vForums Support Banner



 

Welcome Guest! Please Login or Register
vForums Support :: System Improvements :: Suggestions :: Brute force pervention - View Topic
Topic Rating: *****
Printable View
flyoffacliff
Junior Member
**

Posts: 101
Status: Offline
Joined:  
Reputation: 0%  


pm
Brute force pervention (1st Feb 10 at 7:52pm UTC)
Brute force pervention so it would ban users for 30 min. after 5 login attemts. And log it in the event log.
Back to Top - Link to Post
If I helped you, please give me reputation, thanks. {Smile}
Radient Fires
New Member
*

Posts: 21
Status: Offline
Gender: Male
Joined:  
Reputation: 5%  


pm
Re: Brute force pervention (1st Feb 10 at 8:49pm UTC)
This sounds just like a different host.

I can see some use for this as I have yet to trigger a stop limit.

I think however 30min is too short. I think 24hrs is more appropriate. 5 attempts seems plenty of tries, and I like the idea of the logging the failed attempts.

IP logging would be great, but I think it would also be useful for the staff (maybe main admin only) to see what account is being attacked.
Back to Top - Link to Post
Image
Michael
Moderator
*****

[Avatar]
Recoding the future

Posts: 4,043
Status: Offline
Gender: Male
Location: UK
Joined:  

Additional Groups:
Coding Team
***


Reputation: 58%  


pmtwittervForum
Re: Brute force pervention (2nd Feb 10 at 3:12am UTC)
I agree that it would be good to have some form of notification of bad logins. However, I don't think an account should be banned for it. Because I could try to login as Graham 10 times, then he'd be banned.

Unless you mean ban the IP for 1 hour then that's best. I think 1 hour will suffice for the ban length.

If a failed login attempt is made, howabout an automatic PM saying when it was? Or a notification message somewhere? {Unsure}

Back to Top - Link to Post
Radient Fires
New Member
*

Posts: 21
Status: Offline
Gender: Male
Joined:  
Reputation: 5%  


pm
Re: Brute force pervention (2nd Feb 10 at 3:32am UTC)
Good point Michael. Maybe a PM could be used.

How about an IP based ban rather than an account one?
Back to Top - Link to Post
Image
dog199200
Guest
Re: Brute force pervention (2nd Feb 10 at 3:50am UTC)
OK i can sum this up to what would work best {Tongue Out}

1: An option in the forum settings to turn this feature on AS WELL a field beside that where the admin can set the length (in minutes), as well as the amount of attempts allowed.

2: A log in the admin panel that lists all account failed login accounts (listing the accounts display name, username, as well as the Ip address of the person trying to login.)

3: Banning the IP of the person attempting to login, for the set amount of time, when the login failed the set about of tries, as well as a Proxy Check.

4. A PM notification send to the user's whos account was being attacked, notifying them of the attack and suggesting them to change their password.


My opinion I think that covers everything. It provide the most user friend and editable options, allowing it to be flexible so that if the user doesn't want to use the feature they dont have to and they can set the values of everything. Also provides notification to both allowed staff as well as the user. It also bans the person's ip instead of the account, preventing the wrong person from being locked out. Adding to that the Proxy Check will make sure that the user is not using a Proxy to change his IP address in order to bypass the IP Ban.
Back to Top - Link to Post
Nick
Very Senior Member
*****

[Avatar]

Posts: 3,012
Status: Offline
Gender: Male
Location: vForums
Age: 34
Joined:  
Reputation: 62%  


pmwww
Re: Brute force pervention (2nd Feb 10 at 4:54am UTC)
I like it, but change the PM to emails instead. {Smile}
Back to Top - Link to Post
Radient Fires
New Member
*

Posts: 21
Status: Offline
Gender: Male
Joined:  
Reputation: 5%  


pm
Re: Brute force pervention (2nd Feb 10 at 5:29am UTC)
I like what you had to say Dwight. Those actually would work really good.

Like Darkmage, I think an email alert would be more suitable. Then again, the user should be able to choose if they want a PM / Email / or both.
Back to Top - Link to Post
Image
Ross
Administrator
*****

[Avatar]

Posts: 3,709
Status: Offline
Gender: Male
Age: 8 11
Joined:  

Additional Groups:
Support Team
***


Reputation: 45%  


pmwwwtwittergtalkvForum
Re: Brute force pervention (2nd Feb 10 at 9:43am UTC)
Quote:
Adding to that the Proxy Check will make sure that the user is not using a Proxy to change his IP address in order to bypass the IP Ban.


If I wanted to use a good proxy then there would be no way for the software to detect that I am using a proxy server.

Other than that, some interesting ideas.
Back to Top - Link to Post
Image
dog199200
Guest
Re: Brute force pervention (2nd Feb 10 at 10:21am UTC)
Posted By Ross on 2nd Feb 10 at 9:43am
 
If I wanted to use a good proxy then there would be no way for the software to detect that I am using a proxy server.

Other than that, some interesting ideas.


True, but every little bit helps. I don't think a lot of people will even think about using a proxy after the ip ban, its more like an tempt at a fail-safe, even if it wont always work to prevent everyone.
Back to Top - Link to Post
flyoffacliff
Junior Member
**

Posts: 101
Status: Offline
Joined:  
Reputation: 0%  


pm
Re: Brute force pervention (2nd Feb 10 at 3:45pm UTC)
Posted By Radient Fires on 2nd Feb 10 at 5:29am
 
I like what you had to say Dwight. Those actually would work really good.

Like Darkmage, I think an email alert would be more suitable. Then again, the user should be able to choose if they want a PM / Email / or both.



I agree








Posted By dog199200 on 2nd Feb 10 at 3:50am
 
OK i can sum this up to what would work best {Tongue Out}

1: An option in the forum settings to turn this feature on AS WELL a field beside that where the admin can set the length (in minutes), as well as the amount of attempts allowed.

2: A log in the admin panel that lists all account failed login accounts (listing the accounts display name, username, as well as the Ip address of the person trying to login.)

3: Banning the IP of the person attempting to login, for the set amount of time, when the login failed the set about of tries, as well as a Proxy Check.

4. A PM notification send to the user's whos account was being attacked, notifying them of the attack and suggesting them to change their password.


My opinion I think that covers everything. It provide the most user friend and editable options, allowing it to be flexible so that if the user doesn't want to use the feature they dont have to and they can set the values of everything. Also provides notification to both allowed staff as well as the user. It also bans the person's ip instead of the account, preventing the wrong person from being locked out. Adding to that the Proxy Check will make sure that the user is not using a Proxy to change his IP address in order to bypass the IP Ban.



I like it








Posted By Michael on 2nd Feb 10 at 3:12am
 
I agree that it would be good to have some form of notification of bad logins. However, I don't think an account should be banned for it. Because I could try to login as Graham 10 times, then he'd be banned.

Unless you mean ban the IP for 1 hour then that's best. I think 1 hour will suffice for the ban length.

If a failed login attempt is made, howabout an automatic PM saying when it was? Or a notification message somewhere? {Unsure}




I ment an IP ban.
Back to Top - Link to Post
If I helped you, please give me reputation, thanks. {Smile}
 Printable View

All times are GMT+0 :: The current time is 2:00am
Page generated in 0.4928 seconds
This Forum is Powered By vForums (v2.4)
Create a Forum for Free | Find Forums