Abby, go to the Advanced Group Search option of the Google Groups website at http://groups.google.com/ (formerly known as Deja News) & do a search on the term abbywinters, you'll get an idea of what you're up against.

Damn! I had not thought of that! All the requests are in alt.sex.passwords. I remember looking at that group when I first started, and thinking to myself, gee, that could cause trouble.

I have posted a plea to the group asking that ppl please become paying members of the site. I don't imagine it's going to make one whit of difference, but I have to do something!

I have software installed ont he server that bans usernames when people from more the n of IP's tries to log in, so I know when it's happenning, but it's still bad.

Thanks for the tip off.

abby

Is there a way to setup the password checker to log if an IP tries an incorrect password (Or series of incorrect passwords) more that 3 times - That would be good for all those programs that chuck random passwords and usernames at the site.

How about (And yes, this is bloody annoying) you have a sub-section under the password entry, that askes you for a 2nd password - And you could sent that out via e-mail to the subscribers every week / month... It's a hassle, and it might not appeal to everyone, but it would stop those people who got "that username and password" last time from using it again this week / month. If you see what I mean!

Force it so that you can only use three different IP address to log on - For example. Any other IP address, and you're locked out??? As most people only use one log-on (Except stupid me!) then that should not cause much of a problem?

If I think of anything else, I'll give you a shout.

Good idea Nightstar, I don't think a second password would be particularly inconvenient to genuine users like ourselves.

Hi guys

Yup, what you describe is what the app I am using, Pennywize (www.pennywize.com) does. More than three IP's try to log in using the same user:passwd combination, and that account is banned for 24 hours (and I am sent an email). That usually happens with account with dumb passwords, like "dog", or "sex", and stuff. So, I just change the passwd, and email the user.

The problem comes when those apps that throw l:p's at my server, and they spoof their IP's. Their IP address is all I can ban - if they are spoofing it, there's nothing I can do. My server admin guy is working in it, however.

The whole second password thing, yeah, I have thought of things like that. Unfortunately, CCBill cannot help me at all (same way they say they cannot let me choose passwords for users, so whatever dumb thing they choose, I have to stick with).

I am considering integrating it after the CCBill stuff, it it keeps being a problem, tho.

Thanks for the ideas - keep them coming!

abby

The part where you have to click on "ENTER" - Does that have to stay on the same page? What I mean to say is, change the page (Which cannot be seen from the front page) where you have to log in, and e-mail the users of the direct link - This can change on a weekly/monthly basis, so unless you have had the/an e-mail, you cannot log on!!! Not a great help, but it's something.

I don't know much about spoofing - But what I meant was to log the EXACT IP of the proper user, and a couple s/he wants to use - Any other IP that logs in using "X" username and "Y" password must not be the proper owner of them...

IP Addresses don't work like that. They're usually Dynamic, that means there's a certain range that your ISP uses and each time a user logs in, they get one of that range. Unless you have a particular kind of set up that assigns a fixed IP. So unfortunately that idea just doesn't work.

Shifting the Enter page wouldn't do anything either, as, for one thing, CCBill needs to know where that enter page is for all their bits to work. Changing it constantly would just drive everyone nutty.

Is there a way to log what times user "X" accesses this site? If at the end of the week the user is e-mailed a timesheet of what times s/he has been on, the user could probably tell if "they" have accessed AbbyWinters at a time where they could not - i.e. Somebody else using their username and password.

I'm not sure how this would be done, or even if people would want it done - But it's not as if we are a dodgy newsgroup - We all know why we are here! Although some users may take a look at themselves when they realise that 23 out of 24 hours is spent here! http://www.abbywinters.com/discus/clipart/happy.gif

I can see where you're coming from, but the problem really lies on the scale. We're not talking about one or two sneaky users trying to use a fake or stolen password, or people trying to sneak in the back way by playing with their URL.

These are unscrupulous people who have a program set up to bombard the server with thousands of user/password combinations over a period of an hour or whatever, until they're lucky enough to find one that works. Then they suck files down and post them to the newsgroups.

It's the heavy load on the server we want to eliminate (that's what caused the downtime we had a couple of weeks back), and when we do find a way to stop them in their tracks it will solve many of the subsequent problems they cause (releasing our pics to the world for free).

Bugger...

To be honest, though! (Fanfare - Very rare!) It was on the newsgroups that I saw a couple of "free" *cough* photoshoots - That made me find this site and subscribe... Without them, I wouldn't have.

But I suppose I'm a rare example!

I wonder if you could accidently capture Abby in one of your lovely videos!? http://www.abbywinters.com/discus/clipart/happy.gif Oh, never mind!

Oh - The last video you done (I'll find the name in a min) was "garbled" on my machine. The AVI wouldn't play (Which seem to be better quality when they do!) and the MPG stuttered like mad. I'll download them again, and try again! http://www.abbywinters.com/discus/clipart/happy.gif

Er. Yeah, that was Donnavid3. I... er, well, uploaded it in the wrong format (ASCII - it shoulda been Binary) so I fixed it that evening. Though if you downloaded it after last Thursday, then maybe it's another problem...

Speaking of Donna's latest video, I dragged it down last night and I must tell you that I like the format much better with regards to the logo, and the music was better to .. thumbs up.... ps the actual video was fabulous http://www.abbywinters.com/discus/clipart/happy.gif

I will try it again - Many thanks. http://www.abbywinters.com/discus/clipart/happy.gif

Hi,
Just as an aside to this converstion regarding hackers and how you track them, do you do any monitoring or tracking of your paying visitors ?

Of course they do - At the moment, they are monitoring you posting on the forum.... http://www.abbywinters.com/discus/clipart/happy.gif

Sorry! My little joke!

I sometimes post a bunch of images to news groups to get people interested. Some devout news people call that spamming, and in some ways I guess it is. But that's usully people who have their head up the arse, and expect stuff like this to be free.

In reality, models don't do this for free, and I don;t spend 16 hours a day working for free, either. I don't reckon I charge that much for what you get, and the price is going to stay the same for along time yet. So all in all, the punters are getting the better deal.

But there are always going to be people who pay for a month's access (or hack in), and download the entire site on their cable modem, and then post the lot to newsgroups. Then a bunch of ppl DL the stuff, people who may well have become customers, and enjoy if for free.

If that kinda stuff keeps happenning, I could go out of business. Plenty of websites that have original stuff (and thus, a lot of overheads that other sites, who use clone pics from elsewhere don't have) have already gone bust, for this very reason.

Rest assured that there is very little tracking of real visits. Hackers, on the other hand, get the full deal, DNS lookups, complaints to the servers, and so on.

Hi Abby,

I know this may be a while after the creation of this thread but you may find this info useful if you dont already know it. Most hackers nowdays use a program call ************ (www.***********.com) This is one of the things that is almost always used to attack your site. If you haven't already I advise you or your Sys Admin to download it, check out how it works and then develop some protection against it. Doing so might cut breaches enormously. Since most attacks come via a proxy banning ip's will only stop the end user from using the exploited account.

The rest of this post has been emailed instead of displayed on a public forum :-)

Take it from a bad guy now doing his best to stay away from the dark side, getting into most sites only takes a little bit of effort.