Register Members List Search Today's Posts Mark Forums Read

Closed Thread
 
Thread Tools
  #76  
Old 04 Feb 2013, 14:29
Antonio Pereira Antonio Pereira is offline
 
Join Date: Sep 2007
Same Problem here:

Your account on vBulletin.org Forum has been locked because someone has tried to log into the account with the wrong password more than 5 times. You will be able to attempt to log in again in another 15 minutes.
134.181.130.86
81.169.135.82
202.228.204.224
207.158.26.16
103.246.145.184
177.70.8.162
195.69.191.204
125.216.144.199

If the people enter here the IPs ,maybe you can ban in the firewall server.
  #77  
Old 04 Feb 2013, 22:10
moreno moreno is offline
 
Join Date: Feb 2007
Same here, brute force from following IPs:
180.244.193.110
218.107.193.59
186.90.153.5
77.37.168.32
109.185.118.156
202.51.226.140
218.28.254.242
141.170.239.132
212.175.88.3
124.240.187.81
202.46.85.107
190.207.185.188
112.133.201.70
203.223.47.206
78.38.30.146
91.232.102.134

Blocking IPs will not help, you should set locking accounts based on username attempts, not IPs.
  #78  
Old 05 Feb 2013, 02:24
Azucar Azucar is offline
 
Join Date: Dec 2008
Originally Posted by BigAl205 View Post
Oh, OK...seems like hiding the member list to the public would be a nice first step.
Ditto.

Got 12 emails myself. These are the IPs:

112.133.201.70
190.207.185.188
182.48.107.219
59.60.7.146
91.98.128.97
180.244.193.110
124.160.104.132
80.250.35.180
124.240.187.81
183.61.244.47
218.107.193.59
124.129.30.74
  #79  
Old 05 Feb 2013, 02:37
b6gm6n's Avatar
b6gm6n b6gm6n is offline
 
Join Date: Aug 2002
Real name: Ant
I got the same, I thought I'd come here to find this thread...

It seems to me that some one/group has been sold a database of 'older' user names & password combinations for various sites/forums etc... most likely gleaned some years ago due to past hacks, key-loggers, infected email accounts and probably a raft of other exploits which all exact the same purpose... to ultimately fund organized crime through spamming which results in revenue generation sadly, they just don't want to sell you sex-aids and cheap trainers and then live a life of access themselves... there's a reason to the madness, it's prevalent and widespread and it's organized, racketeering bodies are sold on databases of such information over and over, year in year out.. the older they get the more useless they become (and cheaper to the gangs) so they take the data and do a sweep to see what falls... any monies made go's back to the source, in years past it was drug trafficking and such & such.. today the internet and such data the public pass through their keyboards is used both commercially by the sites themselves and illegally by criminals if they can get at it... you've all heard of the high-profile attacks on 'steam' accounts for example... well guess what happens to all those accounts? yup that's it... sold on and used not right away but some years later... they'll be due to pop-up soon... i think this round of attacks shows that either the vb.org database was compromised some years back and no-one told you about it... or it's just a collection for username/password combos from an older collection of data... so all of us in this thread is on some kind of older database being sold on to gullible new gangs in the hope of making some illicit funds, i bet it wasn't just vb that was hit recently...

oh and twitter was hacked, apparently... tell you what, that's old data again... old account longs since setup lost to a gang, ripe for spamming and making some money from... all go's back to the same people... Kim Dotcom or whatever he calls himself these days made a million or 20 out of hosting ripped off content... he didn't make that kinda money selling space to students making maps for games or for people to hold their music files online... no, it was rife piracy... he still has lots on the boil... they hack the sites, share the content amount the higher echelons of their content-mules then dish it out multiple times across many forums... all going back to a pay download option...

anyhew if you have an older account... bet you had a little bit-tickle recently... silly sods.
  #80  
Old 05 Feb 2013, 07:19
cellarius's Avatar
cellarius cellarius is offline
 
Join Date: Aug 2005
Real name: Sven
Sorry, that's pretty much nonsense and backed up by nothing, just silly speculation. You don't need a database to do such a brute force attempt, you just harvest usernames either from the userlist or the posts and throw those usernames at the login form.
__________________
Please note that there will be no further updates to my addons, especially they will not be upgraded for vB5. I'm leaving vB, since IB choose to go the banana-way yet again.

http://www.roma-antiqua.de
  #81  
Old 05 Feb 2013, 16:07
b6gm6n's Avatar
b6gm6n b6gm6n is offline
 
Join Date: Aug 2002
Real name: Ant
Originally Posted by cellarius View Post
Sorry, that's pretty much nonsense and backed up by nothing, just silly speculation. You don't need a database to do such a brute force attempt, you just harvest usernames either from the userlist or the posts and throw those usernames at the login form.
"Sorry, that's pretty much nonsense and backed up by nothing"

be well.
  #82  
Old 06 Feb 2013, 07:15
cellarius's Avatar
cellarius cellarius is offline
 
Join Date: Aug 2005
Real name: Sven
You are the one claiming vb.org was hacked at some time in the past and the database stolen. You back that up by nothing, and you can't explain why the much simpler method everyone else in this thread assumes won't work. So...
__________________
Please note that there will be no further updates to my addons, especially they will not be upgraded for vB5. I'm leaving vB, since IB choose to go the banana-way yet again.

http://www.roma-antiqua.de
  #83  
Old 06 Feb 2013, 08:36
Simon Lloyd's Avatar
Simon Lloyd Simon Lloyd is offline
 
Join Date: Aug 2008
Real name: Simon
The fact that they are doing it in alphabetical order proves that they are scanning the members list as the database, if it was stolen, is not automatically in alphabetical order but in order of userid.

