Quote:
Originally Posted by Ciao bella
I am not entertaining the topic of Brute Forcing!
We already have the User/passes.
The bigger the site the more user/pass's it has. Membership will run in general 30 days. Yes, no doubt about it! Well over a 100 hits on that one log-on. If you kill it after 3 log-on's from separate IP locations, there's 30 - 40 other valid user/pass's that will take it's place.
Capisci ?
Ciao Bella
|
Brute force attacks are so.... lame, so pre-2000, and easy to stop 8 years ago.
Of course, like a duh of course... the bigger a site is, the more user/pass records it has. But that doesn't mean YOU have more passwords for that. At that, 99% of the passwords you do have to sites, suck fucking ass or is to a fake members area, that you think is real.
And the big boys that don't care about leaks.. you aren't hurting them, you are helping them.
100's of logins on one username = 100s of blocked IP's.. and you don't have that many proxies at free will... And I can lock it down to the IP range only to login, country, state, zip, no-cross-country logins..... several backends do it this way now, and it's very easy to code in.
I'm starting to think the only 'passwords' you know of are the ones you try to find so you can spank the monkey for free...