Did Eileen's Lounge Experience a DOS Attack Yesterday?
-
- UraniumLounger
- Posts: 9534
- Joined: 13 Feb 2010, 01:27
- Location: Deep in the Heart of Texas
Did Eileen's Lounge Experience a DOS Attack Yesterday?
I know that someone else mentioned having problems logging in a few days ago. I was unable to log in all day yesterday.
I'd like to know if the problem was mine alone or affected all EL users.
I'd like to know if the problem was mine alone or affected all EL users.
Bob's yer Uncle
Dell Intel Core i5 Laptop, 3570K,1.60 GHz, 8 GB RAM, Windows 11 64-bit, LibreOffice,and other bits and bobs
(1/2)(1+√5) |
-
- Administrator
- Posts: 79444
- Joined: 16 Jan 2010, 00:14
- Status: Microsoft MVP
- Location: Wageningen, The Netherlands
Re: Did Eileen's Lounge Experience a DOS Attack Yesterday?
(Moved from Scuttlebutt to Lounge Matters)
We did experience prolonged problems starting on the 1st of September. We're not 100% certain, but it was probably caused by large numbers of bots trying to access the Lounge and to log in.
Things are more or less back to normal, although the Lounge still appears to respond a bit slower than usual to me.
We did experience prolonged problems starting on the 1st of September. We're not 100% certain, but it was probably caused by large numbers of bots trying to access the Lounge and to log in.
Things are more or less back to normal, although the Lounge still appears to respond a bit slower than usual to me.
Best wishes,
Hans
Hans
-
- BronzeLounger
- Posts: 1296
- Joined: 24 Jan 2010, 12:14
- Location: Sitting in my computer chair!
Re: Did Eileen's Lounge Experience a DOS Attack Yesterday?
Hi HansV,
I'm sure glad to be able to access Eileen's Lounge finally. I hope those "bots" were swatted soundly! It was frustrating running into log in problems, so I decided to wait for a few days before trying again.
Finally..... it is nice to be home again! Thanks for mending the glitches!
I'm sure glad to be able to access Eileen's Lounge finally. I hope those "bots" were swatted soundly! It was frustrating running into log in problems, so I decided to wait for a few days before trying again.
Finally..... it is nice to be home again! Thanks for mending the glitches!
Skitterbug
A cup of coffee shared with a friend is happiness tasted and time well spent.
A cup of coffee shared with a friend is happiness tasted and time well spent.
-
- SilverLounger
- Posts: 2182
- Joined: 02 Mar 2010, 16:53
- Location: An Aussie in Norway
Re: Did Eileen's Lounge Experience a DOS Attack Yesterday?
Early start today when I noticed that most of the users online were bots. I don't know whether one can block bots
CYa Ron
W11 pc, Android toys.
The only reason we have the 4th dimension of Time is so that everything does not happen at once.
W11 pc, Android toys.
The only reason we have the 4th dimension of Time is so that everything does not happen at once.
-
- Administrator
- Posts: 79444
- Joined: 16 Jan 2010, 00:14
- Status: Microsoft MVP
- Location: Wageningen, The Netherlands
Re: Did Eileen's Lounge Experience a DOS Attack Yesterday?
The ones listed as Bots are relatively harmless. The ones that do not identify themselves as bots and that do not follow the rules for bots are the problem.
Best wishes,
Hans
Hans
-
- PlatinumLounger
- Posts: 5500
- Joined: 24 Jan 2010, 08:33
- Location: A cathedral city in England
Re: Did Eileen's Lounge Experience a DOS Attack Yesterday?
The Lounge is suffering from botulism...!
John Gray
"Tigers are the ones who look like an orange barcode with teeth." - Philomena Cunk
"Tigers are the ones who look like an orange barcode with teeth." - Philomena Cunk
-
- UraniumLounger
- Posts: 9534
- Joined: 13 Feb 2010, 01:27
- Location: Deep in the Heart of Texas
Re: Did Eileen's Lounge Experience a DOS Attack Yesterday?
Skitterbug, I too am glad to the home again.