It's as simple as that, pretty soon they'll be through the entire list and all this will be forgotten, if you want advice, change your password to something strong and they wont get anywhere with their 5 attempts per ip.
__________________
Kind regards,
Simon Microsoft Office Help
My Mods: Find my modifications here
Please do not pm me for support unless i have invited you to!
  #84  
Old 06 Feb 2013, 14:50
mykkal's Avatar
mykkal mykkal is offline
 
Join Date: May 2007
Real name: Mike McKoy
Originally Posted by Simon Lloyd View Post
The fact that they are doing it in alphabetical order proves that they are scanning the members list as the database, if it was stolen, is not automatically in alphabetical order but in order of userid.

It's as simple as that, pretty soon they'll be through the entire list and all this will be forgotten, if you want advice, change your password to something strong and they wont get anywhere with their 5 attempts per ip.
That actually depends on 'preferences', sort options, and how the data is exported. It could be a custom script. So even if it downloads in alphabetical order by username they could still resort by USERID.

Just my opinion but your accusation could have a lot of simpler truths. I don't think thats evidence of stealing.

Whenever I export data I almost always have to manipulate it. It's never in the form I need it to be at export.
__________________
Casting Calls for Models, Actors, And Other Talent
http://MyModelTalk.com
  #85  
Old 06 Feb 2013, 14:56
kh99 kh99 is offline
 
Join Date: Aug 2009
Real name: Kevin
Well, as cellarius pointed out, if someone had stolen the database the thing to do would be to use the hashed passwords and salt values to try to crack the passwords on a local computer. Using a stolen database just to get the usernames for a brute force attack over the net would be pretty stupid (but, well, I suppose there are people like that around).

Edit: but of course the point is that there's no reason to think they have access to the database, since it can easily be done with the member list.

Last edited by kh99; 06 Feb 2013 at 16:37.
  #86  
Old 06 Feb 2013, 15:01
mykkal's Avatar
mykkal mykkal is offline
 
Join Date: May 2007
Real name: Mike McKoy
Cool

Cosign...

Originally Posted by kh99 View Post
Well, as cellarius pointed out, if someone had stolen the database the thing to do would be to use the hashed passwords and salt values to try to crack the passwords on a local computer. Using a stolen database just to get the usernames for a brute force attack would be pretty stupid (but, well, I suppose there are people like that around).
--------------- Added 06 Feb 2013 at 15:17 ---------------

brute force is an attempt to login...Not the aftermath of data stolen. If someone had the data they could just clone the site, login, and do whatever without fear of being caught.

I don't think brute force should be by username but by IP because the intruder is foreign and blocking by username would lock out the legitimate user. Just create a strong password and that is enough. Mixed with symbols, numbers, and letters a strong password would take until infinity to crack. That's totally safe.
__________________
Casting Calls for Models, Actors, And Other Talent
http://MyModelTalk.com

Last edited by mykkal; 06 Feb 2013 at 15:18.
  #87  
Old 06 Feb 2013, 16:24
Paul M's Avatar
Paul M Paul M is offline
 
Join Date: Sep 2004
Real name: Paul M
No one has stolen any data. Thats enough of such nonsense, any more such ridiculous posts will be removed. Stick to the topic and facts, not wild imagination.
__________________
Former vBulletin.org Staff Member


Cable Forum
Please do not PM me about custom work - I no longer undertake any.
Note: I will not answer support questions via e-mail or PM - please use the relevant thread or forum.
  #88  
Old 06 Feb 2013, 17:07
Simon Lloyd's Avatar
Simon Lloyd Simon Lloyd is offline
 
Join Date: Aug 2008
Real name: Simon
@Paul M, do you not think this thread has run its course now?
__________________
Kind regards,
Simon Microsoft Office Help
My Mods: Find my modifications here
Please do not pm me for support unless i have invited you to!
  #89  
Old 06 Feb 2013, 17:10
mykkal's Avatar
mykkal mykkal is offline
 
Join Date: May 2007
Real name: Mike McKoy
it should be closed.
__________________
Casting Calls for Models, Actors, And Other Talent
http://MyModelTalk.com
  #90  
Old 06 Feb 2013, 17:16
ForceHSS's Avatar
ForceHSS ForceHSS is offline
 
Join Date: Apr 2008
Agree close this, it should of been closed a long time ago
Closed Thread



Currently Active Users Viewing This Thread: 1 (0 members and 1 guests)
 
Thread Tools

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off


New To Site? Need Help?

All times are GMT. The time now is 20:35.

Layout Options | Width: Wide Color: