New sheriff in town!

StefanOnHisS10

Converting fuel into heat, noise and a bit motion
Staff member
Global Moderator
Joined
Apr 8, 2020
Messages
2,200
Location
The Netherlands, Friesland.
To all,

Forum security is the top priority for us staff. Last few weeks it got worse and we acted accordingly.

As many of you have noticed we have put up some new rules and technical barriers to keep the internet rodents at bay. Thanks to members for the input!

Also we have found a member willing to help us with our moderating tasks. A very warm welcome to @bimota and a big thanks for stepping up! He is a long time, well respected member and active rider. As soon as his profile is updated, as well as his profile badges, he will start helping us.

The staff
 

Jlq1969

Well-Known Member
Joined
May 5, 2018
Messages
1,825
Location
Argentina
Congratulations!!!…..but since you have access to the IPs of the different “rodents”, wouldn't attack be a better strategy, instead of defense?….an attack just so that they know that the forum also has attack tools too...not just defense tools...Maybe the software providers (Xenforo or DragonByte) would be interested in doing so.
The attackers are probably always the same, who try again and again... until the defense fails, but if they receive an attack, they will "probably" go find another forum to bother
 

Checkswrecks

Ungenear to broked stuff
Staff member
Global Moderator
2011 Site Supporter
Joined
Mar 7, 2011
Messages
11,559
Location
Damascus, MD
Congratulations!!!…..but since you have access to the IPs of the different “rodents”, wouldn't attack be a better strategy, instead of defense?….an attack just so that they know that the forum also has attack tools too...not just defense tools...Maybe the software providers (Xenforo or DragonByte) would be interested in doing so.
The attackers are probably always the same, who try again and again... until the defense fails, but if they receive an attack, they will "probably" go find another forum to bother
LOL -

Great idea. To have attack tools would be fun!

Too bad we don't. fwiw - They are never the same and the IP Addresses they use do sometimes come from general areas but now always and even those change.
 
Last edited:

fac191

Well-Known Member
Joined
Jun 22, 2016
Messages
2,870
Location
London
To all,

Forum security is the top priority for us staff. Last few weeks it got worse and we acted accordingly.

As many of you have noticed we have put up some new rules and technical barriers to keep the internet rodents at bay. Thanks to members for the input!

Also we have found a member willing to help us with our moderating tasks. A very warm welcome to @bimota and a big thanks for stepping up! He is a long time, well respected member and active rider. As soon as his profile is updated, as well as his profile badges, he will start helping us.

The staff
Nice one Rob.
 

StefanOnHisS10

Converting fuel into heat, noise and a bit motion
Staff member
Global Moderator
Joined
Apr 8, 2020
Messages
2,200
Location
The Netherlands, Friesland.
Congratulations!!!…..but since you have access to the IPs of the different “rodents”, wouldn't attack be a better strategy, instead of defense?….an attack just so that they know that the forum also has attack tools too...not just defense tools...Maybe the software providers (Xenforo or DragonByte) would be interested in doing so.
The attackers are probably always the same, who try again and again... until the defense fails, but if they receive an attack, they will "probably" go find another forum to bother
That would be fun! But unfortunately we can't..
 

Wallkeeper

Paid Observer of drying paint and curing powder
Staff member
Global Moderator
Joined
Aug 18, 2016
Messages
1,186
Location
Minneapolis
Congratulations!!!…..but since you have access to the IPs of the different “rodents”, wouldn't attack be a better strategy, instead of defense?….an attack just so that they know that the forum also has attack tools too...not just defense tools...Maybe the software providers (Xenforo or DragonByte) would be interested in doing so.
The attackers are probably always the same, who try again and again... until the defense fails, but if they receive an attack, they will "probably" go find another forum to bother
I wish it was that simple. Couple of points to your idea

1. I would love to bust their chops
2. It would require time. We are unpaid volunteers. we all have other commitments
3. The software the Bot farms use creates bogus info including IPs. The target is elusive
4. Attack requires equipment, software and training we do not have but can obtain with significant $$
5. This forum does not charge, does not sell ads and does not sell information. If we start going down the $$ road the complexity of running this site goes exponentially
6. for every cockroach you step on there are 4 more
7. Finally, I would love to bust their chops
 

Jlq1969

Well-Known Member
Joined
May 5, 2018
Messages
1,825
Location
Argentina
I wish it was that simple. Couple of points to your idea

1. I would love to bust their chops
2. It would require time. We are unpaid volunteers. we all have other commitments
3. The software the Bot farms use creates bogus info including IPs. The target is elusive
4. Attack requires equipment, software and training we do not have but can obtain with significant $$
5. This forum does not charge, does not sell ads and does not sell information. If we start going down the $$ road the complexity of running this site goes exponentially
6. for every cockroach you step on there are 4 more
7. Finally, I would love to bust their chops
“Maybe”…those multiple IP addresses could be reduced if a verification code were sent to a “cell phone” (via WhatsApp, Telegram, etc.), and that code was entered in the message sent to the email to verify identity and activate the account in the forum…..the attacker may have multiple IPs, multiple emails,…but WhatsApp or Telegram accounts (associated with a cell phone), I think there would be drastically fewer….and it would be easier to “associate” those multiple IPs/ emails/users…with a couple of cell phones…and thus know if the attacker is the same…
.If the hacker did the job well, he will try to use computers where the user usually leaves the WhatsApp sessions open, to be able to read the code verification (the hacker can even send you a cell phone number that is not his, but he has access to WhatsApp chats if the owner of the cell phone number has linked his phone to an “infected” computer… But it reduces the probabilities.
The best thing would be a text message to the cell phone with the verification code (but it is paid)... or the “double code” (two codes sent to two different networks)... which further reduces the probability that someone will use 2 networks (wasap and telegram)...and leave open sessions.
For the safety of the (real) user, when providing the cell phone number, there would be no problem. The risk is the same as providing the email, the vast majority of cell phone numbers are linked to an email, to use this as a backup for the contact book...if a hacker accesses the email, he accesses the contact book phone numbers scheduled on the phone too
I think that is why certain operations use (to corroborate identity) a text message... but it is paid
 

Checkswrecks

Ungenear to broked stuff
Staff member
Global Moderator
2011 Site Supporter
Joined
Mar 7, 2011
Messages
11,559
Location
Damascus, MD
I pass the Fort Meade Puzzle Palace at least 2-3 times a week and bet they have capabilities beyond ours. (ya think?)
Maybe I ought to stop in and ask for a favor.
 

Jlq1969

Well-Known Member
Joined
May 5, 2018
Messages
1,825
Location
Argentina
I pass the Fort Meade Puzzle Palace at least 2-3 times a week and bet they have capabilities beyond ours. (ya think?)
Maybe I ought to stop in and ask for a favor.
that is the “Mall” where every wife would like to go…..with her husband's cell phone:)
 
Top