Quote:
Originally Posted by Qomomoko
on another forum i am in .. a new user ( with one post) wrote the following..
Sorry if this is in the wrong place.
I received an automated email stating that there were failed attempts
to log in under my user name.
the IP Address 120.202.249.205
This address is linked to multiple fourm attacks and is from China.
Blocking the upstream servers would be advisable. Thank you.
name is Xoy geha from New Mexico, Las Cruces...
one post and putting that up on that other forum..
i'll be changing my password soon..
|
There are other reports of this on the main vbulletin forum. All of the IP addresses coming through on these are completely different, each time. There isn't an easy (or a hard) way to simply block the bad guys here, without blocking the ability of all users to be able to log in as normal. The 5-time lockout for 15 minutes is a relatively effective control to keep people from guessing forever. For a relatively strong password, random guessing 5 times every 15 minutes would take millions of years based on random chance. Of course if the password is more easily guessable (same as username, used on many sites and compromised elsewhere, "password123", etc.), people can certainly have their accounts taken over by this.