Note To All Members: Password Security

Members Only: This forum is restricted to votes and other formal discussions and is intentionally visible to all forum visitors.

Moderators: General Forum Moderators, Global Moderators

Note To All Members: Password Security

PostPosted: Thu Feb 10, 2011 8:03 pm

User avatar
Anubis
Site Admin
Posts: 4291
Joined: Thu Sep 02, 2004 10:13 pm
Location: The Unholy Realm
Contact:
As some of you may have noticed, we appear to have been suffering forum issues throughout today. Many users I have spoken to have been confronted by a "you have exceeded the maximum number of login attempts" message upon trying to login, despite they not having attempted multiple times.

After investigating, I suspect that what's happened is that we've been the recipient of an attempted brute force attack by a bot - trying to get into those accounts that it can find via whatever means by way of guessing passwords. We currently have the maximum number of login attempts set to 3 for the board before CAPTCHA display is triggered, however CAPTCHA on login was seemingly broken up until a few minutes ago when I fixed it. As a result, some of you may have been unable to login today - my apologies about that.

As a result of the assumed attack, I've setup the board so that an entry is written into a log when the "you have exceeded the maximum number of login attempts" triggers for users. This will allow me to keep an eye on the IP addresses and accounts triggering the message and hopefully, should another attack occur, allow me to identify and IP ban any bots attempting the same thing in future.

That said though, I urge everyone to ensure that they are using a secure password for their account - something that a brute force attacker will not be able to easily figure out. This is especially true if you're one of the ones affected by this issue today - it would not do to give any attacker an easy ride should they return and try to access the same accounts again!
"Perhaps this is what I have always wished for since that day. The loss and destruction of all. That's right, one must destroy before creating. In that case, if my conscience becomes a hindrance to me, then I will simply erase it. I have no other choice but to move forward....therefore!" - Lelouch vi Britannia/Zero, Code Geass: Hangyaku no Lelouch

Forever an eXile and proud of it!

Re: Note To All Members: Password Security

PostPosted: Fri Feb 11, 2011 12:54 pm

Inquisitor
Posts: 3411
Joined: Wed Sep 01, 2004 12:46 am
Location: SSX
Contact:
Tapatalk no longer works with the current config.
No signature

Re: Note To All Members: Password Security

PostPosted: Fri Feb 11, 2011 1:01 pm

Inquisitor
Posts: 3411
Joined: Wed Sep 01, 2004 12:46 am
Location: SSX
Contact:
Never mind. Figured it out.
No signature

Re: Note To All Members: Password Security

PostPosted: Fri Feb 11, 2011 2:53 pm

User avatar
M.Steiner
Posts: 6114
Joined: Wed Sep 01, 2004 5:57 pm
Location: UK
Contact:
How long should the maximum login attempts message appear btw Anny? What I mean is, if I (and others) received the same message again today after we'd received it yesterday but then logged in okay once the captcha was displaying, does that mean a bot has tried to gain entry again since? Or is it just that the message will stay around a while?
If that makes any sense lol. :)
"My name is Ozymandias, King of Kings:
Look on my works, ye mighty, and despair!"
Nothing beside remains. Round the decay
Of that colossal wreck, boundless and bare,
The lone and level sands stretch far away.

Re: Note To All Members: Password Security

PostPosted: Fri Feb 11, 2011 6:56 pm

User avatar
Anubis
Site Admin
Posts: 4291
Joined: Thu Sep 02, 2004 10:13 pm
Location: The Unholy Realm
Contact:
SSX-MS wrote:if I (and others) received the same message again today after we'd received it yesterday but then logged in okay once the captcha was displaying, does that mean a bot has tried to gain entry again since?
Yes, that's what it means. I tested myself earlier whilst at work too and had the issue again. If you login, confirming yourself with the CAPTCHA, it should clear any 'rogue' attempts (meaning that if yuo log back out straight away, and try to log in again, you won't get the CAPTCHA), and did so for me upon testing - so it basically means that the bot has been back since, yes.

