User Tag List

Thanks useful information Thanks useful information:  36
Page 1 of 2 12 LastLast
Results 1 to 20 of 22

Thread: Ausphotography is experiencing an attempted Brute Force attack

  1. #1
    Administrator ricktas's Avatar
    Join Date
    24 Jun 2007
    Location
    Hobart
    Posts
    15,138
    Mentioned
    8 Post(s)
    Tagged
    1 Thread(s)

    Ausphotography is experiencing an attempted Brute Force attack

    Hi everyone,

    Ausphotography's website is currently experiencing a Brute Force attack as hackers try and gain access to the back-end of the site. I am in contact with the hosting company and they are working with us to ensure the site remains online and the hackers are kept out.

    However, they have managed to compromise my email address, and use it to distribute spam. This has been rectified with me changing the password on my email account, in the last few minutes, but they are still trying to use the email account at this time. I wish to advise that by getting into my email they did not get any members details, and it appears all they wanted was the email account to use it to send spam out randomly to an email list not associated with AP members emails, in any way.

    Access to the back-end of the site is intermittent at present as the attack continues. The message we get when we try and access is : Brute Force Protection. This account is currently locked out because a brute force attempt was detected. Please wait a few minutes and try again :

    I would like to re-assure members that none of their personal data on the site has been compromised in any way, and we will continue to work with the hosting company to ensure the site and everything on it, remains protected.

    Kym and I will discuss and work on this, with the hosting company, throughout the day, and we will take any necessary action to ensure the site, and member information is not compromised.
    Last edited by ricktas; 25-10-2011 at 5:40am.
    "It is one thing to make a picture of what a person looks like, it is another thing to make a portrait of who they are" - Paul Caponigro

    Constructive Critique of my photographs is always appreciated
    Nikon, etc!

    RICK
    My Photography

  2. #2
    Ausphotography Regular rene52's Avatar
    Join Date
    18 Nov 2009
    Location
    Benalla
    Posts
    1,008
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    Good luck guys. I am confident that all is being looked after for us.

  3. #3
    Member
    Join Date
    12 Feb 2008
    Location
    Brisbane
    Posts
    7,837
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    bastards
    Darren
    Gear : Nikon Goodness
    Website : http://www.peakactionimages.com
    Please support Precious Hearts
    Constructive Critique of my images always appreciated

  4. #4
    Account Closed
    Join Date
    03 Mar 2010
    Location
    Townsville
    Posts
    889
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    Man the trenches !

    And don't shoot till you see the whites of their eyes !

  5. #5
    It's all about the Light!
    Tech Admin
    Kym's Avatar
    Join Date
    15 Jun 2008
    Location
    Modbury, Adelaide
    Posts
    9,633
    Mentioned
    10 Post(s)
    Tagged
    0 Thread(s)
    All appears to be well now.
    There will be a brief outage this evening as I change ALL the back-end database and system passwords (which we do every few months as part of system maintenance).

    Please ensure you have a strong or very strong password (mixed upper and lower case letters, at least one digit and one special character for at least 8 characters in length) on your AP (and other web) accounts.

    Eg:
    Very weak password: horses
    Weak password: 20Horses
    Strong password: 2#H0rS3s
    Very strong password: C{85Zq[&7)H6\6$

    See: http://strongpasswordgenerator.com/
    Last edited by Kym; 25-10-2011 at 10:46am.
    regards, Kym Gallery Honest & Direct Constructive Critique Appreciated! ©
    Digital & film, Bits of glass covering 10mm to 500mm, and other stuff



  6. #6
    Who me? dbax's Avatar
    Join Date
    02 Sep 2007
    Location
    Tweed Heads
    Posts
    2,749
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    To change your password, look at the top right , click settings, then on the left hand side scroll down to My Settings> My account > edit email and password.
    I know cause I had to look for it to change mine
    Cheers David.

    Canon 40D/EF-S 17-85 mm IS/Kenko Extenson Tubes/Canon EF 50mm F/1.8 II (nifty fifty)
    Sigma 10-20mm 4-5.6 /Sigma 70-200/ Sigma 1.4 teleconverter/ some Conkin filters | Adobe Photoshop CS6



  7. #7
    Administrator
    Threadstarter
    ricktas's Avatar
    Join Date
    24 Jun 2007
    Location
    Hobart
    Posts
    15,138
    Mentioned
    8 Post(s)
    Tagged
    1 Thread(s)
    for added info, my email password was different to all my other passwords on the site/and other sites. So by getting that, they did not get access to anything else. I maintain different passwords for this very reason.

  8. #8
    Sunrise Chaser
    Join Date
    10 Jul 2010
    Location
    Gold Coast
    Posts
    6,346
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    So if they crack your Password, They get your email Address and get access to the site ? Is that the problem , Or is there other damage they can do ?
    Canon : 30D, and sometimes the 5D mkIII , Sigma 10-20, 50mm 1.8, Canon 24-105 f4 L , On loan Sigma 120-400 DG and Canon 17 - 40 f4 L , Cokin Filters




  9. #9
    It's all about the Light!
    Tech Admin
    Kym's Avatar
    Join Date
    15 Jun 2008
    Location
    Modbury, Adelaide
    Posts
    9,633
    Mentioned
    10 Post(s)
    Tagged
    0 Thread(s)
    @Bill: The main issue is using your email for spamming.
    In this case it was Rick site (server) email not his AP account email.

  10. #10
    Administrator
    Threadstarter
    ricktas's Avatar
    Join Date
    24 Jun 2007
    Location
    Hobart
    Posts
    15,138
    Mentioned
    8 Post(s)
    Tagged
    1 Thread(s)
    Quote Originally Posted by William View Post
    So if they crack your Password, They get your email Address and get access to the site ? Is that the problem , Or is there other damage they can do ?
    they cracked the password to my email, thus they can then use that email address, which they did, for spam. However a brute force attack is designed to try huge volumes of passwords. If they got access to the site back-end, they would have access directly to all the databases and the information within them, and they could if they felt like it, gather up all that information, for use, or they could delete the entire site. So depending on reason behind attack as to what result would be. But from the fact they got my email and used it, seems like basically a spam attack purpose, rather than a malicious (lets destroy the site) type attack. To use a brute force attack and get all the site passwords/logins etc, is supposed to take years of continuous attack, based on the number of bits the site security uses, and current methods of running an attack to get those logins and passwords.

  11. #11
    Sunrise Chaser
    Join Date
    10 Jul 2010
    Location
    Gold Coast
    Posts
    6,346
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    Ahh !! Now I get it , My email comes through a Family Server , Last week I noticed I had some emails from the family member who set it up , They came through as spam, I did'nt open them, But did contact him , He had the same problem, They pinched his Address and were sending spam and trying to get you to click on a link !! Same like you Rick, They only got his address

  12. #12
    It's all about the Light!
    Tech Admin
    Kym's Avatar
    Join Date
    15 Jun 2008
    Location
    Modbury, Adelaide
    Posts
    9,633
    Mentioned
    10 Post(s)
    Tagged
    0 Thread(s)
    FWI - AP has anti brute force attack technology in place.
    The most obvious is that if you fail to login after 5 attempts you are locked out for 15 minutes.
    The server back-end also has similar mechanisms.

  13. #13
    Ausphotography irregular Mark L's Avatar
    Join Date
    21 Nov 2010
    Location
    magical Mudgee
    Posts
    16,431
    Mentioned
    22 Post(s)
    Tagged
    0 Thread(s)
    Quote Originally Posted by kiwi View Post
    bastards
    "Enjoy what you can do rather than being frustrated at what you can't." bobt
    60D, Canon 28-105, Sigma 150-600S, Sigma 120-400, a speedlite, a tripod, a monopod, a remote release and a padded bag to carry things in.

  14. #14
    Ausphotography Addict geoffsta's Avatar
    Join Date
    07 May 2010
    Location
    Bruthen, East Gippsland
    Posts
    4,606
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    Playing up now. Getting "forbidden Access" pages now.
    Geoff
    Honesty is best policy.
    CC is always welcome
    Nikon D3000 ... Nikon D90... Nikon D700 Various lenses, Home studio equipment and all the associated stuff
    Flickr

  15. #15
    Sunrise Chaser
    Join Date
    10 Jul 2010
    Location
    Gold Coast
    Posts
    6,346
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    Did we get hacked
    Attached Images Attached Images

  16. #16
    Administrator
    Threadstarter
    ricktas's Avatar
    Join Date
    24 Jun 2007
    Location
    Hobart
    Posts
    15,138
    Mentioned
    8 Post(s)
    Tagged
    1 Thread(s)
    Nah, we shut the site down as per Kym's post above, and changed all the back-end passwords etc, just in case

  17. #17
    Member Kaktus's Avatar
    Join Date
    31 Jan 2011
    Location
    Sunshine Coast
    Posts
    154
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    Got the 'Forbidden ... ' response around 17:40 while browsing threads in What's New.

  18. #18
    It's all about the Light!
    Tech Admin
    Kym's Avatar
    Join Date
    15 Jun 2008
    Location
    Modbury, Adelaide
    Posts
    9,633
    Mentioned
    10 Post(s)
    Tagged
    0 Thread(s)
    Fixed. Somehow the changing of the back-end root and other site passwords needed a restart of Apache httpd to flush things.

    The joys of sysadmin

  19. #19
    Sunrise Chaser
    Join Date
    10 Jul 2010
    Location
    Gold Coast
    Posts
    6,346
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    Looks enough to have a relaxing drink Kym, Well done mate

  20. #20
    Ausphotography Addict geoffsta's Avatar
    Join Date
    07 May 2010
    Location
    Bruthen, East Gippsland
    Posts
    4,606
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    Phew... Thank god for that.

Page 1 of 2 12 LastLast

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •