L2J Server

Hello friends, some smartass is trying a lot of logins probably with some bruteforce/hack tool
The flood protector don't block him, i think its because he isn't using created accounts...



If someone know something about it i'm all ears and ready to listen

So how did he accessed you account names?

Zoey76 wrote:So how did he accessed you account names?

nonono

He is trying non created accounts, these accounts are not created.

3 unsuccessful attempts and block in firewall rule for 24 hours, maybe IP range... btw..cant be that this is bot trying to log ?

Aikimaniac wrote:3 unsuccessful attempts and block in firewall rule for 24 hours, maybe IP range... btw..cant be that this is bot trying to log ?

this is automated, probably a software with login/pass list and maybe proxy list support...

Renasc wrote:

Aikimaniac wrote:3 unsuccessful attempts and block in firewall rule for 24 hours, maybe IP range... btw..cant be that this is bot trying to log ?

this is automated, probably a software with login/pass list and maybe proxy list support...

get apache log and block him on firewall...

Aikimaniac wrote: get apache log and block him on firewall...

free proxy has not been canceled
I can use hundreds of different ip addresses....
Aikimaniac is right, you can use mod ipconnlimit for login port (for apache) or iptables (other firewall) for limit connection to login port.
Or you can use captcha mod for login.
The window that pops up before the login and password.
Or modified login window, but this is a modification of the client.

p.s. Or use L a m e Guard with autoupdater