Merrioc

what do you use to protect vs brute force and password sharing?

Pennywize?
STH?
other?

$5 submissions

Pennywize seems to be the most used.

__________________

pennywize_v3

hi Merrioc

If you would like to try Pennywize free, just jump on the website and sign up. Give me a yell and i'll make sure one of my tech guys does the installation for you ASAP.

Thanks,


Steve

goBigtime

MemLogin from Paysite Powertools and iProtect

Trax

proxypass seems to be one of the best

FireFoz

I buillt my own, its the best
(see sig)

__________________

badseed

Hi, I emailed you twice asking for a trail and got no answer about two weeks ago.

__________________
SIG TOO BIG! Maximum 120x60 button and no more than 3 text lines of DEFAULT SIZE and COLOR. Unless your sig is for a GFY top banner sponsor, then you may use a 624x80 instead of a 120x60.

fsfaz

Check out iprotect. It's pretty cool. Lots of features.

Compiles directly into Apache and you don't get charged on a per member basis. The license also allows use on multiple servers.

http://www.digital-concepts.net/cgi-iprotect.html


Well worth it.

raymor

Strongbox is a whole new approach that is WAY above and beyond
anything like Pennywize.
Not only does it keep the hurlers from getting in, but it discourages
them from even continueing the attack and slowing your server.
It protects from hurlers (brute force attacks), password sites, and various
other evils.
Unlike PennyWize, Password Sentry, or other old fashioned approaches,
Strongbox is 100% compatible with the latest versions of Microsoft Media
Player.
All that, and the price is definitely right.
Several of the well know members of this board, TLA's, and
GFY use it on all of their pay sites and swear by it.

For more information, see:
http://webmastersguide.com/?htaccess-cgi/strongbox/

__________________
For historical display only. This information is not current:
support@bettercgi.com ICQ 7208627
Strongbox - The next generation in site security
Throttlebox - The next generation in bandwidth control
Clonebox - Backup and disaster recovery on steroids

liquidmoe

Mostly I see people using Pennywize although iprot is also getting a few more users these days.

__________________

Take Luck!

Heather Hamptons

Password Sentry all the way!

__________________
SIG TOO BIG! Maximum 120x60 button and no more than 3 text lines of DEFAULT SIZE and COLOR. Unless your sig is for a GFY top banner sponsor, then you may use a 624x80 instead of a 120x60.

SoundMan

i see this posted every week or 2..

alan-l

We used Pennywize for our sites, very good stuff, nothing bad to say about it, but now we use our own protection

oyvind

I run sites like http://www.hegre-archives.com and http://www.galitsin-archives.com and they are under constant brute force attacks. I have tried all the programs out there and there is no doubt about which one is the best....its proxypass

look here:
http://www.proxypass.com/

the problem with the other once...including pennywize is that they are to slow to stop the heavy attacks before the server(s) goes red and the surfers gets pissed. Before i started using proxypass hackers managed to halt the servers many times....after proxypass....it has never happened :-)

...and one more thing...proxypass works perfect with load balanced systems

codymc12

pamphage

galitsin

__________________
SIG TOO BIG! Maximum 120x60 button and no more than 3 text lines of DEFAULT SIZE and COLOR.
Unless your sig is for a GFY top banner sponsor, you may use a 624x80 instead of a 120x60.
Let me repeat... A 120 x 60 button and no more that 3 lines of DEFAULT SIZE AND COLOR text.

myneid

personally, i have written my own custom mod_perl module to do authentication and i handle this stuff in there with mysql tables.

if you are looking something to stop heavy load there is this great product you can buy which is a hardware box that will stop the hit from hitting your server like a firewall. its very advanced and very awsome.

its called v-secure netprotect vrom arces

www.arces.com

__________________
Tanguy 0x7a69 inc. Programmer/President/CEO
http://www.0x7a69.com
A Leader in Programming since 1996
PHP, Ruby on Rails, MySQL, PCI DSS, and any Technical Consulting

spooky181

I use pennywize for my paysite and program...

DeadFidel

Virtual solution's Sentry!

Alex Xe

We create own protect software.
If you have programmer in team, it will do it in 2 days maximum.

WankTank

I think im going to go with pennywize when I get my paysite up.
But we'll see.

__________________

NudeCelebHound.com - $20 per FREE signup!
100 page Free Hosted Site
ICQ - 230714394, Email - [email protected]

Merrioc

tried pennywize
um great product does the jobs, waste my traffic. I want more control based on the user name what I do with it (IE known password list thats prolific redirect, common AOLer let me unban bruteforce redirect to all over the place ) can't do that with your product.



I tried "stop that hacker" hated it cause it deleted the user and pass from the .htpasswd file, which sucked when it was someone on an AOL proxy.

wrote my own... got the password sharing stopped nicely plus I utalize the traffic rather then just going to a block page.

bruteforce, use an apache mod, but I may be looking for a custom solution from someone.

thanx for all the feedback at least I know I'm on the right track

proust

As a strongbox user i'd recommend it to anyone.
Strongbox rules!
Instead of vulnerable patch ups, strongbox throws in a unique crypto solution which identifies 'bad folk' and takes action accordingly.
It runs on your own server, no montly fees and cool reports!
'Brute force attacks' , 'password sharing' , "referer spoofing" , 'slurping' , "attacks from open proxies" , you name it ,it aint hurting me!

Dennis69

Totally Agree! Great Script! Great Guy

jovigirl

exactly
www.pregnantschool.com/members/

__________________
ICQ :333-548-380