![]() |
![]() |
![]() |
||||
Welcome to the GoFuckYourself.com - Adult Webmaster Forum forums. You are currently viewing our boards as a guest which gives you limited access to view most discussions and access our other features. By joining our free community you will have access to post topics, communicate privately with other members (PM), respond to polls, upload content and access many other special features. Registration is fast, simple and absolutely free so please, join our community today! If you have any problems with the registration process or your account login, please contact us. |
![]() ![]() |
|
Discuss what's fucking going on, and which programs are best and worst. One-time "program" announcements from "established" webmasters are allowed. |
|
Thread Tools |
![]() |
#1 |
Registered User
Join Date: Oct 2002
Location: Adelaide, Australia
Posts: 59
|
Protectiong against password traders.
Hi everyone,
I am really happy to be a part of this board. The discussion are always interesthing and it's one of the most open and friendly board I have seen. I just bought my first paysite lately and was looking into some password protection program to make sure my member zone is secure. I came across Password Sentry which seems really good. Anyone here use it, and have some comments to share ? ![]() Thanks. Jon |
![]() |
![]() ![]() ![]() ![]() ![]() |
![]() |
#2 |
Registered User
Join Date: Sep 2002
Location: -
Posts: 500
|
That program might be good but Pennywize is some kickass software, I just updated to there new version and it works perfectly. Deleted 5 passes first day, 13 the next day and 3 today. I have lots of members
![]() www.pennywize.com Sammy |
![]() |
![]() ![]() ![]() ![]() ![]() |
![]() |
#3 |
Confirmed User
Industry Role:
Join Date: Feb 2002
Posts: 205
|
Sammy,
I'm just wondering whats causing all these members to be deleted? It seems to be a large amount, whats your ?threshold? of IP addresses set at ? |
![]() |
![]() ![]() ![]() ![]() ![]() |
![]() |
#4 | |
Confirmed User
Join Date: Jul 2002
Location: Crankerville
Posts: 1,003
|
Quote:
|
|
![]() |
![]() ![]() ![]() ![]() ![]() |
![]() |
#5 |
Confirmed User
Join Date: Oct 2002
Location: Texas
Posts: 310
|
HAR!
![]() ![]() ![]() |
![]() |
![]() ![]() ![]() ![]() ![]() |
![]() |
#6 |
Confirmed User
Join Date: Apr 2002
Location: Club Drunk
Posts: 2,734
|
proxypass works good i hear
__________________
SIGS ARE GAY 98055668 icq |
![]() |
![]() ![]() ![]() ![]() ![]() |
![]() |
#7 |
Registered User
Join Date: Oct 2002
Location: Adelaide, Australia
Posts: 59
|
Thanks Sambuka, I had a look at Pennywise also. It seemed good, but I so far I had my eyes more on Password Sentry. But Pennywise seems really good also, I guess I'll decide based on the feedback I get here.
So far people seem to be using other programs. Thanks Drunk dollars, I'll check that one out, haven't heard of it as much. Shark as I can see you have some experiences with that kind of program, which one do you use ? What threshold of IP adresses would you be setting usually ? HAHAHAHA Spoonie Luv, you just prove to me that I am going to be part of this board much more from now on. It's things like that which make it so interesthing, interraction, teasing, and no-hold barred subject. Thanks for these quick reply, more more... ![]() Jon |
![]() |
![]() ![]() ![]() ![]() ![]() |
![]() |
#8 |
Confirmed User
Join Date: Jun 2002
Location: My Coffin
Posts: 1,227
|
Stop That Hacker works great! http://www.stopthathacker.com
Plus it's on sale right now. Hugs, Danielle |
![]() |
![]() ![]() ![]() ![]() ![]() |
![]() |
#9 |
Confirmed User
Join Date: Sep 2002
Posts: 3,626
|
i've used both packages, and have to say that pw sentry is tops in our book... aside from weirdness we've experienced w/ pennywize (crashing scripts, etc.) pw sentry is a much more solid solution we have found. dan will even install and tweak it on your server for you free of charge, and has never taken more than 8 hours to respond to any inquiries from us... when we emailed pennywize for support, it was over 30 hours before we even received a cursory response... ymmv, but i doubt it... pw sentry rocks all around..
|
![]() |
![]() ![]() ![]() ![]() ![]() |
![]() |
#10 |
Confirmed User
Industry Role:
Join Date: Sep 2002
Location: California
Posts: 1,187
|
Before you go signing up for a monthly service take a look at Bot Buster. We put this up on 10 sites and it works like a dream. Full control of IP addresses passwords members. I havent seen anything as good at the price.
Oh you can buy this for each site for around $150 per site thats around 3 monthly payments for these other programs? ![]() http://www.botbuster.com |
![]() |
![]() ![]() ![]() ![]() ![]() |
![]() |
#11 |
Confirmed User
Industry Role:
Join Date: Aug 2002
Location: Qc
Posts: 3,006
|
Password Sentry or Pennywize ?
Hummmmmmmm Pixhell |
![]() |
![]() ![]() ![]() ![]() ![]() |
![]() |
#12 |
Confirmed User
Join Date: Sep 2002
Posts: 3,626
|
pw sentry does not have a monthly charge like pennywize does, it is a one-time payment..
|
![]() |
![]() ![]() ![]() ![]() ![]() |
![]() |
#13 |
Confirmed User
Industry Role:
Join Date: Aug 2002
Location: Qc
Posts: 3,006
|
Yes, good point chupacabra !
Password Sentry = 2 Pennywize = 1 BotBusters = 1 Stop That Hacker = 1 Pixhell |
![]() |
![]() ![]() ![]() ![]() ![]() |
![]() |
#14 |
Confirmed User
Join Date: Feb 2002
Location: Somewhere
Posts: 5,859
|
I use monster script/sentry for all my sites
![]() |
![]() |
![]() ![]() ![]() ![]() ![]() |
![]() |
#15 |
Confirmed User
Industry Role:
Join Date: Aug 2002
Location: Qc
Posts: 3,006
|
Thanks for you reply sweetcuties.
Password Sentry = 3 Pennywize = 1 BotBusters = 1 Stop That Hacker = 1 Pixhell |
![]() |
![]() ![]() ![]() ![]() ![]() |
![]() |
#16 |
Confirmed User
Join Date: Oct 2002
Posts: 159
|
I use password sentry and it works great.
|
![]() |
![]() ![]() ![]() ![]() ![]() |
![]() |
#17 |
Registered User
Join Date: Oct 2002
Location: Adelaide, Australia
Posts: 59
|
Thanks for all your reply,
look like password sentry got a good reputation. Thanks for all your recommendation, I like the one-off payment, and if it does the same as all the other, then it will be a good deal. Thanks Jon |
![]() |
![]() ![]() ![]() ![]() ![]() |
![]() |
#18 |
Confirmed User
Join Date: Aug 2002
Location: Atlanta
Posts: 936
|
Whatever you get, make sure that it also stops brute force attacks. A brute force attack run from a fast connection will bring your server to it's knees.
I don't see anything about preventing brute force attack prevention on Password Sentry's site (doesn't mean that it doesn't do it though) Most of our customers use Pennywize and are quite pleased with it. Their support sucks, but for our customers, that's not a problem because WE handle all the Pennywize support for our customer sites. Another good one is IProtect. It's an apache module so it runs cleaner than a PERL script. Has less features than Pennywize though. Iprotect can be seen at http://www.digital-concepts.net/cgi-iprotect.html. They are extremely slow at answering their email though...
__________________
National Net Hosting. Handled. See our new line of inexpensive Dedicated Servers | Cabinets starting at $795 | CDN [email protected] | 888-4-NATNET | www.nationalnet.com |
![]() |
![]() ![]() ![]() ![]() ![]() |
![]() |
#19 |
Confirmed User
Join Date: May 2002
Location: Doesn't matter, I'm not buying you another pint!
Posts: 1,511
|
Use them to your advantage! Redirect the username in
you .htaccess to a pay per click program. |
![]() |
![]() ![]() ![]() ![]() ![]() |
![]() |
#20 |
Registered User
Join Date: Oct 2002
Location: Adelaide, Australia
Posts: 59
|
Thank you again everyone.
LBBV you just mentionned something that I heard from Pennywise also, about preventing Brute Force. Look like this is an imprtant issue in my decision. However, when I asked Password Sentry I get an answer saying that they don't provide protection against directory/brut force attacks. That they did before but found that such CGI-Perl based strategies were flawed, that it made the web server crash during intense attacks - especially when the cracker ("password guesser") spoofs (fakes) their IP address (often rotating through IPs every 3-5 guesses). And that in this case it's also uneffective because their program just switch IP constantly. But they say that you can use other server-friendly strategies. Also that you might even end up blocking good users or traffic that use IP's which varies dynamically. (AOL ect..) So now I am probably more mess-up than before, but at less I start to understand better. What are peoples toughts on that? With ot without Brutal Force protection ? Thanks again to everyone. Jon |
![]() |
![]() ![]() ![]() ![]() ![]() |
![]() |
#21 |
Confirmed User
Join Date: Mar 2002
Posts: 502
|
Jon, definitely brute force protection. There is a way of how to recognize a legitimate proxy (like AOL, etc.).
BTW if anyone is interested, we are finishing up our own system - http://www.passprotector.com which combines a member area protection with a member are management (adding/removing members, etc.). All the software has been tested for the last two months on all our sites (http://everycent.com) with excellent results... I will save more info for the upcoming one-time announcement... ;) |
![]() |
![]() ![]() ![]() ![]() ![]() |
![]() |
#22 |
Confirmed User
Join Date: Oct 2002
Location: Germany
Posts: 768
|
IProtect is the most effective prog out there but only if you have full access to your server. It will be compiled into apache and therefore will not slow down your site at all.
http://www.digital-concepts.net/cgi-iprotect.html It is 500 bucks and for a new paysite owner it might be a little steep but it is really cool. I use it since 98 and I actually submit to passwordsiters to get the additional traffic to send to toplists. |
![]() |
![]() ![]() ![]() ![]() ![]() |
![]() |
#23 | |
Confirmed User
Join Date: Aug 2002
Location: Atlanta
Posts: 936
|
Quote:
![]()
__________________
National Net Hosting. Handled. See our new line of inexpensive Dedicated Servers | Cabinets starting at $795 | CDN [email protected] | 888-4-NATNET | www.nationalnet.com |
|
![]() |
![]() ![]() ![]() ![]() ![]() |
![]() |
#24 |
Registered User
Join Date: Sep 2002
Location: -
Posts: 500
|
Sammy,
I'm just wondering whats causing all these members to be deleted? It seems to be a large amount, whats your ?threshold? of IP addresses set at ? I have all my sites set at 10-12 subnets before blocking, it doesn't seem to block any real members just blocks posted passwords. Here is yesterdays stats : 4 members deleted. User: slutters Subnets : 17 Hits 1136 Bytes Downloaded : 4081307 Minutes online : 50 Detected 13 different subnets DISABLED. User: MrBrownXX SUBNETS: 48 hits : 3047 Bytes : 11430960 Minutes : 140 Detected 13 different subnets DISABLED. obt 11 943 3743583 46 Detected 11 different subnets Bisto 11 889 3100461 36 Detected 11 different subnets Here are some others from 2 days ago MrBrownXX 47 3594 13301232 154 Detected 13 different subnets Hrmm, I haven't really had a good look through this in awhile and it seems like I have 3-4 passwords that are the exact same being deleted each day. I'll have to change the .htaccess so it goes to my own frontpages instead of the pennywize blank page. Should make me a few extra signups a day with 3000-4000 traffic hitting me each day. i'll let them continue to hack those same passes ![]() Sammy |
![]() |
![]() ![]() ![]() ![]() ![]() |
![]() |
#25 |
Registered User
Join Date: Oct 2002
Posts: 55
|
Hi Spaceman,
Steve from Pennywize here. We have a big new launch on the 1st of November with Pennywize v3.0. We believe it is the best release yet, with a new brute force blocking method and much faster account detection and blocking. Because we have gone through a period of fairly high growth, we are currently in the process of establishing dedicated support personnell to handle the growing amount of requests/installs we do. Anyway Jon you can try Pennywize for FREE on your server and if you like it, great. If not then try something else, but you're lost nothing by at least trying Pennywize! I am confident once you try it you will be happy. Thanks mate, Steve Pennywize. |
![]() |
![]() ![]() ![]() ![]() ![]() |
![]() |
#26 |
Registered User
Join Date: Oct 2002
Location: Adelaide, Australia
Posts: 59
|
Wow, I just can't believ how this board rocks. Thanks again everyone for your
![]() Thanks andi_germany, I have full access to my server but at 500$ I'll have to wait a bit more, this expense was a bit unexpected, as I tought the previous owner would have had one already. But sounds really good, one day hopefully. Thanks Petr, will it be launch soon. I have to decide in the next day or so? Thanks again LLBV, your comments have been really appreciated so far. You in-house program sounds really really interething. IS it possible to get it even if I am hosted elsewhere ? Thanks Steve, I"m definetely considering trying Pennywise, does your free trial include de Brute force protection ? Thanks Everyone Jon |
![]() |
![]() ![]() ![]() ![]() ![]() |
![]() |
#27 |
Registered User
Join Date: Aug 2002
Location: Pattaya, Royal Clif Garden 1078,
Posts: 32
|
![]() Use Protector Pro ! It's the best !
full stats automate block\unblock passes ip zones limit traffic limit bruteforce attak's protect unlimeted sites and unlimitet logins only for $33 i can get demo passes just mail me : [email protected] Link: Protector PRO
__________________
SIG TOO BIG! Maximum 120x60 button and no more than 3 text lines of DEFAULT SIZE and COLOR. Unless your sig is for a GFY top banner sponsor, then you may use a 624x80 instead of a 120x60. |
![]() |
![]() ![]() ![]() ![]() ![]() |
![]() |
#28 | |
Confirmed User
Join Date: Aug 2002
Location: Atlanta
Posts: 936
|
Quote:
As for Pennywize, the only thing that the free trial does NOT do is it does NOT automatically block abused usernames. It does, however, send you an email so that you can block them manually...
__________________
National Net Hosting. Handled. See our new line of inexpensive Dedicated Servers | Cabinets starting at $795 | CDN [email protected] | 888-4-NATNET | www.nationalnet.com |
|
![]() |
![]() ![]() ![]() ![]() ![]() |