GoFuckYourself.com - Adult Webmaster Forum - View Single Post - Possible solution to brute force password hacking our member area's (code inside)

buran · 10-01-2002, 08:42 AM

Not to get into all the "my dick is bigger than yours" security shit, the actual code that's listed at the top, brute force hackers will never make a request without supplying a username and password. So they'll always get the 200 OK response. Watch your sessions and just start whacking an IP address that makes more than X number of 401 requests inside X number of minutes. You'll build up a nice big list of proxy IP's.

10-01-2002, 08:42 AM
buran Confirmed User Join Date: Mar 2002 Location: how'd I get here? Posts: 264	Not to get into all the "my dick is bigger than yours" security shit, the actual code that's listed at the top, brute force hackers will never make a request without supplying a username and password. So they'll always get the 200 OK response. Watch your sessions and just start whacking an IP address that makes more than X number of 401 requests inside X number of minutes. You'll build up a nice big list of proxy IP's. __________________ [this signature intentionally left blank]