Invaders

This is the place to talk all Coyotes hockey.

Moderators: CBL, Stunned, Matzel

Invaders

Postby Robert Earthpig on Mon Jan 17, 2011 9:56 am

Just a warning to everyone... When I signed on just now I had to type in the italicized code word and was told I had exceeded the allowable number of sign in attempts. Apparently some joker has tried to weasel aboard in the guise of me. Effin swine. :evil:
Long Live The Jets
Robert Earthpig
Alternate Captain
Alternate Captain
 
Posts: 8313
Joined: Thu Mar 04, 2004 9:14 am
Location: Valleytwixtpointyrocks

Re: Invaders

Postby BetweenthePipes on Mon Jan 17, 2011 9:58 am

Same thing happened to me when I logged on about an hour ago. Not so this time.
Goalie Guru
BetweenthePipes
Prospect
Prospect
 
Posts: 320
Joined: Fri Jul 04, 2008 9:31 am

Re: Invaders

Postby Stunned on Mon Jan 17, 2011 11:18 am

Happened to me as well. :evil:

It does look like it's a fairly recent attack strategy. I'll keep an eye on it and keep you guys posted if something comes up.

phpbb3 support is aware of the issue and it's not unique to our board. Here is one funny quote from an impacted site posted on 1/2/2011:

my users made a big deal about it because they're usually pretty drunk or high and that makes captcha tough, ya know.

:lol:

My short-term advice is to make sure you have a good password that isn't easy to guess/hack. Unfortunately, I doubt there will be any solution to the problem that could guarantee that this will never happen to you. But maybe they'll come up with something. If they do, I'll update the site to make use of it.

I'll also make sure we're backed up and increase the backup frequency. I don't know what action they'll take if the attackers successfully hack an account, but if it happens and they do something that takes the site down, please bear with me...

Also, I'm going to make this a announcement on this board for now.
This group is Simply incredible...
User avatar
Stunned
Administrator
Administrator
 
Posts: 4477
Joined: Sun Oct 26, 2003 10:13 am
Location: With my therapist, discussing my level of fanaticism

Re: Invaders

Postby yotesreign on Mon Jan 17, 2011 3:33 pm

after what happened to this guy the new password is 'I'll keep my mouth shut':




:banana:
User avatar
yotesreign
Rookie
Rookie
 
Posts: 850
Joined: Wed Jan 28, 2009 11:52 pm
Location: Phoenix/Glendale, Arizona

Re: Invaders

Postby CBL on Tue Jan 25, 2011 5:04 pm

They finally got to me :-(

Oh well, it was about time for me to make a password change anyway (not that I had to, but I was well overdue one).

I just hope I can remember it for longer than a week...
User avatar
CBL
Moderator
Moderator
 
Posts: 2094
Joined: Thu Jul 07, 2005 10:47 pm
Location: PA

Re: Invaders

Postby more info on Tue Feb 01, 2011 4:51 pm

I had the same message several days ago, didn't think much of it until I saw this post.
more info
Draft Pick
Draft Pick
 
Posts: 15
Joined: Tue Oct 26, 2010 8:42 am
Location: Yes I am from Winnipeg

Re: Invaders

Postby Puckhead on Mon Feb 07, 2011 10:06 am

I joined the party today while logging on. :roll:
User avatar
Puckhead
Prospect
Prospect
 
Posts: 117
Joined: Fri Sep 18, 2009 2:26 pm

Re: Invaders

Postby Robert Earthpig on Thu Feb 10, 2011 12:54 pm

Had a real mess to deal with yesterday. Someone's attempts at logging on in my name caused me to be basically shut out of this site. I'd log in and try to add a comment to a thread and then I'd have to log in again and my written message would be toast - and so on.
Fine today.
Bastage. :evil: You'll never figure out my password!
Long Live The Jets
Robert Earthpig
Alternate Captain
Alternate Captain
 
Posts: 8313
Joined: Thu Mar 04, 2004 9:14 am
Location: Valleytwixtpointyrocks

Re: Invaders

Postby BetweenthePipes on Fri Feb 11, 2011 2:44 pm

Again, today, I had to enter a code from an image to log in, as someone had clearly tried to guess my password. Any chance that Administrators can get some computer guru to chase down who is trying to do this?

Good passwords should be more than 8 characters and should include both letters and numbers. On some sites, passwords can be case sensitive as well (not sure about here). Passwords should not be, say, the ages of your children, the dates of family member birthdays, the names of your family members, etc. Preferably, they have no meaning at all and contain no real words, with one or more numbers in there at various places.

