Login * Member Blogs
FAQ *
   Search *
Member Stores
View unanswered posts
View active topics ::
 
IMPORTANT!

IMPORTANT NOTE: While email addresses are protected and hidden from view to both members and guest, if you have recently received unsolicited email contact from any member or former member, please forward it to us. Click to read more.

Becoming a member of the IG community is as simple as registering. To register, please click on "Login", and then "Register". Please note, registrations are activated manually by a moderator, so there may be a tiny delay in signing up and account activation. Registered, but having trouble with login? Please read this thread.

Members new and old, it's always a good time to re-acquaint yourself with the rules. New members, unsure about where to post stuff, or overwhelmed by the number of forums? Please check out the useful thread index.

All times are UTC [ DST ]




Post new topic Reply to topic  [ 13 posts ] 
Author Message
 Post subject: Brute Force Attempts - Important - Please Read
PostPosted: Mon Feb 14, 2011 9:28 pm 
User avatar
Captain Okamisan (owner)
Captain Okamisan (owner)

Joined: Sat Apr 20, 2002 2:04 am
Posts: 3530
Fav. Maiko: Momotaro
Fav. Geiko: Tome
Fav. Motif: Uguisu
Everyone,

It has come to our attention that the forum is being targeted for a password brute force attempt.

You can read more about it here:

http://www.phpbb.com/community/viewtopic.php?t=1947925

From researching, it's not limited just to phpBB forums - but other types as well.

The steps we are currently taking to resolve this are:

1. Dropping number of login attempts down to 1. I know this is a little annoying, but until this blows over, it's better to err on the side of caution.

2. Reviewing website logs in an effort to identify any particular IPs that seem to have a large number of login attempts. Once we've identified likely IPs - we'll be banning them. If we happened to banned a legit user - please email us letting us know.

Now - I'd like to stress that all users should ensure they have strong passwords. It probably wouldn't hurt to go in and do a password change. If you do - try to have mix case and numbers to strengthen.

Kind Regards,
Naomi~

_________________
Image Image


Top
 Profile  
 
 Post subject: Re: Brute Force Attempts - Important - Please Read
PostPosted: Mon Feb 14, 2011 9:38 pm 
User avatar
Furisode Shinzo
Furisode Shinzo

Joined: Tue Jun 15, 2010 9:11 pm
Posts: 1301
Location: Netherlands
Fav. Motif: tachibana, asanoha, maple
Thanks for the heads up.

It's always good to check and keep your computer save.

I just hate these kinda thing. Last year a hacker hackt into my boyfriends Wow account. The problem was his email account, which he checked on a computer of a friend that was infected, and so they got into his account stuff.


Top
 Profile  
 
 Post subject: Re: Brute Force Attempts - Important - Please Read
PostPosted: Wed Feb 16, 2011 3:33 pm 
User avatar
Shikomi-san
Shikomi-san

Joined: Thu May 24, 2007 8:59 am
Posts: 163
To be safe I changed my password and then logged out. When I tried to log back in I got the over limit error on my first try. After that the window to put in the code comes up but not until you get the error first.

I'm not sure this was the intended way for it to work. Just fyi for anyone who does change their password


Top
 Profile  
 
 Post subject: Re: Brute Force Attempts - Important - Please Read
PostPosted: Sun Feb 20, 2011 9:34 pm 
User avatar
Maiko-san
Maiko-san

Joined: Tue May 29, 2007 8:14 pm
Posts: 1406
Location: Spain
Fav. Motif: kaioke, bamboo, asagao, mums,
I think it's not because you changed the password, ohnaka.
I¡ts happening to me too, but I haven't changed my password (because I was absent from the forums and didn't know about this).


Top
 Profile  
 
 Post subject: Re: Brute Force Attempts - Important - Please Read
PostPosted: Thu Jan 26, 2012 5:45 pm 
User avatar
Maiko-san
Maiko-san

Joined: Mon Jan 12, 2009 3:21 am
Posts: 1123
Just a heads up, mods. I received an email notification of a private message just now from immortalge​ishamembers​hip@gmail.c​om. It looked like the typical email I get from IG, and contained my username and a link. When I clicked the link, I was taken to a login page. It looks like the IG login page except that it has a little phbb logo at the top left, but things change so I didn't think anything of it. The page is located at http://puchimaiko.com/ig_bb/ucp.php?i=pm&folder=inbox. I logged in with my username and password, but after the "login successful message, I was sent to an error page at http://puchimaiko.com/ig_bb/ucp.php?i=p ... 3fc48bed65

I immediately logged into both the proper site and the wiki and changed my password, but clearly you need to know someone's phishing for passwords.


Top
 Profile  
 
 Post subject: Re: Brute Force Attempts - Important - Please Read
PostPosted: Thu Jan 26, 2012 6:29 pm 
User avatar
Okasan
Okasan

Joined: Tue Jan 25, 2011 4:24 pm
Posts: 5465
Location: Netherlands
Fav. Maiko: Satsuki,Kimihiro,Tomitsuyu,
Fav. Geiko: Sayaka,Miehina,Mana/Kana
Fav. Motif: flowers,peacock,butterfly
Geimyo: 昊蓮 - Kouren
Thanks for letting us know James!! I hope I don't get that message.

*edit* I just got 2 of them... Won't be opening both of them since I don't have a new message on here...


Last edited by Gikuyu on Thu Jan 26, 2012 7:27 pm, edited 1 time in total.

Top
 Profile  
 
 Post subject: Re: Brute Force Attempts - Important - Please Read
PostPosted: Thu Jan 26, 2012 7:16 pm 
User avatar
First Mate Boobie-san (Mod)
First Mate Boobie-san (Mod)

Joined: Wed Feb 16, 2005 7:27 am
Posts: 4749
Location: Torontoland
Fav. Motif: apples, tsujigahana
Thanks for the head's up, James. I haven't seen Naomi online yet today - I hope she's feeling okay - but I'll definitely pass it on to her.

_________________
Does your signature comply with the rules? Check this thread for details.

To live a creative life, we must lose our fear of being wrong. - Joseph Chilton Pearce


Top
 Profile  
 
 Post subject: Re: Brute Force Attempts - Important - Please Read
PostPosted: Thu Jan 26, 2012 8:14 pm 
User avatar
Onesan
Onesan

Joined: Wed Nov 01, 2006 10:39 am
Posts: 2819
Location: UK
Fav. Motif: bamboo, yabane, ivy, tachibana
I, too, have just received two of these. They have the subject line 'New private message has arrived'.

_________________
Image


Top
 Profile  
 
 Post subject: Re: Brute Force Attempts - Important - Please Read
PostPosted: Thu Jan 26, 2012 9:15 pm 
User avatar
Tayuu
Tayuu

Joined: Mon Mar 27, 2006 4:45 pm
Posts: 4699
Location: France
Fav. Maiko: Umehisa, Mameharu, both Ayano
Fav. Geiko: Kotoha, Fukuyû, Ichiraku
Fav. Motif: Tsuta, Kiku leaves, Same
I got four! I'm the best! :creepo:

_________________
"The problem with quotes on the Internet is that it is often difficult to verify their authenticity." - Abraham Lincoln


Top
 Profile  
 
 Post subject: Re: Brute Force Attempts - Important - Please Read
PostPosted: Thu Jan 26, 2012 9:18 pm 
User avatar
Okasan
Okasan

Joined: Tue Jan 25, 2011 4:24 pm
Posts: 5465
Location: Netherlands
Fav. Maiko: Satsuki,Kimihiro,Tomitsuyu,
Fav. Geiko: Sayaka,Miehina,Mana/Kana
Fav. Motif: flowers,peacock,butterfly
Geimyo: 昊蓮 - Kouren
rubyminky wrote:
I, too, have just received two of these. They have the subject line 'New private message has arrived'.


Yup equal as the real deal, I checked here to be sure I got no message


Top
 Profile  
 
 Post subject: Re: Brute Force Attempts - Important - Please Read
PostPosted: Thu Jan 26, 2012 11:35 pm 
User avatar
Captain Okamisan (owner)
Captain Okamisan (owner)

Joined: Sat Apr 20, 2002 2:04 am
Posts: 3530
Fav. Maiko: Momotaro
Fav. Geiko: Tome
Fav. Motif: Uguisu
Ahh! I'm so sorry for worrying everyone!

I'm in the middle of testing some new mods for the forum, and needed to test it with the existing forum data, but obviously not on the live site - so I replicated the forum on my other server - using puchimaiko.com. I wasn't aware it was sending out emails, and for that, I do apologize.

I will actually be going through and removing the test forum later today or tomorrow.

_________________
Image Image


Top
 Profile  
 
 Post subject: Re: Brute Force Attempts - Important - Please Read
PostPosted: Fri Jan 27, 2012 1:24 am 
User avatar
Maiko-san
Maiko-san

Joined: Tue May 15, 2007 7:18 pm
Posts: 1129
Location: Minnesota, USA
Fav. Motif: OWLS!
I got six of them! I win! :katana:


Top
 Profile  
 
 Post subject: Re: Brute Force Attempts - Important - Please Read
PostPosted: Fri Jan 27, 2012 8:24 am 
User avatar
Okasan
Okasan

Joined: Tue Jan 25, 2011 4:24 pm
Posts: 5465
Location: Netherlands
Fav. Maiko: Satsuki,Kimihiro,Tomitsuyu,
Fav. Geiko: Sayaka,Miehina,Mana/Kana
Fav. Motif: flowers,peacock,butterfly
Geimyo: 昊蓮 - Kouren
We've got a winner xD hehe

Thats ok Naomi-san, glad there is no real spammer behind this all :)


Top
 Profile  
 
Display posts from previous:  Sort by  
Post new topic Reply to topic  [ 13 posts ] 


Search for:
Jump to:  

All times are UTC [ DST ]




Powered by phpBB © 2000, 2002, 2005, 2007 phpBB Group