Ranter
Join devRant
Do all the things like
++ or -- rants, post your own rants, comment on others' rants and build your customized dev avatar
Sign Up
Pipeless API
From the creators of devRant, Pipeless lets you power real-time personalized recommendations and activity feeds using a simple API
Learn More
Comments
-
C0D4669025yI'm more concerned you have these places bookmarked 😏
As for your brute attack... shouldn't you have some kind of protection in place? -
endor56665yYou risk sending legitimate users who failed a login to some very bad websites.
Also, any of those redirections are traceable to you, so now the question will be "why are you sending your users to some very shady websites?"
Best solution: implement your site in such a way that it can't be bruteforced.
Temp solution: try banning the ip addresses of the attacker(s) -
endor56665y@FuckJava sadly, that's the world we live in :(
So much cool technology ruined by idiots with bad intentions -
@endor
I might provide a honey pot for people who use wrong credentials... With random credit card numbers, wrong email and physical addresses, phone numbers, etc. -
endor56665y@FuckJava now that's a good idea! And log all their activity too.
Wish there were no legal consequences to striking back, the web would be a much more interesting place -
@endor
Yes I wish it was like Ghost in the Shell where the firewalls would electrocute attackers -
@irene
True. I'm talking about getting back to people who are trying to break into my awesome website... It's lame to show a 403 error. -
@FuckJava so show a 200 instead 😁 only if 5 times in a row wrong creds have been enter, for the next 5 mins return 200 to that ip everywhere 😁
-
SomeNone7115ySlowing down the attacker might help, any IP which produces more than $m$ incorrect logins in $x$ time gets their responses at a speed of one byte every 10 seconds or so…
-
SomeNone7115y@FuckJava Only the available ports. If you run low on ports, you can always just abort any slowed-down conversation. Though I agree it would probably a bit challenging to configure that correctly.
-
@theKarlisK
Why is everyone taking this seriously? This brute attack is not something g I can't manage... Maybe 2000 failed attempts per second tops. I just wanted to have fun at their expense... -
@Nanos
I'm trying to act like US of A. When soldiers from North Vietnam, or even VCs threw one rocket, US would carpet bomb them. Problem is, US lost...
Related Rants
One of my websites is under a brute attack.
If I were to redirect failed logins to an illegal website (drugs, child pornography, terrorism support, etc...), will the feds come after me? Or will they go after the attacker?
question
random