Likes Likes:  18
Dislikes Dislikes:  0
ELITE ELITE:  4
Page 1 of 2 12 LastLast
Results 1 to 10 of 15

Thread: Quit trying to log into my account! I'm not dead!

  1. #1
    Join Date
    Apr 2011
    Posts
    424
    Post Thanks / Like

    Default Quit trying to log into my account! I'm not dead!

    I don't log in for a couple of months -- I couldn't or wasn't allowed to ride for a while -- and I suddenly get a message:

    Failed Login Notification on Washington Area Bike Forum

    Someone has tried to log into your account on Washington Area Bike Forum with an incorrect password at least 5 times. This person has been prevented from attempting tologin to your account for the next 15 minutes.

    The person trying to log into your account had the followingIP address: 188.143.232.144

    My first thought was who wants to log in as an old, slow, fat guy? (Personally, I blame Certifried, since he probably got caught trying to blame me for something and it was right after I was forced to shave off the beard, so I didn't look like his evil twin.)

    I didn't have a heart attack. I woke up after surgery. I wasn't paralyzed. All that matters is I am back on the bike as if nothing happened.

  2. #2
    Join Date
    Feb 2010
    Location
    Falls Church
    Posts
    4,472
    Post Thanks / Like

    Default

    Welcome back, numeric one.

  3. #3
    rcannon100's Avatar
    rcannon100 is online now Puppies! Puppies! Puppies! Puppies! Puppies!
    Join Date
    Sep 2011
    Location
    "a minefield of dumb games and social cliques badly disguised as a forum for DC bike advocacy."
    Posts
    4,464
    Post Thanks / Like

    Default

    Quote Originally Posted by 5555624 View Post
    The person trying to log into your account had the followingIP address: 188.143.232.144[/INDENT]
    I got bad news for you.... well for Tim. That IP number is from the Russian Federation, Petersburg Internet Network ltd. That was a hack attack on the forum.

    Tim, if you can do it, you might try to turn on IP address filtering - and block IP addresses from... say.... Russia. (not sure if that is a feature in this software).

  4. #4
    Join Date
    Dec 2010
    Location
    Columbia Heights, DC
    Posts
    4,195
    Post Thanks / Like

    Default

    On the other hand, if your hacker isn't smart enough to spoof his IP, he's probably not hacking the forum.

  5. #5
    Join Date
    Jun 2011
    Posts
    4,274
    Post Thanks / Like

    Default

    Quote Originally Posted by jrenaut View Post
    On the other hand, if your hacker isn't smart enough to spoof his IP, he's probably not hacking the forum.
    1) IP spoofing doesn't really work like that
    2) There's no guarantee that IP actually belongs to an attacker
    3) Why would an attacker take additional steps if they aren't necessary for success?

  6. #6
    Join Date
    Dec 2010
    Location
    Columbia Heights, DC
    Posts
    4,195
    Post Thanks / Like

    Default

    My point was that blocking a range of IP addresses isn't likely to stop anyone who was likely to be successful in the first place, and I don't like the idea of blocking large countries or regions from the forum just because some a**hats think it's fun to hack websites.

  7. #7
    Join Date
    Oct 2012
    Location
    Ballston
    Posts
    586
    Post Thanks / Like

    Default

    Maybe Ovechkin was trying to reconnect after heading back to Mother Russia?

  8. #8
    rcannon100's Avatar
    rcannon100 is online now Puppies! Puppies! Puppies! Puppies! Puppies!
    Join Date
    Sep 2011
    Location
    "a minefield of dumb games and social cliques badly disguised as a forum for DC bike advocacy."
    Posts
    4,464
    Post Thanks / Like

    Default

    Dont lock your house; they will just bust down the door.
    Hackers, particularly the Russians, its an industry by now. That have large groups of people who are employed to probe for vulnerabilities. It's piece meal work. This hacker came to this forum, identified accounts that are inactive and therefore would not rise suspicion - and then pounded on the door. Most likely this wasnt the only account that was pounded on (Tim may have logs that can confirm that).

    For the hack to work, the IP address could not be spoofed. The hacker had to receive a return message to know whether the hack worked and the hacker was in. The hacker could have gone through a proxy (or a zombie), but the IP number pretty much had to be real.

    Cybersecurity is much like any form of security. Perfect security is difficult. You are simply making it more expensive to come in your door than the next guys door. When the next guy is an easier target, that's where the dark hat will go.

    As for blocking Russia.... really? This is a local bike forum. What possible difference would it make. We can balance someone in Leningrad know about the Third Thursday Happy Hour against securing the forum from spam. I think the math is simple.
    Last edited by rcannon100; 05-16-2013 at 07:28 AM.

  9. #9
    Join Date
    Feb 2013
    Posts
    407
    Post Thanks / Like

    Default

    FWIW: I got the same email last night.

    "Dear 83(b),

    Someone has tried to log into your account on Washington Area Bike Forum with an incorrect password at least 5 times. This person has been prevented from attempting to login to your account for the next 15 minutes.

    The person trying to log into your account had the following IP address: 188.143.232.144

    All the best,
    Washington Area Bike Forum"

  10. #10
    Join Date
    Dec 2009
    Location
    Baltimore
    Posts
    304
    Post Thanks / Like

    Default

    This is the third unsuccessful attempt, that we know of, to log into a forum member's account. As far as we know, there have been no successful attempts, and no damage done. If anyone receives a message like the one 5555624 quoted to start this thread, please forward to info@bikearlington.com. We will block the specific IP that was used in the attempt. I don't know if it will help -- many of the hackers we deal with apparently have access to all the IP addresses they need. I'll block this one now, and do some research today into why this might be happening.

Bookmarks

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •