Thank you sinhost
 

I woke up today and my server stats were 10-15 Mbits above normal. LOL After watching my money flush down the drain for a while as i scratched my head, i contacted sinhost and it turns out it was a password site. Bastards

They shut the pass down and all is right with the world.

Its funny, ive never bothered surfing pass sites in the 5 or 6 years ive been on the net, the only one i knew about was ultrapasswords. Gonna have to start checking them out more. LOL

Thanks sinhost for the awesome service as always

And if anyone has a list of popular pass sites, can you post them please?

ultrapasswords seems to own nearly all the major password sites
they use a script to use the same psaswords on all the sites i think


passwordforum/s.com or somthing is a major playa in that world too

checkout the toplists at the bottom of ultrapsswords.com for more sites

2passwords.com is one of i remember


which is the one that hit you? you should let them use ur passes then redirect there ass to a sponsor page and make some $$$

which password site was it?

I'm not even sure. Sinhost installed some new stats package for me so i could get a better view of incoming traffic. I saw a few small pass sites on there, but when i went and looked my site wasnt listed anymore.

But ya, they all look like ultrapasswords. LOL

Gary -

You should be using something to protect you from that, there are a number of scripts and apache mod's to do it now, protect yourself dude and then you won't have to worry about it happening again :)



Tim
:Graucho

ultrapasswords make a nice chunck off money promoting AP
touche......

Gary! Glad that we could work together on that :)

I knew people wouldn't be able to get enough of http://www.totalcatfights.com

On the note of protecting paysites against password trading... We have been looking at a variety of different scripts and I'm curious to hear if anyone has anything else they would recommend? I'd like to find a package that we can stand behind and include in all of our hosting plans.

Cheers,

Brad

http://www.passwdcop.com

I have heard good things about this script...

I have dealt with pennywize for a long time and am not particularily happy with it.

Brad, I realise you offer a quality product, I would advise you to do your research on the passwd protection thing and you'll realise pennywize is not worth your time.

http://www.monster-submit.com/sentry/

I was thinking about buying this one

Whatever we end up picking as the standard here it will surely be run through the paces. One thing that would be nice, of course, is if we were able to actually find something that is reasonanly priced while also being really effective. It's important to make sure that everything used is always licensed :winkwink:

Brad

get a script that blocks them automatically gary

Brad,

I think it was you, or someone else from sinhost who spoke with my partner on IRC (we're with Five Elements).

I'm not sure as I'd have to discuss it with him, but we may have some custom stuff we'd be willing to work out a deal on. Most of the scripts out there are beyond sucking, and we needed a solution that fit right in with our billing system, didn't suck CPU/server resources to run, and offerered very small granularity to prevent even short periods of traffic spikes. End result is we can guarantee to those customers that purchase the service from us (small additional charge) that they will not be charged a penny for traded-account traffic. The program in our setting automatically credits the account the traded traffic amount, and we never get hit for more than 5 or 10 minutes worth of it.

It should be a fairly easy port (there would have to be a number of things added, as it relies on data we allready gather anyways to run) to get it into shape for use elsewhere I would assume. Like I said I'm not 100% sure yet if we'd want to part with one of our competetive advantages though, I'll check on it. :)

In any case, it's a non-sucking, non-obvious solution to this problem. We came up with it after a few sites got password traded and just ran out on 20mbit+ spike bandwidth bills. Bleh.

you know how to get ahold of us if your interested at all.

-Phil

Gary why aren't you using the CCBill pass protection feature since you process with them?

If a pass gets out they see it, can it and then automatically email the member a new user pass.

We have used Password Sentry for a while now and it's good at automatically disabling accounts where too many IP addresses log in:
http://www.monster-submit.com/sentry/

It's cheap too.

Well, I've spammed for these guys before, might as well do it again:

http://www.proxypass.com/

AFAICT, the best there is. Not only does the shit that pennywize and Iprotect do (with less system load) also has open proxy detection as well as a central (off your server) dynamically updated list of open proxies.. This shit works. There's another one I've seen that claims to do the same things, but from what I saw it was just an imitator..

This one costs us $50 a month, no bandwidth charges or anything.. I think if you do clusters it's a little more.. Reasonable anyway.

Hey, Gary, ICQ me sometime, I'd like to talk to you about some biz.. ICQ is in my profile.

Cheers,
Backov

PS - Just kidding.. 5061408. ;>

I heard the same thing from another webmistress !

I have protection through globill but when I see over 20 logins a day with an account . I send them a new password.. I have never been on a password site so I don't know how the globill would work..

I seem to get the hackers that try to hack into my site through my server... I don't know what xxxwebhosting is using but it cuts off their ip and I get an email ! :)

Lots to follow up on...

I've got another client that is using the monster-submit script and they swear by it.

KimmyKim - In as much as I thought I knew CCBill products I'm not familiar with what you're speaking of. Learn something new every day.

Thanks everyone!

Brad