18 September 2013, 15:08 | #1 | |
Registered User
Join Date: Feb 2013
Location: Madrid, Spain
Posts: 16
|
Password attack on the board
I don't know if it's the right place to write this. I searched in the FAQs and the board and there is no specific place where we can report problems with the site.
Anyway I want to report that I received the following notification e-mail: Quote:
If the administrators need the IP I will give it to them |
|
18 September 2013, 18:02 | #2 |
Registered User
Join Date: Apr 2012
Location: Canada
Age: 44
Posts: 910
|
I had the same, it was a Russian IP.
|
18 September 2013, 20:10 | #3 |
Global Moderator
Join Date: Sep 2008
Location: Might as well be WORK :(
Age: 56
Posts: 4,110
|
Yes, we are aware of the problem of these attacks, however, once they have tried 5 failed times to access your account the IP is automatically blocked from logging in again.
RCK is in process of changing some board options to hopefully prevent this from happening We are working to prevent this, but if anyone else has had the same issue, please post here Oh, also giving the IP address of the attacker can also be helpful too, if you prefer to to keep private then PM one of the GM's instead EDIT: Also moved to the appropriate forum Also, my advice to anyone who is unsure of how secure their password is, should change it immediately making it a minimum of 8 characters containing a mixture of usable characters, some capitalised, and at least 1 number. Last edited by DH; 18 September 2013 at 20:53. |
18 September 2013, 23:35 | #4 |
Registered User
Join Date: May 2001
Location: ?
Posts: 19,645
|
Me too, russian IP.
|
19 September 2013, 00:28 | #5 |
Global Moderator
Join Date: Sep 2008
Location: Might as well be WORK :(
Age: 56
Posts: 4,110
|
So, it appears they are attempting to Hack in alphabetical order of sorts, as your usernames all start with the letter 'A'
Oh! And thanks Akira, it was your contact that made us aware of what was going on |
19 September 2013, 02:11 | #6 |
Jackie Chan
Join Date: Mar 2012
Location: Ireland
Age: 46
Posts: 985
|
yup russian ip, st petersburg. I changed my password.
|
19 September 2013, 03:08 | #7 |
Posts: n/a
|
Failed Login Notification on English Amiga Board
I have got this email 2 times in the last 2 days.
Do I need to be nervous The person is trying to login from the same IP address. /8bit ----------------START--------------- 19 September 2013 05:10 Dear 8bit, Someone has tried to log into your account on English Amiga Board with an incorrect password at least 5 times. This person has been prevented from attempting to login to your account for the next 15 minutes. The person trying to log into your account had the following IP address: 188.143.234.6 -----------------END---------------- |
19 September 2013, 04:39 | #8 | |
Junior Member
Join Date: Jan 2002
Location: PDX
Age: 62
Posts: 2,395
|
Quote:
Apparently there has been some attempts from a Russian IP block that has been causing this to occur, I read this in another thread somebody posted. |
|
19 September 2013, 08:06 | #9 |
Global Moderator
|
|
19 September 2013, 09:37 | #10 |
Registered User
Join Date: Nov 2009
Location: Blyth England
Age: 68
Posts: 786
|
Same here, here is the address that my attacker used. If this is not within the site rules please delete the link and good luck with keeping individuals like this one who is playing games away
|
19 September 2013, 11:22 | #11 |
Registered User
Join Date: Mar 2004
Location: finland
Posts: 1,837
|
% Abuse contact for '188.143.232.0 - 188.143.232.255' is 'abuse@pinspb.ru'
|
19 September 2013, 12:58 | #12 | |
PSPUAE DEV
|
Quote:
I get people from all over the world trying to hack my home server. Used abuse emails, but they do nothing. Thankfully, I haven't been hacked once in 5 years. I do get regular emails from apple, saying I have requested a new password. Apple didn't care, I was told to stop requesting new passwords. They seemed quite stupid. |
|
19 September 2013, 14:03 | #13 |
Global Moderator
Join Date: Sep 2008
Location: Might as well be WORK :(
Age: 56
Posts: 4,110
|
Threads have been merged from OT-General and have been placed above newer posts.
Post additions in the thread are from 8bit post #7, jmmijo post #8 & lilalurl post #9, if you would like to view them. |
19 September 2013, 18:46 | #14 |
Registered User
Join Date: Nov 2012
Location: Northampton
Posts: 25
|
I am getting the same
Same IP address on both the attacks my account has received:- 188.143.234.14 Last edited by adrianh78; 19 September 2013 at 18:53. |
19 September 2013, 18:53 | #15 |
Registered User
Join Date: Nov 2012
Location: Northampton
Posts: 25
|
Not to worry - sorted my password now
|
19 September 2013, 19:38 | #16 |
Global Moderator
Join Date: Sep 2008
Location: Might as well be WORK :(
Age: 56
Posts: 4,110
|
RCK has blacklisted some of the IP ranges, so hopefully now, we won't be getting this insane password hacking attempts from .ru
But please, if you are still being bothered by any new attempts/attacks, with different IP's from .ru, please post them here. EDIT: Although we can't blacklist every single range, it's really impossible, I have double checked for IP's covering the ranges that have been or will be blacklisted, and they don't effect anybody within EAB. Also, these IP's are reported as having no host, which in all honesty, I doubt any regular users from St. Petersburg will be effected. Last edited by DH; 19 September 2013 at 21:18. |
19 September 2013, 22:00 | #17 | |
PSPUAE DEV
|
Quote:
The only problem with black listing, is if there is a proper user on a ip sharing isp. Then they get blocked too, . |
|
19 September 2013, 22:14 | #18 |
Registered User
Join Date: Jun 2002
Location: .
Age: 48
Posts: 5,562
|
As a curiosity, what's the purpose of such attacks? I mean, if after 5 attempts the user is notified and the IP blocked to further retry for an amount of time, the method seems unpractical.
So what happens? The hacker pass to the next name on the list using a list of passwords o the same five password ever and ever until one fits? The probabilities look very few that he would ever get a positive... And if he does, what, he has simply access to the EAB account of a member? |
19 September 2013, 22:24 | #19 | |
Global Moderator
Join Date: Aug 2008
Location: Sidcup, England
Posts: 10,300
|
Quote:
Emails can give clues about name and address, bank and credit card account details, other passwords, etc... |
|
19 September 2013, 23:01 | #20 |
PSPUAE DEV
|
Its also very hard to stop it, as they could use proxy's.
Had this happen a few times on my site after blocking their ip's. |
Currently Active Users Viewing This Thread: 1 (0 members and 1 guests) | |
Thread Tools | |
Similar Threads | ||||
Thread | Thread Starter | Forum | Replies | Last Post |
seed of darkness password | mike4466 | support.Games | 2 | 30 June 2011 12:29 |
Boing Bag 2 password? | GreenMeanie | support.Apps | 37 | 02 April 2008 04:10 |
Money Matters 4 Password? | Mag1c1an | support.Apps | 0 | 29 June 2006 18:54 |
Forgot password :o( | Pete | support.Apps | 3 | 30 December 2004 21:20 |
Password protection in Breathless? | Tim Janssen | support.Games | 3 | 31 May 2002 09:30 |
|
|