BlahBlahCafe Forum Index  
  •  FAQ  •   Search  •   Memberlist  •   Usergroups  •  Register  •   Log in  •   Album  •   Chat  • 

Previous topic :: Next topic
Blocked accounts issue
Author Message
littlesister 


Age: 47
Joined: 29 Mar 2006
Posts: 1353
Location: a planet all of my own ....
Posted: Sat Jan 29, 2011 8:52 pm   

I recieved a blocked account e-mail too yesterday .... :( (timed 9.10am)

There is definately something strange going on, as although I visit the cafe almost daily, I hardly ever sign in ..... :?
_________________
"I may not be better than other people, but at least I am different.. "
Jean-Jacques ROUSSEAU
Help fight against Human Rights abuses - support Amnesty International
http://www.amnesty.org.uk
 
Adam 


Age: 46
Joined: 30 Mar 2006
Posts: 459
Location: Cornwall,U.K.
Posted: Sun Jan 30, 2011 1:26 am   

It does seem like some sort of bot attack.
But for the moment it looks like the spammers haven't succeeded in guessing anyone's password,but as a forum admin myself I said to our members just to click on view my posts each time they log in just to be sure,9 times out of 10 these spammers will be posting links to porn.
These spammers are everywhere at the moment,I've had my forum attacked & you might have seen my post on Facebook about spammers posting rogue apps which are getting out of hand,plus another couple of forums I frequent have been attacked.
Hopefully they'll get bored with not being able to get into anyone's account & give up.
 
Master10 

Joined: 18 Aug 2010
Posts: 30
Posted: Sun Jan 30, 2011 9:21 am   

And again, mail number 5: at Sun, Jan 30 2011, 05:22AM.
_________________
25-03-08: Amsterdam
26-05-09: Amsterdam
28-03-10: Liège
27-11-10: Rotterdam
03-12-10: Antwerpen
 
Kanta 
English Moderator & Miss News


Age: 48
Joined: 04 May 2006
Posts: 25437
Location: United Kingdom
Posted: Sun Jan 30, 2011 1:34 pm   

The spammer/s are persisted. :P
_________________
Jarregirl YouTube
Concerts attended:
Théâtre Marigny, Paris - 2007
Symphony Hall, Birmingham - 2008
RAH, London - 2008
Wembley Arena, London - 2009
NIA, Birmingham - 2009
POP Bercy, Paris - 2010
NIA, Birmingham - 2010
O2 Arena, London - 2010
Zénith Aréna, Lille - 2010
Port Hercule, Monaco - 2011
TUI Arena, Hannover - 2011
Festival International de Carthage - 2013
Barclaycard Arena, Birmingham - 2016
 
littlesister 


Age: 47
Joined: 29 Mar 2006
Posts: 1353
Location: a planet all of my own ....
Posted: Sun Jan 30, 2011 8:39 pm   

:( ... another blocked account e-mail today (4.17 am) .... important details changed again too
_________________
"I may not be better than other people, but at least I am different.. "
Jean-Jacques ROUSSEAU
Help fight against Human Rights abuses - support Amnesty International
http://www.amnesty.org.uk
 
Kanta 
English Moderator & Miss News


Age: 48
Joined: 04 May 2006
Posts: 25437
Location: United Kingdom
Posted: Sun Jan 30, 2011 9:09 pm   

I am not worried. Hopefully, they/he/she will go away soon.
_________________
Jarregirl YouTube
Concerts attended:
Théâtre Marigny, Paris - 2007
Symphony Hall, Birmingham - 2008
RAH, London - 2008
Wembley Arena, London - 2009
NIA, Birmingham - 2009
POP Bercy, Paris - 2010
NIA, Birmingham - 2010
O2 Arena, London - 2010
Zénith Aréna, Lille - 2010
Port Hercule, Monaco - 2011
TUI Arena, Hannover - 2011
Festival International de Carthage - 2013
Barclaycard Arena, Birmingham - 2016
 
Dr_Jones 


Joined: 30 Mar 2006
Posts: 3713
Posted: Mon Jan 31, 2011 2:56 am   

Kanta wrote:
I am not worried. Hopefully, they/he/she will go away soon.