The problem always is that there are so many web sites one might visit which require a password. How the heck to remember them all is the problem (especially as I get older)! I recommend writing them down and keeping the list in some random place NOT beside the computer (in a book on a shelf, somewhere, for example--just remember which book).
Goalie Guru
BetweenthePipes
Prospect
Prospect
 
Posts: 320
Joined: Fri Jul 04, 2008 9:31 am

Re: Invaders

Postby gollybass on Fri Feb 11, 2011 2:48 pm

I changed my password... and now I dont remember it! Hopefully I dont have someone try to hack me again so i dont have the forgotten password hoopla
Image
gollybass
Second Line Winger
Second Line Winger
 
Posts: 4153
Joined: Sun Feb 05, 2006 11:18 am
Location: Mesa, AZ

Re: Invaders

Postby Robert Earthpig on Fri Feb 11, 2011 3:21 pm

Had to do the long sign in again as our poor, bored and life-needing friend has struck again. :lol: :P Keep guessing jackwad.
Long Live The Jets
Robert Earthpig
Alternate Captain
Alternate Captain
 
Posts: 8313
Joined: Thu Mar 04, 2004 9:14 am
Location: Valleytwixtpointyrocks

Re: Invaders

Postby Stunned on Sat Feb 12, 2011 10:39 am

BetweenthePipes wrote:Again, today, I had to enter a code from an image to log in, as someone had clearly tried to guess my password. Any chance that Administrators can get some computer guru to chase down who is trying to do this?

Good passwords should be more than 8 characters and should include both letters and numbers. On some sites, passwords can be case sensitive as well (not sure about here). Passwords should not be, say, the ages of your children, the dates of family member birthdays, the names of your family members, etc. Preferably, they have no meaning at all and contain no real words, with one or more numbers in there at various places.

The problem always is that there are so many web sites one might visit which require a password. How the heck to remember them all is the problem (especially as I get older)! I recommend writing them down and keeping the list in some random place NOT beside the computer (in a book on a shelf, somewhere, for example--just remember which book).


As I said earlier, this is a known problem. What I mean by this is that the makers/supporters of phpBB3 software that we're using are aware of the problem and are working on a solution.

Keep in mind that almost no solution could ever be perfect. Determined people that hack sites find ways around new defenses. And finding them is resource intensive and generally difficult to do. And keep in mind that we're not protecting your bank accounts, we're protecting a hockey discussion forum. I don't say that because I take the issue lightly, but we can't afford to pay a guy $200/hour to try to track down some joker kicking of phpBB3 login bots behind proxies and generally from foreign countries only to have him tweak a thing or two and force us to find him (or her, or them) again. And even if we did find him/her/them, then what?

Fortunately, we do have CAPTCHA which, while it's inconvenient, is the safe guard protecting your account.

Definitely use a good password.

There are two password tracking tools that are free that I'm aware of (and I know there are others that you can pay for).

I won't divulge them here publicly, but if you're interested PM me and I'll give you the information.

One of them I've been using for YEARS. Simple, easy. I tie it to a keyboard shortcut (windows). It's kept my passwords/account information dating back many years. Takes some discipline to use it consistently and keep it up to date, but it's saved my butt many, many, many times. So I'm more than motivated to keep it current.

The other is also good and I know people where I work that love it.

These are far better than keeping a spreadsheet, text file, note paper list. You can back up the encrypted files. Use them on your home network (assuming you want access to it from an PC in your house). Put backups on CD and store in your safe, safety deposit box...you get the idea. Many, many other benefits including the ability to generate passwords of arbitrary complexity based on different password rule strategies that you run into from time to time. Again, very, very simple to use.
This group is Simply incredible...
User avatar
Stunned
Administrator
Administrator
 
Posts: 4477
Joined: Sun Oct 26, 2003 10:13 am
Location: With my therapist, discussing my level of fanaticism

Re: Invaders

Postby Stunned on Sat Feb 12, 2011 10:41 am

Robert Earthpig wrote:Had a real mess to deal with yesterday. Someone's attempts at logging on in my name caused me to be basically shut out of this site. I'd log in and try to add a comment to a thread and then I'd have to log in again and my written message would be toast - and so on.
Fine today.
Bastage. :evil: You'll never figure out my password!


That does suck. Hasn't happened to me...yet. Were you able to back up in the browser and at least save what you wrote (i.e., cut/paste to notepad or something...)?
This group is Simply incredible...
User avatar
Stunned
Administrator
Administrator
 
Posts: 4477
Joined: Sun Oct 26, 2003 10:13 am
Location: With my therapist, discussing my level of fanaticism

Re: Invaders

Postby Robert Earthpig on Wed Feb 16, 2011 12:29 pm

No, on the bright side I was only writing short blurbs so it wasn't all that bad. Just kind of annoying. Don't get the buzz being had by this person trying to hack into something that will provide absolutely no reward. I pity da foo.
Long Live The Jets
Robert Earthpig
Alternate Captain
Alternate Captain
 
Posts: 8313
Joined: Thu Mar 04, 2004 9:14 am
Location: Valleytwixtpointyrocks

Re: Invaders

Postby BetweenthePipes on Thu Feb 17, 2011 2:52 pm

I was 'hit' again for the third time, today. I do not log on every day, so I don't know exactly when the attempt was. My pw is what it should be, so I am not worried, just mildly annoyed. After all, what's the point of hacking someone's account here? Loser.
Goalie Guru
BetweenthePipes
Prospect
Prospect
 
Posts: 320
Joined: Fri Jul 04, 2008 9:31 am

Next

Return to Coyotes Corner

Who is online

Users browsing this forum: No registered users and 1 guest

cron