Did Eileen's Lounge Experience a DOS Attack Yesterday?

User avatar
HansV
Administrator
Posts: 79443
Joined: 16 Jan 2010, 00:14
Status: Microsoft MVP
Location: Wageningen, The Netherlands

Re: Did Eileen's Lounge Experience a DOS Attack Yesterday?

Post by HansV »

@ChrisGreaves: you or a bot can continue trying to log in of course, but that won't accomplish anything since the account is locked after 3 failed attempts.
Best wishes,
Hans

User avatar
Skitterbug
BronzeLounger
Posts: 1296
Joined: 24 Jan 2010, 12:14
Location: Sitting in my computer chair!

Re: Did Eileen's Lounge Experience a DOS Attack Yesterday?

Post by Skitterbug »

HansV wrote:
06 Sep 2024, 14:23
@Skitterbug: When you are locked out, you have to request a reactivation email. You then have to provide the email address you used to register with. If this matches the email address in our database, a message will be sent to that address.
Whew! Good to know that the key to the "door" is where I can get it!
Obviously, I am 'trying' to add a little humor to this situation, but realize that for Eileen's website, it is serious. Here's hoping that the "fly spray" works! :smile:
Skitterbug :coffeetime:
A cup of coffee shared with a friend is happiness tasted and time well spent.

User avatar
HansV
Administrator
Posts: 79443
Joined: 16 Jan 2010, 00:14
Status: Microsoft MVP
Location: Wageningen, The Netherlands

Re: Did Eileen's Lounge Experience a DOS Attack Yesterday?

Post by HansV »

:coffeetime:
Best wishes,
Hans

User avatar
BobH
UraniumLounger
Posts: 9534
Joined: 13 Feb 2010, 01:27
Location: Deep in the Heart of Texas

Re: Did Eileen's Lounge Experience a DOS Attack Yesterday?

Post by BobH »

HansV wrote:
06 Sep 2024, 14:23
@Skitterbug: When you are locked out, you have to request a reactivation email. You then have to provide the email address you used to register with. If this matches the email address in our database, a message will be sent to that address.
While I can see the need to authenticate the credentials of anyone who is trying to re-establish themselves as a valid user after having been locked out, for whatever reason, I question requiring the email address used when registering.

There are 3 problems to come to mind without giving it much thought:
1) users might not recall the email address they used to register; I certainly don't remember what I used.
2) users might not have access to the email address they used to register, eg, I have changed ISP and once used only email addresses that contained the domain name (the part after the at sign, @). I no longer can receive email at the address containing the old ISP domain identifier; ergo I could not respond to an email sent to confirm my identity.
3) users might need other means to re-establish bona fides

There probably are other issues that might arise.
Bob's yer Uncle
(1/2)(1+√5)
Dell Intel Core i5 Laptop, 3570K,1.60 GHz, 8 GB RAM, Windows 11 64-bit, LibreOffice,and other bits and bobs

User avatar
RonH
SilverLounger
Posts: 2182
Joined: 02 Mar 2010, 16:53
Location: An Aussie in Norway

Re: Did Eileen's Lounge Experience a DOS Attack Yesterday?

Post by RonH »

If one really gets `stuck' Bob, then perhaps the easy solution is to register a new account from your working email etc. Then you can communicate with Admin and resolve best practice.
CYa Ron
W11 pc, Android toys.
The only reason we have the 4th dimension of Time is so that everything does not happen at once.

User avatar
BobH
UraniumLounger
Posts: 9534
Joined: 13 Feb 2010, 01:27
Location: Deep in the Heart of Texas

Re: Did Eileen's Lounge Experience a DOS Attack Yesterday?

Post by BobH »

ChrisGreaves wrote:
06 Sep 2024, 10:12
Leif wrote:
06 Sep 2024, 09:05
Blocking ranges of IP addresses does help, it can just be a bit difficult to log in and actually see who is online sometimes!
. . .

It seems to me to be like my telephone spam calls: I lead a solo life here in the 709-area code and anticipate unsolicited calls from nowhere else in the world: people email me for the rare event of arranging to speak by phone from Tooronto, Australia, France etc.(1) To that end I have been looking for a blocker that allows ONLY 709-area codes to ruing my phone; anyone else can leave a message and I'll call them back. . . .
I dislike, one might say despise, receiving spam telephone calls and text messages. I have my iPhone set to put all calls from sources not identified in my contacts list through to voice mail. That seems to dispose of the greatest number of them as robo-dialers mostly don't deal with voice mail well. You might find a similar feature on your phone, Mr. G.

