New wave of brute force dictionary attacks this past weekend

[BoardAdmin]

This time it's our Wordpress blogs, not our forums, that are under attack. We believe we have found a way to reduce the amount of time the server spends responding to these attacks. The hackers are using a botnet of infected blogs to probe the Internet for other blogs to infect. Security specialists say there is really nothing that can stop the attacks. You can only minimize the amount of time your server spends responding to the requests.

I wish I could promise that you'll see 100% uptime in the forums going forward but all predictions coming out of the Web security industry indicate that these attacks will continue and become much worse as more computers are infected. They are using both personal (home/office) computers and Web servers.

The attacks cannot succeed on our server. That is, they cannot log in because of our security. And therefore they cannot infect our server or put your computers at risk through SF Fandom. But they may overload the server from time to time, forcing us to reboot it.

The hackers are also attacking our email services, FTP, and occasionally the forums.

[Nightspore]

Thanks for the information. I have wondered why you've been down occasionally over the past few days.

[Michael]

Well, dictionary attacks have been going on for years but this problem began either in March or in April when a new botnet appeared. These compromised computers are being remotely controlled to attack Website logins on blogs and forums and whatever. The goal seems to be to expand the botnet. Each zombified computer downloads lists of Websites to attack from one or more command-and-control servers, so the problem is expected to get worse.

Working with our Web hosting provider it looks like we may have foiled the botnet for now, but I don't want to proclaim victory in a never-ending war.

[Nightspore]

... but I don't want to proclaim victory in a never-ending war.

Hmmm ... a forever war?

[Michael]

Hmmm ... a forever war?

Something like that. Lately the only real problems seem to come from spambots trying to leave comments on our blogs. They have been knocking the server offline every day for at least a week. We have been working with our hosting provider to figure out a way to disrupt the spambots' activity.

For the time being we have scheduled occasional "downtime" for the server, where you'll encounter connection errors for a few seconds. This is really just a temporary measure that we hope will keep the server running while we work out some better method of dealing with the problem.