SWCAdmin
02-13-2015, 01:08 PM
Some Council members are contacting us because they received a notification from the board as follows....
Subj: Failed Login Notification on Small Wars Council
Someone has tried to log into your account on Small Wars Council with an incorrect password at least 5 times. This person has been prevented from attempting to login to your account for the next 15 minutes.
The person trying to log into your account had the following IP address: We have looked into this issue and are continuing to try to get in front of it. It's a filthy e-world we live in.
Enough users were getting these nuisance notifications that I have made a global change. It used to be that an unregistered user could see most things but had to register to post. Now you need to be logged in to see anything. That should prevent bots from trolling for usernames. We'll see if this is a temporary or permanent change.
There is clearly some funny business going on with a fairly unsophisticated attack. Basically, a web crawler or human is knocking on the front door of your account to see if it is unlocked. We have not seen any evidence that anyone's account has been been breached. You are right to take notice and be a little concerned. However, these system-generated notifications are sort of a backwards reminder that security measures are in place and are working -- the door was locked.
If you have a strong password on your account, we believe you are secure. If you want to tighten that up a bit, you can change your password in the Edit Your Details (http://council.smallwarsjournal.com/profile.php?do=editprofile) section of the User Control Panel (http://council.smallwarsjournal.com/usercp.php).
FYI, we already have commercial IP blacklist security implemented, but that is centered on new account registration and posting, i.e. once they open the door. We are adding the offending IP addresses to an additional manual blacklist as they are identified, to try to stop the board software from even serving the front door up to be knocked on. Unfortunately, there are lots of different IP addresses involved. It's what those internet pests do.
We continue to consult with better-at-this-than-me folks to review what has been going on and vet our security protocols. We're up to date on security patches, etc. Bottom line:
http://smallwarsjournal.com/sites/default/files/Keep-calm-and-carry-on-scan.jpg
Subj: Failed Login Notification on Small Wars Council
Someone has tried to log into your account on Small Wars Council with an incorrect password at least 5 times. This person has been prevented from attempting to login to your account for the next 15 minutes.
The person trying to log into your account had the following IP address: We have looked into this issue and are continuing to try to get in front of it. It's a filthy e-world we live in.
Enough users were getting these nuisance notifications that I have made a global change. It used to be that an unregistered user could see most things but had to register to post. Now you need to be logged in to see anything. That should prevent bots from trolling for usernames. We'll see if this is a temporary or permanent change.
There is clearly some funny business going on with a fairly unsophisticated attack. Basically, a web crawler or human is knocking on the front door of your account to see if it is unlocked. We have not seen any evidence that anyone's account has been been breached. You are right to take notice and be a little concerned. However, these system-generated notifications are sort of a backwards reminder that security measures are in place and are working -- the door was locked.
If you have a strong password on your account, we believe you are secure. If you want to tighten that up a bit, you can change your password in the Edit Your Details (http://council.smallwarsjournal.com/profile.php?do=editprofile) section of the User Control Panel (http://council.smallwarsjournal.com/usercp.php).
FYI, we already have commercial IP blacklist security implemented, but that is centered on new account registration and posting, i.e. once they open the door. We are adding the offending IP addresses to an additional manual blacklist as they are identified, to try to stop the board software from even serving the front door up to be knocked on. Unfortunately, there are lots of different IP addresses involved. It's what those internet pests do.
We continue to consult with better-at-this-than-me folks to review what has been going on and vet our security protocols. We're up to date on security patches, etc. Bottom line:
http://smallwarsjournal.com/sites/default/files/Keep-calm-and-carry-on-scan.jpg