, I have found that different forums ( not only PHPBB3 ) have been seeing this for the same amount of time.
I have connected one ip used in this site as attempting to obtain passwords at another site and I am viewing my server logs and have contacted the ip's server for further investigation because it seems related in the forum also.
This may have relevance or it may not, but it is very coincidental.
They may be aware, also they may not.
But if you are I will give you a hint, for only you, so you realize a HAIL of T REX puckies are coming your way. I will give you that hint in a little while SWEAT and under appreciate my abilities for now.
I have been told I do not play well with others - I guess you may be asking me to come out and play.
EVERYONE the security has been working that is why you are seeing the message, that is another reason for more complicated captcha.
But please tighten up your passwords 8 character passwords are OK but 12 character is better and combination letters and numbers is even better.
DO NOT USE PERSONAL PASSWORDS like ones you use for networks or bank accounts always keep them different.
I am on it, just waiting to see what PHPBB is doing from that side - a bug or is there a new script "bot" what ever is out there that losers are using.
Someone, it appears, has been attempting to brute force the user accounts, but I am also suspecting a possible bug, so I am watching.
I have been aware for two weeks that something is off and I have been monitoring IPs and the server.
This is not only here, I have found that different forums ( not only PHPBB3 ) have been seeing this for the same amount of time.
I have connected one ip used in this site as attempting to obtain passwords at another site and I am viewing my server logs and have contacted the ip's server for further investigation because it seems related in the forum also.
This may have relevance or it may not, but it is very coincidental.
They may be aware, also they may not.
But if you are I will give you a hint, for only you, so you realize a HAIL of T REX puckies are coming your way. I will give you that hint in a little while SWEAT and under appreciate my abilities for now.
I have been told I do not play well with others - I guess you may be asking me to come out and play.
EVERYONE the security has been working that is why you are seeing the message, that is another reason for more complicated captcha.
But please tighten up your passwords 8 character passwords are OK but 12 character is better and combination letters and numbers is even better.
DO NOT USE PERSONAL PASSWORDS like ones you use for networks or bank accounts always keep them different.
I am on it, just waiting to see what PHPBB is doing from that side - a bug or is there a new script "bot" what ever is out there that losers are using.
-Tommy A-
click, click, click, Fish ON - Over, Under, Over, Under Get out of my Way. Sound familiar.
click, click, click, Fish ON - Over, Under, Over, Under Get out of my Way. Sound familiar.
- rshields
- GOLIATH GROUPER
- Posts: 1173
- Joined: Mon Nov 17, 2008 11:20 pm
Re: Everyone PLEASE READ Have some questions ???? IMPORTANT
I use the auto log in feature. I just logged out and back in and had no problems XP is my OS. I never had a problem
- BoatlessFisherman
- Fisherman - Owner - Administrator
- Posts: 5691
- Joined: Fri Oct 21, 2005 1:26 pm
- Location: South Florida
- Contact:
Re: Everyone PLEASE READ IMPORTANT-- We are under ATTACK
This is just one method
Attack anatomy
To perform the attack, the attacker registers an account on the forum and tests that the memberlist is available for them to obtain lists of users. The attacker then uses an automated process to login and download thousands of user names from the memberlist, After collecting this data the attacker attempts to brute-force account credentials by repeatedly sending login requests to the forum. As the attack does not attempt to solve the invalid login attempts CAPTCHA, it is limited to the amount of attempts specified in the "Maximum number of login attempts" configuration option.
Signs
Visible signs of this attack include:
* Users being required to enter a CAPTCHA after an initial login attempt.
* Increased server load.
* Repeated POST requests to ucp.php?mode=login from the same IP address.
Prevention
phpBB provides several tools that enable users to mitigate these efforts.
* To prevent successful brute-forcing, an administrator may ensure that "Maximum number of login attempts" , ensuring that a CAPTCHA will be required if an excessive number of failed login attempts occur.
* Additionally, this attack may be mitigated by proper password selection. Ensure that your password contain letters and numbers and are not common words, phrases, combinations (password, 1234, etc.).
Attack anatomy
To perform the attack, the attacker registers an account on the forum and tests that the memberlist is available for them to obtain lists of users. The attacker then uses an automated process to login and download thousands of user names from the memberlist, After collecting this data the attacker attempts to brute-force account credentials by repeatedly sending login requests to the forum. As the attack does not attempt to solve the invalid login attempts CAPTCHA, it is limited to the amount of attempts specified in the "Maximum number of login attempts" configuration option.
Signs
Visible signs of this attack include:
* Users being required to enter a CAPTCHA after an initial login attempt.
* Increased server load.
* Repeated POST requests to ucp.php?mode=login from the same IP address.
Prevention
phpBB provides several tools that enable users to mitigate these efforts.
* To prevent successful brute-forcing, an administrator may ensure that "Maximum number of login attempts" , ensuring that a CAPTCHA will be required if an excessive number of failed login attempts occur.
* Additionally, this attack may be mitigated by proper password selection. Ensure that your password contain letters and numbers and are not common words, phrases, combinations (password, 1234, etc.).
-Tommy A-
click, click, click, Fish ON - Over, Under, Over, Under Get out of my Way. Sound familiar.
click, click, click, Fish ON - Over, Under, Over, Under Get out of my Way. Sound familiar.
- BoatlessFisherman
- Fisherman - Owner - Administrator
- Posts: 5691
- Joined: Fri Oct 21, 2005 1:26 pm
- Location: South Florida
- Contact:
Re: Everyone PLEASE READ IMPORTANT-- We are under ATTACK
They would have to get real Lucky in 3 shots and if that's the case they should be buying LOTTO tickets, Not trying to breach accounts.
-Tommy A-
click, click, click, Fish ON - Over, Under, Over, Under Get out of my Way. Sound familiar.
click, click, click, Fish ON - Over, Under, Over, Under Get out of my Way. Sound familiar.
- BoatlessFisherman
- Fisherman - Owner - Administrator
- Posts: 5691
- Joined: Fri Oct 21, 2005 1:26 pm
- Location: South Florida
- Contact:
Re: Everyone PLEASE READ IMPORTANT-- We are under ATTACK
I am not convinced that they got our member list, it seems that those effected on here post a lot, I believe the culprit is using member names that they see easy as in posting and I think it may just be one of are users playing around, not realizing the laws they are breaking.
Like I said I have been tracking a user and will post a little something for them later so they know I know, but I want them to wonder and pee pee in there pants especially if this is intentional.
Its all part of the Game.
8-16=
0101100101101111011101010100110001101111011100110110010101110010
Like I said I have been tracking a user and will post a little something for them later so they know I know, but I want them to wonder and pee pee in there pants especially if this is intentional.
Its all part of the Game.
8-16=
0101100101101111011101010100110001101111011100110110010101110010
-Tommy A-
click, click, click, Fish ON - Over, Under, Over, Under Get out of my Way. Sound familiar.
click, click, click, Fish ON - Over, Under, Over, Under Get out of my Way. Sound familiar.
- BoatlessFisherman
- Fisherman - Owner - Administrator
- Posts: 5691
- Joined: Fri Oct 21, 2005 1:26 pm
- Location: South Florida
- Contact:
Re: Everyone PLEASE READ IMPORTANT-- We are under ATTACK
Its Simple oh so simple
-Tommy A-
click, click, click, Fish ON - Over, Under, Over, Under Get out of my Way. Sound familiar.
click, click, click, Fish ON - Over, Under, Over, Under Get out of my Way. Sound familiar.
-
- Seasoned Fisher
- Posts: 181
- Joined: Thu Nov 11, 2010 11:21 pm
- Location: plantation, fl
Re: Everyone PLEASE READ IMPORTANT-- We are under ATTACK
good luck with kicking hacker butt tommy
-
- BLACK FIN TUNA
- Posts: 3341
- Joined: Tue Jan 13, 2009 1:55 am
- Location: herethere
Re: Everyone PLEASE READ IMPORTANT-- We are under ATTACK
for some reason the " View new post" keeps blinking on and off. maybe thats only on my account. dont know if it is ordoes everyone else see that to.
-
- Old Salt
- Posts: 439
- Joined: Sun Apr 16, 2006 1:57 pm
- Location: Hialeah
- Contact:
Re: Everyone PLEASE READ IMPORTANT-- We are under ATTACK
good luck tommy...
i had to sign in today and must say the new captcha had me really working my eye sight lol. but its all for a good cause.
i had to sign in today and must say the new captcha had me really working my eye sight lol. but its all for a good cause.
-
- Old Salt
- Posts: 439
- Joined: Sun Apr 16, 2006 1:57 pm
- Location: Hialeah
- Contact:
Re: Everyone PLEASE READ IMPORTANT-- We are under ATTACK
Seems to be working fine for me...fixed80 wrote:for some reason the " View new post" keeps blinking on and off. maybe thats only on my account. dont know if it is ordoes everyone else see that to.
- Green Tide
- SHARKER
- Posts: 2604
- Joined: Wed Aug 30, 2006 9:52 pm
- Location: Monroe County wannabe
Re: Everyone PLEASE READ IMPORTANT-- We are under ATTACK
thanks for the watchful eye.
i havent been affected using vista or my phone.
but i use auto sign for both and have the 8 character/number type pw
there is also a program that lets you bypass captcha by appscene . i don't know if that applies to this.
if it is my ip it is coincidence and not malicious
i have blinking view new posts also
i havent been affected using vista or my phone.
but i use auto sign for both and have the 8 character/number type pw
there is also a program that lets you bypass captcha by appscene . i don't know if that applies to this.
if it is my ip it is coincidence and not malicious
i have blinking view new posts also
- BoatlessFisherman
- Fisherman - Owner - Administrator
- Posts: 5691
- Joined: Fri Oct 21, 2005 1:26 pm
- Location: South Florida
- Contact:
Re: Everyone PLEASE READ IMPORTANT-- We are under ATTACK
I did that to the new post link so it was more obvious.
-Tommy A-
click, click, click, Fish ON - Over, Under, Over, Under Get out of my Way. Sound familiar.
click, click, click, Fish ON - Over, Under, Over, Under Get out of my Way. Sound familiar.
-
- Weekend Warrior
- Posts: 53
- Joined: Fri Nov 05, 2010 1:58 pm
- Location: Melbourne Beach, FL
Re: Everyone PLEASE READ IMPORTANT-- We are under ATTACK
Its doing the same thing for me.fixed80 wrote:for some reason the " View new post" keeps blinking on and off. maybe thats only on my account. dont know if it is ordoes everyone else see that to.