HomepageOpinions about this siteRe: News: Abuse - Tuesday, 31.7.2007| Author | Post | |||
| unknown user |
Might as well ban all the ip's in my dynamic ip range, my universities range, rootshell.be, open proxies, tor nodes, I estimate about 2^18 ip's (this does imply you also annoy genuine people using these ip's) because when I come across a password from someone, I'll sure as hell test it against this database. Even if you ban the above mentioned 2^18 ip's. I'm sure with some effort i'll still do it. I believe this "though talk" is: 1- pointless _well it doesn't scare me_ 2- gives yourself a hell of a lot to do 3- provocative 4- if the "attacker" knows he needs to watch out for log snorkling, he will circumvent it. If you want to protect your sign in procedure: - don't use a weak username/password scheme, use certificates, or other advanced techniques - limit the amount of tries allowed - enlarge the time between password tries exponentially - ... Just a heads up. So you don't need to go snorkeling through the logs for poor little old me. |
|||
| 31.07.2007 11:29:53 |
|
|||
moose      |
well rhican, I think Inferno knows that ... (even I know it, and I think Inferno does know much more about computers than me  )I think he wanted the people who try to hack others accounts to scare ...  Quote:- enlarge the time between password tries exponentially nice idea ... i'll use this in my login systems  |
|||
Edited by moose on 31.07.2007 11:48:13 | ||||
 31.07.2007 11:47:02 |
|
|||
| unknown user |
. |
|||
| 31.07.2007 11:53:23 |
|
|||
bb          |
No offence, but I think that news article may have been aimed at the sort of person who is leaving an obvious trail. More of a warning to scriptkiddies which is normally enough to scare the dim ones away. Of course, if he was chasing you (and I am not insinuating this is you ) I very much doubt log snorkling would catch you. It might be enough to deter some and at least it shows they are doing something.I may have it all arse about face but that's normal for me Carry on  |
|||
 31.07.2007 11:57:27 |
|
|||
BaRa    |
Very cunswuppious. |
|||
 31.07.2007 13:53:22 |
|
|||
Towley   |
One of the reasons to choose different passwords for different sites/applications.  doing this is not nice. |
|||
|
31.07.2007 22:28:48 |
|
|||
| unknown user |
. |
|||
| 01.08.2007 01:26:33 |
|
|||
|
Towley |
Yes, i also noticed the sentence "It is not nice" is very ambiguous and can be interpreted in many ways after i posted that. I decided its up to the readers to think about what is not nice. For me its not nice to use other people accounts. Searching for a weakness is ok for me, as long as you dont abuse it. |
|||
Edited by Towley on 01.08.2007 12:22:52 | ||||
|
01.08.2007 12:19:42 |
|
|||
|
bb |
||||
|
01.08.2007 14:10:32 |
|
|||
|
moose |
Quote: Very cunswuppious. what does cunswuppious mean? |
|||
|
01.08.2007 16:52:13 |
|
|||
EMail
private message
Website;){kind=small}
Website