SMALL WARS COUNCIL
Go Back   Small Wars Council

vBulletin Message

We have turned off our discussion board temporarily while we work to defeat an annoying set of internet probes. This will be more than a few hours, but hopefully not more than a few days.

We have no indication that any accounts have been accessed. Our front line defenses are working, but the alerts that they generate are causing concern with some users.

Registered Users have been contacting us because they received a notification from the board as follows

Subj: Failed Login Notification on Small Wars Council

Someone has tried to log into your account on Small Wars Council with an incorrect password at least 5 times. This person has been prevented from attempting to login to your account for the next 15 minutes.

The person trying to log into your account had the following IP address:

There is clearly some funny business going on with a fairly unsophisticated attack. Basically, a web crawler or human is knocking on the front door of your account to see if it is unlocked. We have not seen any evidence that anyone's account has been been breached. You are right to take notice and be a little concerned. However, these system-generated notifications are sort of a backwards reminder that security measures are in place and are working -- the door was locked.

We have been adding the offending IP addresses to an additional manual blacklist as they are identified, to try to stop the board software from even serving the front door up to be knocked on. Unfortunately, there are lots of different IP addresses involved. It's what those internet pests do. FYI, we already have commercial IP blacklist security implemented, but that is centered on new account registration and posting, i.e. once they open the door.

Until we locked the board, our best advice was that you were safe as long as you had a reasonably strong password on your account that a bot couldn't guess in 5 tries (i.e. not your username, password, or 1111). We advised that you could change your password in the Edit Your Details section of the User Control Panel; that's inaccessible at the moment..

We will turn things back on when we manage to blast these trolls on the front lawn, before they get to the front door and knock five times unsuccessfully.

We're up to date on security patches, etc., and again, have no indication of any compromise. We'll be back. Until then, bottom line:


 




All times are GMT. The time now is 02:35 AM.


Powered by vBulletin® Version 3.8.8. ©2000 - 2015, Jelsoft Enterprises Ltd.
Registered Users are solely responsible for their messages.
Operated by, and site design 2005-2009, Small Wars Foundation