Quote:
|
Originally Posted by latinasojourn
if you have interesting sites you will always have asswipes trying to do brute force attacks. proxy pass blocks proxies as fast as these fuckers can throw them at your box---like a thousand different proxies in 3 minutes---soon the fucker is out of working proxies.
so maybe someone gets lucky and they get a password once a month, and then post it on a password site.
if you have the right scripts in place, the first time you have "X" number of simulaneous users with same name/pass every subsequent attempt is redirected to your sales page.
this is just not much of a problem anymore---it used to be, but no more.
but the info is valuable nontheless. the more webmasters saavy enough to keep the freeloaders out, the more people will pay for memberships.
security costs a little bit true, but it is money well spent.
|
Negative. It is damn easy to get 2000 anonymous proxies.
If I set the software to use only 10 bots and it cracks at 18000 per hour, I am going to try to crack about 300 per minute. That means it will take 6 minutes to see that 1st proxy again. If you have proxypass set to block a proxy after 5 tries, it will take 30 minutes to finally block its first proxy.
Now think about this, if you own milffuckedindaass.com, I will use the password file I obtained from assfuckingmilf4homies.com. Both sites have about 1,000 users who have signed up at either site with the same user/pass combo. Currently 150 are still active on milffuckedindaass.com. The combo file from the later site is 8,000 passes long. Every 53rd user is one of the 150 that is active. (8000/150). I am doing 300 tries per minute. I run 1,000 tries in less than 4 minutes are get 18 passwords.
I give the 18 out all month. I crack a session for 4 hours a day because I feel like it. Everyday someone asks me for the site 8 times. In one month those 18 passwords never get used by the same illegit or legit user at the same time. Even if they do, we can have up to 5 using them. Out of the 18 passwords 8 are still working at months end. But I only need 8 to feed the surfers requests for them.
240 people have now viewed your site for free. But BW is cheap.. Yeah, no shit, but getting me to crack your passwords is even cheaper. Out of the 240 about 40 are just people who are to stupid to store them. So 200 are individual surfers that will not be buying your product.
Those are just the surfers for 1 site that I cracked. I also will do the same for about (240minutes / 4 minutes per pass) = 60 surfers/sites that day. I am just one cracker. There are 4 to 20 more in a channel who will crack at other times in the day. I'll average that to 10. That is 600 passwords a day for the channel. 1800 in a month. ( 18000 x $20 = $360,000).
Now take the auto_requests you see going by. Someone asks for a megasite or a site with all access passwords. Those are being filled 2 to 3 times faster. $1,080,000.
And the searches going on with the bots that you don't see. Most surfers use the bots because they are nervous about asking for a site in the channel. Searches happen at the rate of a few thousand in a day. We will say 2000 even though the number is usually around 4000.
Add it all up and it is $88,000 a day. $2,640,000 a month. $31,680,000 a year. And this is just 1 channel. Undernet and many other smaller nets have channels of their own. Most other networks have 2 to 10 channels. And this is just English speaking. There are networks for people speaking many other languages. I will say a small number, 30 other channels.
$950,400,000! This is just lost revenue do to people not signing up. Add to this the cost of customer service, chargebacks, refunds, etc and this problem is costing you a HUGE sum of money.
This is just the IRC BTW. It doesn't include password boards, forums or other forms of trading them.
But I am just a punk, a surfer and a skript kiddie. So you all go on with your lives. I gave you the 3 keys to cutting this problem down to 10% of its current form. People didn't accept the world as being spherical or the Sun as the center of the universe, I don't know why I thought you people would be any different.