PDA

View Full Version : Someone tried to use my account!



hitmonlee
January 14th, 2005, 02:47
not here!

on another forum :mad:


hitmonlee,

Your account on has been locked because someone has tried to log into the account with the wrong password more than 5
times. You will be able to attempt to log in again in another 15 minutes.

The person trying to log into your account had the following IP address: 213.115.111.135


no other users on the forum have ever used that ip.

is there any way to find out what country they are from or what isp they use?

Jale
January 14th, 2005, 03:26
I have traced the IP and this is what I've got:



TraceRoute to 213.115.111.135 [c-876f73d5.06-36-67626717.cust.bredbandsbolaget.se]

Hop(ms)(ms)(ms)
IP AddressHost name 1000
66.98.244.1gphou-66-98-244-1.ev1.net 2000
66.98.241.4gphou-66-98-241-4.ev1.net 3009
66.98.240.7gphou-66-98-240-7.ev1.net 4191
216.200.251.161t289.ge-5-2-0.mpr1.iah1.us.above.net 5141414
64.125.29.69so-4-0-0.mpr1.atl6.us.above.net 6131413
64.125.27.50so-0-0-0.mpr2.atl6.us.above.net 7252544
64.125.29.42so-2-1-0.cr1.dca2.us.above.net 8979797
64.125.31.185so-6-0-0.cr1.lhr3.uk.above.net 9979796
208.184.231.146so-0-0-0.cr2.lhr3.uk.above.net 10103103103
64.125.29.74pos10-0.cr2.ams2.nl.above.net 11103102103
208.184.231.253pos1-0.mpr2.ams1.nl.above.net 12137128128
213.115.111.135c-876f73d5.06-36-67626717.cust.bredbandsbolaget.se Trace complete

onewecallgod
January 14th, 2005, 03:30
there are whois things you can try, although they are never accurate

http://www.whois.sc/213.115.111.135

http://www.melissadata.com/Lookups/iplocation.asp?ipaddress=213.115.111.135&submit=submit

Zach
January 14th, 2005, 04:00
role: Bredbandsbolaget Routing Registry
address: Box 47645
address: 117 94 Stockholm
address: Sweden
e-mail: noc@bredband.com
trouble: *********************************
trouble: Abuse related issues is reported
trouble: to abuse@bredband.com
trouble: phone +46 586 65485
trouble: Abuse issues sent to other e-mail
trouble: adresses will be discarded


Have fun with that.

Lefteris_D
January 14th, 2005, 08:21
You should change the password to that forum to a tougher to guess just in case.

hitmonlee
January 14th, 2005, 08:21
yeah so far today i've had people from sweden, scandinavia and brazil try and hack into my account.

grrr.

just me not the other moderators.

stupid losers need to get a life.

thanks guys :)

edit: lefteris, i change my password all the time and use numbers/letters, we get targetted a lot for some reason. usually arabs.

onewecallgod
January 14th, 2005, 08:30
maybe a screenname change?

Lefteris_D
January 14th, 2005, 08:37
maybe a screenname change?
That wont help much when you deal with trolls.


yeah so far today i've had people from sweden, scandinavia and brazil try and hack into my account.

grrr.

just me not the other moderators.

stupid losers need to get a life.

thanks guys :)
That was the question I was going to ask. Since you are a moderator there it could be a user you banned or moderated using a proxy or somebody that does not like you trying to make you look bad by using your account.

hitmonlee
January 14th, 2005, 08:55
maybe a screenname change?

i'm a mod/admin, if i change my name they'll use my new name or switch to targetting another admin.

lefteris: yeah it might be, but not really any way to tell who.

as long as they can't get in its all good.

Lefteris_D
January 14th, 2005, 09:16
This is what I suggest:

Keep the webmaster informed about security updates(forum software) if he cannot do that on his own.
Change your password often and if possible force the other moderators to do that as well.
Make an addition to the rules if you don't have one that breaking into a user account of an admin or moderator will lead to a permanent ban. Though this is not nessesary it should be good for those idiots to know what they have to look forward to.
Keep a log of the people you or the other mods ban and the reason. I require from all moderators to post at a specific thread who they banned, why and for how long. It also helps when a moderator is asked about a ban he did not place himself.


I'll send you the bill for this lesson later ;)

hitmonlee
January 14th, 2005, 09:24
This is what I suggest:

Keep a log of the people you or the other mods ban and the reason. I require from all moderators to post at a specific thread who they banned, why and for how long. It also helps when a moderator is asked about a ban he did not place himself.


I'll send you the bill for this lesson later ;)

mmm that's a good idea
although we rarely if ever ban users.
in fact all the users we have banned can be put down to 3 crazy people.

speaking of which one of them hasn't been around in a while hmmm

Lefteris_D
January 14th, 2005, 09:35
Just make a sticky thread in the moderator forum(you do have one, right?) and require all the moderators to post a reply each time somebody is banned.

The reply should include a link to the user profile, a link to the thread(if there was one) that the problem occured, the reason for the ban and the duration.

Right now if you ask any moderator here about a ban he will just have a look in that thread and let you know about it.


speaking of which one of them hasn't been around in a while hmmm
You might want to keep that in mind just in case.


Care to post a link to the forum?

montpics
January 14th, 2005, 13:02
Pretty much annoyed for those who tried to do that. Good suggestions from Lefteris_D. ;)

froster1990
January 14th, 2005, 15:04
Well, It doesn't seem like they will have any chance of getting in, because they aren't even using a bot yet which means they're amateurs.

hitmonlee
January 17th, 2005, 04:48
"they" got into one of the user's accounts, however i get the feeling she was being targetted by someone she knew (her password was getfucked).

http://www.teknoscape.com.au/forums/index.php?