Bob's yer Uncle
Dell Intel Core i5 Laptop, 3570K,1.60 GHz, 8 GB RAM, Windows 11 64-bit, LibreOffice,and other bits and bobs
(1/2)(1+√5) |
-
- StarLounger
- Posts: 81
- Joined: 08 Feb 2010, 21:48
- Location: Wellington, New Zealand
Re: Did Eileen's Lounge Experience a DOS Attack Yesterday?
Fear not, good folk from the north. Some of us are used to having only bots for company here in the lounge. They seem to be friendly critters most of the time.
You do not have the required permissions to view the files attached to this post.
-
- Panoramic Lounger
- Posts: 8434
- Joined: 25 Jan 2010, 09:09
- Location: retirement
Re: Did Eileen's Lounge Experience a DOS Attack Yesterday?
but as Hans pointed out it's not the 10 bots that identified as bots in the screenshot that caused the problems, it's the bots that are amongst the '55 guests' in your screenshot that caused the server overload.
Ken
-
- Administrator
- Posts: 79444
- Joined: 16 Jan 2010, 00:14
- Status: Microsoft MVP
- Location: Wageningen, The Netherlands
Re: Did Eileen's Lounge Experience a DOS Attack Yesterday?
Indeed - the 'registered' bots make themselves known as such, and adhere to the rules for bots, for example limiting the number of pages they scan per hour. But the majority of guests visiting us are anonymous bots that sometimes submit many page requests per second, from many different IP addresses.
Best wishes,
Hans
Hans
-
- SilverLounger
- Posts: 2182
- Joined: 02 Mar 2010, 16:53
- Location: An Aussie in Norway
Re: Did Eileen's Lounge Experience a DOS Attack Yesterday?
Are there 'ways' to block bots or is this another sign of a complex future...
CYa Ron
W11 pc, Android toys.
The only reason we have the 4th dimension of Time is so that everything does not happen at once.
W11 pc, Android toys.
The only reason we have the 4th dimension of Time is so that everything does not happen at once.
-
- Administrator
- Posts: 7282
- Joined: 15 Jan 2010, 22:52
- Location: Middle of England
Re: Did Eileen's Lounge Experience a DOS Attack Yesterday?
Blocking ranges of IP addresses does help, it can just be a bit difficult to log in and actually see who is online sometimes!
(Admins can see the IP addresses of everyone online.)
(Admins can see the IP addresses of everyone online.)
Leif
-
- PlutoniumLounger
- Posts: 16212
- Joined: 24 Jan 2010, 23:23
- Location: brings.slot.perky
Re: Did Eileen's Lounge Experience a DOS Attack Yesterday?
Hi Leif et al.
I am interested in the logic of this problem. It seems to me to be like my telephone spam calls: I lead a solo life here in the 709-area code and anticipate unsolicited calls from nowhere else in the world: people email me for the rare event of arranging to speak by phone from Tooronto, Australia, France etc.(1) To that end I have been looking for a blocker that allows ONLY 709-area codes to ruing my phone; anyone else can leave a message and I'll call them back.
phpBBS and allied software is different, I grant, but supposing that a front-end filter permitted recognition of:-
(a) All properly configured bots and
(b) All registered users
then would/what would be shut out?
(c) New users hoping to register
(d) New users hoping to lurk/browse to see what we are made of
(e) The illegal bots which cause problems?
I think that identifying illegal/unwanted entities is a critical part of the solution, and so subtracting legal entities from the mix leaves us with the remainder - that is, illegal entities.
You (all) are aware that I know nothing about running a phpBBS, but my mind runs along with "legal new users would accept a Captcha-like delay to verify that they are human".
Thanks; I don't need a detailed description of what the front-end data looks like, and having just checked a list of Administrators i see that you are all brighter than me, so I reason that you-all have probably kicked this idea around a bit.
I'm basing my logic on the idea that you/we don't have a problem with Registered Users logging in, so they are not part of the problem. What's left?
Thanks again, Chris
(1)One of the rare advantages of being 1.5+ hours out of step with the rest of North America and being not-quite-twelve hours away from The Eastern States of Australia. C
The brain is a three-pound mass you can hold in your hand that can conceive of a universe a hundred billion light-years across (Marian C. Diamond)
-
- Administrator
- Posts: 79444
- Joined: 16 Jan 2010, 00:14
- Status: Microsoft MVP
- Location: Wageningen, The Netherlands
Re: Did Eileen's Lounge Experience a DOS Attack Yesterday?
We do use a captcha for registering new users. This works well for preventing bots from registering a normal user (who can post).
But anyone with a browser can visit eileenslounge.com, and malicious/careless bots can do that thousands of times in quick succession.
But anyone with a browser can visit eileenslounge.com, and malicious/careless bots can do that thousands of times in quick succession.
Best wishes,
Hans
Hans
-
- Panoramic Lounger
- Posts: 8434
- Joined: 25 Jan 2010, 09:09
- Location: retirement
Re: Did Eileen's Lounge Experience a DOS Attack Yesterday?
Presumably such bots can also collect user names, since they are public, and then try to login as a user by bombarding the login page with multiple attempts at the password?
If so, does phpBB have an option to require users to login using the email address they registered with? Since that isn't public.
Ken
If so, does phpBB have an option to require users to login using the email address they registered with? Since that isn't public.
Ken
-
- Administrator
- Posts: 79444
- Joined: 16 Jan 2010, 00:14
- Status: Microsoft MVP
- Location: Wageningen, The Netherlands
Re: Did Eileen's Lounge Experience a DOS Attack Yesterday?
No, but you get locked out after 3 failed attempts.
Best wishes,
Hans
Hans
-
- PlutoniumLounger
- Posts: 16212
- Joined: 24 Jan 2010, 23:23
- Location: brings.slot.perky
Re: Did Eileen's Lounge Experience a DOS Attack Yesterday?
Thank you Hans.
A bot that could register could then ferret out any data that I as a registered user could ferret out, but could do so much faster per hour, and do it 24/7, correct?
Such a bot could be written in VBA using free software if any registered user was as evil as I sometimes pretend to be, correct?But anyone with a browser can visit eileenslounge.com, and malicious/careless bots can do that thousands of times in quick succession.
That is, the only difference between a malicious bot and a malicious registered user operating a bot is that registration. Correct?
If chrisgreaves decided to scour Eileen's Lounge, and phpBB detected rapid-fire data access, phpBB might then suppose that
Either chrisgreaves (or a registered user logged on) was guilty
Or one of the un-identified bots was guilty.
Correct?
Thanks again, Chris
The brain is a three-pound mass you can hold in your hand that can conceive of a universe a hundred billion light-years across (Marian C. Diamond)
-
- PlutoniumLounger
- Posts: 16212
- Joined: 24 Jan 2010, 23:23
- Location: brings.slot.perky
Re: Did Eileen's Lounge Experience a DOS Attack Yesterday?
But this 3-attempt lockout can not affect the malicious bots, Correct?
Thanks, Chris
The brain is a three-pound mass you can hold in your hand that can conceive of a universe a hundred billion light-years across (Marian C. Diamond)
-
- BronzeLounger
- Posts: 1296
- Joined: 24 Jan 2010, 12:14
- Location: Sitting in my computer chair!
Re: Did Eileen's Lounge Experience a DOS Attack Yesterday?
So if somehow someone decided to try and log in as "me" and can't after three tries, I am guessing that the "real me" is now locked out? How do I ever get to return "home" again???
Skitterbug
A cup of coffee shared with a friend is happiness tasted and time well spent.
A cup of coffee shared with a friend is happiness tasted and time well spent.
-
- Administrator
- Posts: 79444
- Joined: 16 Jan 2010, 00:14
- Status: Microsoft MVP
- Location: Wageningen, The Netherlands
Re: Did Eileen's Lounge Experience a DOS Attack Yesterday?
@Skitterbug: When you are locked out, you have to request a reactivation email. You then have to provide the email address you used to register with. If this matches the email address in our database, a message will be sent to that address.
Best wishes,
Hans
Hans