ArtRage 5 Product PageArtRage Lite Product PageArtRage for iPad Product PageArtRage for Android Product PageArtRage  Android Oil Painter Free Product PageArtRage  Free Demos Page

Page 1 of 2 12 LastLast
Results 1 to 10 of 11

Thread: Forums down again. . .

  1. #1
    Join Date
    Jul 2009
    Location
    Atlanta (Georgia) area
    Posts
    968

    Forums down again. . .

    Arrrgh! I needs my ArtRage crack.

  2. #2
    Join Date
    Mar 2006
    Location
    New Zealand
    Posts
    3,133
    Don't ask me why, but someone seems very keen to either stop people here talking about art, or to try and sneak a few adverts for shoes, electronics, or other stuff in to posts... We've made some changes to the forum and we're keeping an eye on it. Unfortunately, the internet puts a lot of high powered tools in the hands of some very lower powered intellects, and it's hard to completely avoid this kind of thing.
    Matt
    ArtRage UI
    Ambient Design.

  3. #3
    Join Date
    Feb 2008
    Location
    Pennsylvania
    Posts
    6,727
    Quote Originally Posted by MattRage View Post
    Don't ask me why, but someone seems very keen to either stop people here talking about art, or to try and sneak a few adverts for shoes, electronics, or other stuff in to posts... We've made some changes to the forum and we're keeping an eye on it. Unfortunately, the internet puts a lot of high powered tools in the hands of some very lower powered intellects, and it's hard to completely avoid this kind of thing.

    MattRage,
    WHOOHOO and I got Christmas bells that jingle jangle jingle now that
    my ArtRageous addiction is again up and running. Have been going
    through painterly withdrawals for the last two days and it hasn't been
    pretty! There is a saying ... I think one of our old people in the
    "You know your'e old if" thread said ... "You don't know what you have
    until you lose it." (and I doubt that he was talking about prune juice.)



    Mairzie Dotes

  4. #4
    Join Date
    Apr 2007
    Location
    washington, usa
    Posts
    14,215
    Quote Originally Posted by MattRage View Post
    Unfortunately, the internet puts a lot of high powered tools in the hands of some very lower powered intellects...
    Well said indeed.
    One wonders if they ever do indeed grow up or are they socially inadequate for the rest of their lives?

  5. #5
    Join Date
    Mar 2006
    Location
    New Zealand
    Posts
    3,133
    I've wasted so much time over the last couple of days banning IP ranges due to this. It's nuts. I'd rather be writing new features but apparently we don't get the luxury of working on important things when the spammers are about. Very sad.
    Matt
    ArtRage UI
    Ambient Design.

  6. #6
    Join Date
    May 2007
    Location
    Rome (Italy)
    Posts
    24,113
    Thank You very much, dear Matt for Your obscure, but most useful work of these days! I appreciate!
    Panta rei (everything flows)!

  7. #7
    Join Date
    Mar 2009
    Location
    Rio de Janeiro
    Posts
    5,897
    Many accounts have been tried by the spammer.
    Sure seems to have been a completely random choice of usernames. It is what it seems.

    You have entered an invalid username or password. You have used 1 out of 5 login attempts. After all 5 have been used, you will be unable to login for 15 minutes.
    Using this attempt to enter the system, was it ever invaded? If so, how many repetitions of the password for each attempt? how many times? to force you guys to shut down the system for such a long period of time. Some? Many?

    Many accounts have been tried by the spammer (how many?).
    It might be worth and interesting to notify these usernames through private messages, for them to verify if they fall in the category: ensure that your ArtRage Forums Password is not an easy to guess password. The best way to keep your details private is to ensure that your password is not shared with other sites, and is unique to you.

    We've made some changes to the forum and we're keeping an eye on it... banning IP ranges... etc...
    They use specific softwares for this purpose, many of them free and available for download. Password cracking is the process of recovering passwords from data that has been stored in or transmitted by a computer system. A common approach is to repeatedly try guesses for the password. So why not hinder the game? You have used 1 out of 2 login attempts. After the 2 have been used, you will be unable to login for 24 hours or more? If you are an artist legally registered in ArtRage and typed in the wrong password and fell in this situation please contact our email.

    You did a great job. Congratulations.

  8. #8
    Join Date
    Dec 2009
    Location
    Huntsville, On., Canada
    Posts
    5,356
    "Unfortunately, the internet puts a lot of high powered tools in the hands of some very lower powered intellects,"


    and isn't it strange, or at least it is on a site I have that this kind of thing seems to grow by leaps and bounds as soon as schools close
    Last edited by justjean; 12-22-2010 at 08:12 AM.

  9. #9
    Join Date
    Mar 2006
    Location
    New Zealand
    Posts
    3,133
    In answer to the questions above:

    We have no evidence that any account was actually compromised. They didn't manage to try that many before we saw what was going on, and the nature of the forums meant that they were cutting themselves off from making attempts as they tried accounts.

    We took the forums down while we worked on a small change that would allow us to track the incoming attempts better. Before we made the change, the attempts they made were fairly severely limited, but that was also causing problems for other users logging in - Many, if not most of the errors logging in that were listed as being due to too many attempts for that user were actually due to attempts to another user. So if you saw a note saying that someone had tried to access your account, chances are they actually hadn't. One of their failed attempts could end up blocking significant chunks of users.

    The change we made has allowed us to prevent the false login errors and block the incoming attempts. Unfortunately, as fast as you block one address, they switch to another, so it's something of an ongoing response process.

    Regarding timeouts: Setting the login timeout to 24 hours would probably just end up inconveniencing whoever they tried to compromise. The bot that's trying accounts just moved on to the next when the timeout occurred.

    It's an unfortunate fact of internet life that this sort of thing will happen, all we can do is suggest that you make sure your password is secure: Not your name, not 'password', not '123456'. We will be auditing the forums soon to test for weak passwords and we'll work out how we handle them (so if your password is bad, go fix it!).

    Things seem a bit calmer at the moment, and I believe the changes we have made should stop the login problems and get things back to normal!
    Matt
    ArtRage UI
    Ambient Design.

  10. #10
    Join Date
    Jun 2009
    Location
    uk
    Posts
    5,883
    It is really annoying that some people seem to only be happy trying to do this sort of thing but I am very thankful to all you guys getting it sorted.
    I was about to go crazy with withdrawal symptoms
    Treat Others as you wish to be treated

    http://mannafig.deviantart.com/

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •