GoFuckYourself.com - Adult Webmaster Forum
Page 2 of 2 < 1 2
Show 40 post(s) from this thread on one page

GoFuckYourself.com - Adult Webmaster Forum (https://gfy.com/index.php)
-   Fucking Around & Business Discussion (https://gfy.com/forumdisplay.php?f=26)
-   -   Possible solution to brute force password hacking our member area's (code inside) (https://gfy.com/showthread.php?t=79852)

cat 11-15-2002 03:02 AM
hi Boys,

Boldy is ill, he soon will be back again.

Backov 11-15-2002 03:20 AM
Quote:
Originally posted by Dragon Curve


Uhm, I'd like to see on their page where it says they use a database of proxies.
http://www.proxypass.com/ppass.php?page=solutions

Reading est good. Comprehending is better.

strainer 11-15-2002 09:02 AM
Quote:
Originally posted by Dragon Curve


Note that that won't give you a 10%. For all you know you could get RandomValue equaling 10 every single time. Unlikely, but possible. Doesn't really matter tho.
Actually it does work perfectly; I have tested it. Once seeded and started, a proper working random generator like this will indeed produce a 10 almost precisely 10% of the time.

That doesn't mean that SOMETIMES you won't get 2 10's in a row, but after a million runs you will have 100,000 10's, evenly distributed across the bell curve.

boldy 11-15-2002 11:38 AM
Nice stuff guys! Ill implement the 10% thingie to ...

PxG 11-15-2002 12:51 PM
Quote:
Originally posted by Dragon Curve
ProxyPass - doesn't sound like a very good idea to me. Obviously this will be checking for open 80/8080/1080 or what not ports on the incoming host. This poses many problems. For starters, clearly you need a timeout to verify the ports are open/closed. This will drastically slow down your response time for servers which I wouldn't consider a good thing AT ALL especially in this industry.

Secondly, if it were just open ports, then that's a very poor method of checking if the server is an open proxy (I doubt it would be done like this). Some sort of verification (especially for port 80) would have to be done - again, taking x amount of time to do.

"(4) Detection and denial of requests from multiple (non-proxy) IP addresses sending high numbers of unsuccessful authentication requests for the same username. This implies a distributed network attack."

I would very much like to know how you could ever possibly hope to protect against something like that and not give users downtime.

"In addition, the authentication portions of Apache were written in relatively poor manner. "

I'd like to see info that could back that up =P

There is no real protection against brute force attacks like this that I can see that will guarantee your users uptime.
Please Get Educated about our product. Here's a link to oue technical FAQ:!
http://www.proxypass.com/docs/proxypass_tech_faq.pdf

:thumbsup

Best regards,
PxG

boldy 12-08-2002 04:06 AM
For those who are interested i've add that 10% thingie to my 401.php

http://www.kimhollandcash.com/401.txt

:thumbsup

goBigtime 12-08-2002 04:13 AM
For bruteforce protection/deterrance we use MemLogin
(available from PaysitePowertools.com )

and use Iprotect (an apache module) for password abuse - though iprotect doesn't help much against proxy based attacks.

Memlogin basically hides the real members URL from everyone except you & your members. If you set things up properly you won't ever be bothered by bruteforce traffic spikes again =]

boldy 02-10-2003 05:26 PM
*bruteforce night bump*


All times are GMT -7. The time now is 03:14 PM.
Page 2 of 2 < 1 2
Show 40 post(s) from this thread on one page

Powered by vBulletin® Version 3.8.8
Copyright ©2000 - 2025, vBulletin Solutions, Inc.
©2000-, AI Media Network Inc123