I haven't found a method to dispose of unwanted texts that works as effectively. Spammers are turning to using text messages more and more, IME.

If you block all calls from other area codes, Chris, I wouldn't be able to reach out and ruin your day. :flee:

An aside:
I regularly and routinely delete messages and call history from my phone. I don't like the idea of anyone who gets hold of it seeing my personal activities. In the US, police are known to take control of one's smart phone and immediately seek to find reasons they deem nefarious to use the information to your disfavor. While I realize that is a matter of the US not regulating its LEOs adequately and providing qualified immunity to an extent I beleive to be displaced, I don't want to make a beat cop's life any easier. Sure, if they want to investigate my call history they can order a call detail report from the service provider, but that is not something a beat cop will do.

Don't misunderstand me. I do not disobey the law; I am not a nefarious character. I am, however, a person who values personal privacy to a very great extent. The 4th amendment to the US Constitution prevents government authorities from unwarranted searches and seizures - which examining cell phone history certainly is, IMO - and they are prevented from stop-and-ID practices without evidence or at least reasonable articulable suspicion that one has or is about to commit a crime. I know that there is case law that addresses the latter, but IDK if there is case law that addresses the former. I wish 4A also prevented non-government entities from unjustified stop-and-ID practices.

Am I alone in this practice of trying to keep one's smart phone usage from public view?
Last edited by BobH on 06 Sep 2024, 17:06, edited 1 time in total.
Bob's yer Uncle
(1/2)(1+√5)
Dell Intel Core i5 Laptop, 3570K,1.60 GHz, 8 GB RAM, Windows 11 64-bit, LibreOffice,and other bits and bobs

User avatar
BobH
UraniumLounger
Posts: 9534
Joined: 13 Feb 2010, 01:27
Location: Deep in the Heart of Texas

Re: Did Eileen's Lounge Experience a DOS Attack Yesterday?

Post by BobH »

RonH wrote:
06 Sep 2024, 16:54
If one really gets `stuck' Bob, then perhaps the easy solution is to register a new account from your working email etc. Then you can communicate with Admin and resolve best practice.
I have done that very thing, in the past, Ron. Once, while hospitalized, I had only an iPad for web browsing. It did not have any of my credential validation information on it. I rely on password wallet software in order to use very complex, strong passwords and to prevent using the same one for more than one purpose. The password wallet was not on the iPad. I switched over to Roboform because it is a) multiplatform capable, and b) uses encryped cloud-based storage instead of local storage of credentials.
Bob's yer Uncle
(1/2)(1+√5)
Dell Intel Core i5 Laptop, 3570K,1.60 GHz, 8 GB RAM, Windows 11 64-bit, LibreOffice,and other bits and bobs

User avatar
HansV
Administrator
Posts: 79443
Joined: 16 Jan 2010, 00:14
Status: Microsoft MVP
Location: Wageningen, The Netherlands

Re: Did Eileen's Lounge Experience a DOS Attack Yesterday?

Post by HansV »

I simplified a bit: you have to provide the email address the Lounge currently has of you.
If you changed your email address in your account settings (Edit account settings), the new address is the one you should enter.
Best wishes,
Hans

User avatar
Skitterbug
BronzeLounger
Posts: 1296
Joined: 24 Jan 2010, 12:14
Location: Sitting in my computer chair!

Re: Did Eileen's Lounge Experience a DOS Attack Yesterday?

Post by Skitterbug »

I know that Eileen's is a great source of information but what do the bots gain by attacking this website? What makes it so appealing to someone to keep "hitting" this site?
Skitterbug :coffeetime:
A cup of coffee shared with a friend is happiness tasted and time well spent.

User avatar
HansV
Administrator
Posts: 79443
Joined: 16 Jan 2010, 00:14
Status: Microsoft MVP
Location: Wageningen, The Netherlands

Re: Did Eileen's Lounge Experience a DOS Attack Yesterday?

Post by HansV »

It may not be intentional. A bot such as Google visits a web page a few times a day, but a badly programmed bot might try loading the same page each second or so.
Best wishes,
Hans