I've already identified a couple of IPs I'm keeping an eye on, as they are coming up as recieving the CAPTCHA login for multiple accounts. If the pattern continues over the weekend, I'll probably take action on Monday. Hopefully that will solve it.
"Perhaps this is what I have always wished for since that day. The loss and destruction of all. That's right, one must destroy before creating. In that case, if my conscience becomes a hindrance to me, then I will simply erase it. I have no other choice but to move forward....therefore!" - Lelouch vi Britannia/Zero, Code Geass: Hangyaku no Lelouch

Forever an eXile and proud of it!

Re: Note To All Members: Password Security

PostPosted: Fri Feb 11, 2011 7:14 pm

User avatar
Whizbang
Posts: 721
Joined: Tue Dec 02, 2008 6:16 pm
Do the IPs you're seeing problems from originate from a specific region/country?
Walk on with hope in your heart
And you'll never walk alone

[16:22] <SoulSeeker> i know its not the pc version but i kill kids for fun

<whizbang> Who's the ref?
<Isileth> Some dickhead

Re: Note To All Members: Password Security

PostPosted: Fri Feb 11, 2011 9:33 pm

User avatar
Anubis
Site Admin
Posts: 4291
Joined: Thu Sep 02, 2004 10:13 pm
Location: The Unholy Realm
Contact:
Mechanus wrote:Do the IPs you're seeing problems from originate from a specific region/country?
Germany, somewhat surprisingly.
"Perhaps this is what I have always wished for since that day. The loss and destruction of all. That's right, one must destroy before creating. In that case, if my conscience becomes a hindrance to me, then I will simply erase it. I have no other choice but to move forward....therefore!" - Lelouch vi Britannia/Zero, Code Geass: Hangyaku no Lelouch

Forever an eXile and proud of it!

Re: Note To All Members: Password Security

PostPosted: Fri Feb 11, 2011 11:38 pm

User avatar
Whizbang
Posts: 721
Joined: Tue Dec 02, 2008 6:16 pm
Walk on with hope in your heart
And you'll never walk alone

[16:22] <SoulSeeker> i know its not the pc version but i kill kids for fun

<whizbang> Who's the ref?
<Isileth> Some dickhead

Re: Note To All Members: Password Security

PostPosted: Sat Feb 12, 2011 12:01 am

User avatar
M.Steiner
Posts: 6114
Joined: Wed Sep 01, 2004 5:57 pm
Location: UK
Contact:
Anubis wrote:I've already identified a couple of IPs I'm keeping an eye on, as they are coming up as recieving the CAPTCHA login for multiple accounts. If the pattern continues over the weekend, I'll probably take action on Monday. Hopefully that will solve it.
Good good :thumb:
Don't think blocking the whole of Germany is very viable tbh Mech :lol: :)
"My name is Ozymandias, King of Kings:
Look on my works, ye mighty, and despair!"
Nothing beside remains. Round the decay
Of that colossal wreck, boundless and bare,
The lone and level sands stretch far away.

Re: Note To All Members: Password Security

PostPosted: Sat Feb 12, 2011 12:02 am

User avatar
Whizbang
Posts: 721
Joined: Tue Dec 02, 2008 6:16 pm
SSX-MS wrote: Don't think blocking the whole of Germany is very viable tbh Mech :lol: :)
You do have the ability to create exception IPs in the list. :p
Walk on with hope in your heart
And you'll never walk alone

[16:22] <SoulSeeker> i know its not the pc version but i kill kids for fun

<whizbang> Who's the ref?
<Isileth> Some dickhead

Re: Note To All Members: Password Security

PostPosted: Sat Feb 12, 2011 12:05 am

User avatar
Anubis
Site Admin
Posts: 4291
Joined: Thu Sep 02, 2004 10:13 pm
Location: The Unholy Realm
Contact:
Thanks for the link, but we definately won't be going down that route. We have German members, and I would not want to deny anyone access to the site based solely upon where they live. Even if we made use of the exception list, it would effectively deter any new members we may garner from Germany - since they'd have to give us their IP before they could access the forum.

I'll try and control it through individual IP bans more than likely based upon data I gather in the log. If that does not work and I can't find any other feasible solution, it's simply the case that we'll have to live with the CAPTCHA showing up on login - after all, that's not ideal but it's not an overly huge price to pay!
"Perhaps this is what I have always wished for since that day. The loss and destruction of all. That's right, one must destroy before creating. In that case, if my conscience becomes a hindrance to me, then I will simply erase it. I have no other choice but to move forward....therefore!" - Lelouch vi Britannia/Zero, Code Geass: Hangyaku no Lelouch

Forever an eXile and proud of it!

Re: Note To All Members: Password Security

PostPosted: Sat Feb 12, 2011 12:19 am

User avatar
M.Steiner
Posts: 6114
Joined: Wed Sep 01, 2004 5:57 pm
Location: UK
Contact:
San Francisco too by the looks of it, though mainly Germany.
"My name is Ozymandias, King of Kings:
Look on my works, ye mighty, and despair!"
Nothing beside remains. Round the decay
Of that colossal wreck, boundless and bare,
The lone and level sands stretch far away.

Re: Note To All Members: Password Security

PostPosted: Fri Mar 04, 2011 2:22 pm

User avatar
M.Steiner
Posts: 6114
Joined: Wed Sep 01, 2004 5:57 pm
Location: UK
Contact:
Just to note that it's happening again.
"My name is Ozymandias, King of Kings:
Look on my works, ye mighty, and despair!"
Nothing beside remains. Round the decay
Of that colossal wreck, boundless and bare,
The lone and level sands stretch far away.

Re: Note To All Members: Password Security

PostPosted: Tue Mar 08, 2011 3:09 am

User avatar
Kon
Posts: 1525
Joined: Thu Sep 02, 2004 8:56 pm
Location: USA
Contact:
Just happened to me as well, so they're at it again today. Has the script you installed been of any use in confirming the source of these attacks?
"We are the facilitators of our own creative evolution."

Re: Note To All Members: Password Security

PostPosted: Thu Mar 10, 2011 11:39 pm

User avatar
Anubis
Site Admin
Posts: 4291
Joined: Thu Sep 02, 2004 10:13 pm
Location: The Unholy Realm
Contact:
I missed this whilst I was in the process of rebuilding my machine. When I have finished reconstructing it from the software side of things this weekend I will take a look back through the logs and update regarding whether I can identify a pattern and/or have taken action against an IP.

Sorry about the delay.
"Perhaps this is what I have always wished for since that day. The loss and destruction of all. That's right, one must destroy before creating. In that case, if my conscience becomes a hindrance to me, then I will simply erase it. I have no other choice but to move forward....therefore!" - Lelouch vi Britannia/Zero, Code Geass: Hangyaku no Lelouch

Forever an eXile and proud of it!

Re: Note To All Members: Password Security

PostPosted: Wed Sep 14, 2011 10:58 pm

User avatar
Fenavian
Posts: 1164
Joined: Wed Sep 01, 2004 9:55 pm
Location: Here.
I just got that 'exceeded login attempts' message just a few minutes ago despite not logging in for like, four months or so. Hope this info helps. End of line.
01000101011100110110001101101000011001010111011100100000011011110110001001
10011001110101011100110110001101100001011101000110100101101111011011100010
1110

Re: Note To All Members: Password Security

PostPosted: Wed Sep 14, 2011 11:06 pm

User avatar
Anubis
Site Admin
Posts: 4291
Joined: Thu Sep 02, 2004 10:13 pm
Location: The Unholy Realm
Contact:
Fenavian wrote:I just got that 'exceeded login attempts' message just a few minutes ago despite not logging in for like, four months or so. Hope this info helps. End of line.
That's more than likely an old trigger, saved up from one of the incidents a few months ago. I'll go through the logs though and take a look just incase, thanks for pointing it out Fen :)
"Perhaps this is what I have always wished for since that day. The loss and destruction of all. That's right, one must destroy before creating. In that case, if my conscience becomes a hindrance to me, then I will simply erase it. I have no other choice but to move forward....therefore!" - Lelouch vi Britannia/Zero, Code Geass: Hangyaku no Lelouch

Forever an eXile and proud of it!

Re: Note To All Members: Password Security

PostPosted: Thu Sep 15, 2011 11:33 pm

User avatar
Fenavian
Posts: 1164
Joined: Wed Sep 01, 2004 9:55 pm
Location: Here.
Logged out and in again. No problems this time.
01000101011100110110001101101000011001010111011100100000011011110110001001
10011001110101011100110110001101100001011101000110100101101111011011100010
1110

Return to “Members”