Lefteris_D
January 17th, 2005, 08:37
This is nice:
http://www.teknoscape.com.au/forums/showthread.php?t=17795
http://www.teknoscape.com.au/forums/showthread.php?t=17734
I bet it was one of those accounts?

We had such problems with some trolls here but after I banned a few IP ranges it all stopped. That was a few months ago.

You might want to remove or at least store those threads at another less visible location. By having them there you are just feeding the trolls...

Send me a PM that has your MSN. I have some files you may want to have along with a few more private tips.

Robert
January 17th, 2005, 09:16
Both of those threads are over 2 years old. Probably should get deleted.

hitmonlee
January 17th, 2005, 09:31
Both of those threads are over 2 years old. Probably should get deleted.

both those threads were made in the last week, are you on drugs child?

also, don't tell me what should and shouldn't be deleted. i don't see why a 2 year old thread should be deleted?

its a very relaxed forum. we almost never close or delete threads. this is the way we like it, we don't like to overmoderate.

no offence to lefty, but if we ran that forum the way lefty runs this one, we'd all be bashed up. we all know each other irl...

Lefteris_D
January 17th, 2005, 09:48
its a very relaxed forum. we almost never close or delete threads. this is the way we like it, we don't like to overmoderate.

no offence to lefty, but if we ran that forum the way lefty runs this one, we'd all be bashed up. we all know each other irl...

I never said anything about censoring your users or overmoderating but if you really think that's a bad idea then don't do it. It was a simple suggestion. However, keep in mind that feeding the trolls is by far one of the worst things somebody can do.

If you can't do that you can at least tell your users that have Firefox to use this extension (https://addons.update.mozilla.org/extensions/moreinfo.php?application=firefox&version=1.0&os=Windows&id=135).

Edit: Also visit the links I PM'd you.

hitmonlee
January 17th, 2005, 10:06
I never said anything about censoring your users or overmoderating but if you really think that's a bad idea then don't do it. It was a simple suggestion.
nah i know you didn't, my reply was directed at robbert :)



However, keep in mind that feeding the trolls is by far one of the worst things somebody can do.


yep, good point, and you're right.



If you can't do that you can at least tell your users that have Firefox to use this extension (https://addons.update.mozilla.org/extensions/moreinfo.php?application=firefox&version=1.0&os=Windows&id=135).


Edit: Also visit the links I PM'd you.


thanks :)
i'll have a look at the links tomorrow.

Robert
January 17th, 2005, 23:02
both those threads were made in the last week, are you on drugs childMust have been. It won't let me edit my post.


also, don't tell me what should and shouldn't be deleted.Hey I had the word probably in front. It means it's only a suggestion, not an order. You run your forum whatever way you want. You're the one with the hackers.

hitmonlee
January 18th, 2005, 03:47
exterminate! exterminate!

Robert
January 18th, 2005, 04:16
Daleks are the supreme beings in the universe. Eggsterrrrminate!

hitmonlee
January 18th, 2005, 05:40
what's the point in banning ip ranges if they can use an annoymous ip?

what if a genuine user wants to access the forums and they live within a banned ip range? bud luck for them?

Lefteris_D
January 18th, 2005, 08:26
Just keep track of those IP's for a few days and then report them to their ISP. Let their legal department do the rest.


what if a genuine user wants to access the forums and they live within a banned ip range? bud luck for them?
Yeah, that's the bad side.

ScotchGuy
January 18th, 2005, 09:12
Yes, it's a bad side, and it's also an illogical side. This is why only Lefteris would advocate blocking IP ranges.

Lefteris_D
January 18th, 2005, 09:41
A temporary IP ban always helps in keeping away people trying to break into other's accounts. That's one of the main reasons that feature exists, stopping trolls.

It may be illogical to you but it is sometimes the only solution when dealing with those people.

Jale
January 18th, 2005, 13:50
A temporary IP ban always helps in keeping away people trying to break into other's accounts. That's one of the main reasons that feature exists, stopping trolls.

It may be illogical to you but it is sometimes the only solution when dealing with those people.
But what happen to the people that log in on the same computer if they get their IP banned? I know there are different ban ways:

IP, nick and e-mail...

Lefteris_D
January 18th, 2005, 13:59
A quite large emulation forum had bans on both Yahoo and Hotmail a few years ago. That forced new users to use their ISP email or seek another free email provider.

Jale
January 18th, 2005, 14:08
Funny, If I ban people on my forum (thing I haven't done yet :)) I lock them by it's username or nick (whatever).

montpics
January 18th, 2005, 14:11
A quite large emulation forum had bans on both Yahoo and Hotmail a few years ago. That forced new users to use their ISP email or seek another free email provider.
That's why I couldn't get in those forums. :)
But I tried to use the other free-email provider and registered in those forum. That's didn't work as I still haven't receive any validation from the Admin.... :huh:

froster1990
January 18th, 2005, 14:16
I don't see why people try to get in, don't they realize they'll just be getting there IP banned? Like it's kind of annoying if i'm playing Starcraft and some kid who wined when I beat him, calling me a hacker, and he set up a bot and kept trying to log in on my account. I'd wake up in the morning and find over 5000 failed log ins. He fought me with my own account and I still beat him, it doesn't change.

Anyhow, why do they like being so god D*m annoying.

Lefteris_D
January 18th, 2005, 14:41
That's why we call those people trolls froster1990. They want to entertain themselved by bugging people and causing damage. Sometimes it is even people that wish to retaliate against a forum after a ban.

froster1990
January 18th, 2005, 14:50
Then I guess they don't realize that it was there own fault that they got themselves banned? Pretty stupid if you ask me.

montpics
January 19th, 2005, 11:29
Big body with a tiny brain..... as you said. :cool: