GoFuckYourself.com - Adult Webmaster Forum - View Single Post

Libertine · 10-15-2002, 05:59 PM

One thing you can do to annoy the cracker is mix in a few 202's every once in a while instead of just 403's (while not granting access ofcourse). That way, he might think he has succeeded in cracking the site, while in reality he has non-existent user/pass combos. The least thing it does is make it a lot harder for the cracker to find the 'good ones' if he catches those.

I know from experience how easy it is to get a list of 70k+ working proxies and a cracking program to go along with it. 70k attempts is most often enough to get in with non-random user/pass combos (people are predictable).

Also a good idea would be to block users from getting usernames or passwords that can be found in wordlists. Just requires you to update often...

10-15-2002, 05:59 PM
Libertine sex dwarf Join Date: May 2002 Posts: 17,860	One thing you can do to annoy the cracker is mix in a few 202's every once in a while instead of just 403's (while not granting access ofcourse). That way, he might think he has succeeded in cracking the site, while in reality he has non-existent user/pass combos. The least thing it does is make it a lot harder for the cracker to find the 'good ones' if he catches those. I know from experience how easy it is to get a list of 70k+ working proxies and a cracking program to go along with it. 70k attempts is most often enough to get in with non-random user/pass combos (people are predictable). Also a good idea would be to block users from getting usernames or passwords that can be found in wordlists. Just requires you to update often... __________________ /(bb\|[^b]{2})/