Most probably it's a bot, so I doubt it will go away, unless the IP is blocked or something.
_________________
KHDownloads
 
GeeJee 
The GUV'NOR


Age: 32
Joined: 28 Mar 2006
Posts: 18852
Location: Zwolle, The Netherlands
Posted: Mon Jan 31, 2011 3:01 am   

...no update so far...
_________________
Me, I'm the Guv'nor, not yer regular cheese grater! SO DON'T GIVE ME NO BACK TALK! :mrgreen:
 
Andy 


Age: 41
Joined: 01 Apr 2006
Posts: 278
Location: Wiesbaden, Germany
Posted: Mon Jan 31, 2011 7:41 am   

Hi there!

At the moment there are lots of so-called "brute force attacks" on phpBB-based forums worldwide! This is not the only forum... :evil:

One possible protection is the implementation of a captcha-code for the login process.

Maybe you could implement such a safety function?

Thanks!

Regards, Andy
_________________
StarinkWorld - The official Ed Starink website
 
shadow 


Age: 28
Joined: 11 Nov 2010
Posts: 1629
Posted: Mon Jan 31, 2011 7:23 pm   

I don't think a captha-code would be needed untill the first actual hack, I guess were safe atm :)

But then again, that's just my POV :mrgreen:
_________________
27-11-10: Ahoy Rotterdam
22-11-16: Heineken Music Hall Amsterdam
 
Nico_Noyau 
Assistant Admin & Bootleg Expert


Age: 29
Joined: 29 Mar 2006
Posts: 13342
Location: Aix en Provence, France
Posted: Thu Feb 03, 2011 11:54 am   

The only way to get it stopped is to get the bot's IP address.

This attack is made by a bot, scanning some forums randomly by following links found in signatures for example.
A captcha would be a pain in the ass to the users as they would have to fill it each time they connect.

Otherwise, we could add a code checking the navigator's headers (IE, Firefox, Chrome, Opera...), but then again, the bots might send false headers as well...

So, first, I need to find the guy's IP in the server's log ;)
_________________

My music, webdev, photos, videos : www.nicolaskern.fr
Robert Dugenou

Attended :
Teo&Tea showcase in Cannes [France] - 20/05/2007
Théâtre Marigny, Paris [France] - 15/12/2007
<2010> Marseille [France] - 20/03/2010
Monaco - 01/07/2011
Arènes de Nîmes – 14/07/2016
 
Dr_Jones 


Joined: 30 Mar 2006
Posts: 3713
Posted: Thu Feb 03, 2011 1:38 pm   

Nico_Noyau wrote:
The only way to get it stopped is to get the bot's IP address.

This attack is made by a bot, scanning some forums randomly by following links found in signatures for example.
A captcha would be a pain in the ass to the users as they would have to fill it each time they connect.

Otherwise, we could add a code checking the navigator's headers (IE, Firefox, Chrome, Opera...), but then again, the bots might send false headers as well...

So, first, I need to find the guy's IP in the server's log ;)


We could set up some bait... make a false user with a common password and see if the bot logs on.
_________________
KHDownloads
 
GeeJee 
The GUV'NOR


Age: 32
Joined: 28 Mar 2006
Posts: 18852
Location: Zwolle, The Netherlands
Posted: Thu Feb 03, 2011 2:02 pm   

That doesn't seem like a good idea to me :P

Nico will be working on the problem soon.
_________________
Me, I'm the Guv'nor, not yer regular cheese grater! SO DON'T GIVE ME NO BACK TALK! :mrgreen:
 
jp8000 


Age: 38
Joined: 30 Mar 2006
Posts: 4951
Location: Finland, Itä-Suomen lääni
Posted: Thu Feb 03, 2011 5:25 pm   

Just got an email telling that my acct. is blocked, but like you can see, I'm still logged in
_________________
Master of copying other composers work.. subconsciously

My soundclick

Facebook

My youtube channel
 
mathetes1963 


Age: 55
Joined: 28 Sep 2007
Posts: 1882
Location: North Carolina, USA
Posted: Fri Feb 04, 2011 12:05 am   

jp8000 wrote:
Just got an email telling that my acct. is blocked, but like you can see, I'm still logged in


And just how do we know it's really YOU?
For that matter...
How do I know that I am ME and not somebody else? :game:
_________________
"The aim and final end of all music should be none other than the glory of God and the refreshment of the soul."
-Johann Sebastian Bach, 1685-1750

"It Don't Mean A Thing If It Ain't Got That Swing."
-Duke Ellington, 1899-1974
 
Display posts from previous:   
Reply to topic
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
Add this topic to your bookmarks
Printable version

Jump to:  

Powered by phpBB modified by Przemo © 2003 phpBB Group
Template FIBlack modified by Falcone
Page generated in 0.13 second. SQL queries: 11