Science Fiction and Fantasy Community Forums
New wave of brute force dictionary attacks this past weekend - Printable Version

+- Science Fiction and Fantasy Community Forums (https://forums.sf-fandom.com)
+-- Forum: SF-Fandom and Xenite.Org Network (https://forums.sf-fandom.com/forum-42.html)
+--- Forum: Forum Feedback and Issues (https://forums.sf-fandom.com/forum-29.html)
+--- Thread: New wave of brute force dictionary attacks this past weekend (/thread-32568.html)



New wave of brute force dictionary attacks this past weekend - BoardAdmin - October 2nd, 2013

This time it's our Wordpress blogs, not our forums, that are under attack. We believe we have found a way to reduce the amount of time the server spends responding to these attacks. The hackers are using a botnet of infected blogs to probe the Internet for other blogs to infect. Security specialists say there is really nothing that can stop the attacks. You can only minimize the amount of time your server spends responding to the requests.

I wish I could promise that you'll see 100% uptime in the forums going forward but all predictions coming out of the Web security industry indicate that these attacks will continue and become much worse as more computers are infected. They are using both personal (home/office) computers and Web servers.

The attacks cannot succeed on our server. That is, they cannot log in because of our security. And therefore they cannot infect our server or put your computers at risk through SF Fandom. But they may overload the server from time to time, forcing us to reboot it.

The hackers are also attacking our email services, FTP, and occasionally the forums.


New wave of brute force dictionary attacks this past weekend - Nightspore - October 2nd, 2013

Thanks for the information. I have wondered why you've been down occasionally over the past few days.


New wave of brute force dictionary attacks this past weekend - Michael - October 6th, 2013

Well, dictionary attacks have been going on for years but this problem began either in March or in April when a new botnet appeared. These compromised computers are being remotely controlled to attack Website logins on blogs and forums and whatever. The goal seems to be to expand the botnet. Each zombified computer downloads lists of Websites to attack from one or more command-and-control servers, so the problem is expected to get worse.

Working with our Web hosting provider it looks like we may have foiled the botnet for now, but I don't want to proclaim victory in a never-ending war.


New wave of brute force dictionary attacks this past weekend - Nightspore - October 6th, 2013

Michael Wrote:... but I don't want to proclaim victory in a never-ending war.

Hmmm ... a forever war?


New wave of brute force dictionary attacks this past weekend - Michael - October 21st, 2013

Nightspore Wrote:Hmmm ... a forever war?

Something like that. Lately the only real problems seem to come from spambots trying to leave comments on our blogs. They have been knocking the server offline every day for at least a week. We have been working with our hosting provider to figure out a way to disrupt the spambots' activity.

For the time being we have scheduled occasional "downtime" for the server, where you'll encounter connection errors for a few seconds. This is really just a temporary measure that we hope will keep the server running while we work out some better method of dealing with the problem.