Hello friends, some smartass is trying a lot of logins probably with some bruteforce/hack tool
The flood protector don't block him, i think its because he isn't using created accounts...
If someone know something about it i'm all ears and ready to listen
Help against login brute force
Forum rules
READ NOW: L2j Forums Rules of Conduct
READ NOW: L2j Forums Rules of Conduct
- Zoey76
- L2j Inner Circle
- Posts: 7005
- Joined: Tue Aug 11, 2009 3:36 am
Re: Help against login brute force
So how did he accessed you account names?
Powered by Eclipse 4.30 | Eclipse Temurin 21 | MariaDB 11.3.2 | L2J Server 2.6.3.0 - High Five
Join our Discord!
Join our Discord!
- Renasc
- Posts: 18
- Joined: Mon Sep 30, 2013 12:18 am
Re: Help against login brute force
nononoZoey76 wrote:So how did he accessed you account names?
He is trying non created accounts, these accounts are not created.
- Aikimaniac
- L2j Inner Circle
- Posts: 3048
- Joined: Sun Aug 07, 2005 11:42 pm
- Location: Slovakia
Re: Help against login brute force
3 unsuccessful attempts and block in firewall rule for 24 hours, maybe IP range... btw..cant be that this is bot trying to log ?
- Renasc
- Posts: 18
- Joined: Mon Sep 30, 2013 12:18 am
Re: Help against login brute force
this is automated, probably a software with login/pass list and maybe proxy list support...Aikimaniac wrote:3 unsuccessful attempts and block in firewall rule for 24 hours, maybe IP range... btw..cant be that this is bot trying to log ?
- Aikimaniac
- L2j Inner Circle
- Posts: 3048
- Joined: Sun Aug 07, 2005 11:42 pm
- Location: Slovakia
Re: Help against login brute force
get apache log and block him on firewall...Renasc wrote:this is automated, probably a software with login/pass list and maybe proxy list support...Aikimaniac wrote:3 unsuccessful attempts and block in firewall rule for 24 hours, maybe IP range... btw..cant be that this is bot trying to log ?
-
- Posts: 135
- Joined: Fri Nov 19, 2010 1:38 pm
Re: Help against login brute force
free proxy has not been canceledAikimaniac wrote: get apache log and block him on firewall...
I can use hundreds of different ip addresses....
Aikimaniac is right, you can use mod ipconnlimit for login port (for apache) or iptables (other firewall) for limit connection to login port.
Or you can use captcha mod for login.
The window that pops up before the login and password.
Or modified login window, but this is a modification of the client.
p.s. Or use L a m e Guard with autoupdater