Ian
Site Administrator
Registered: 28th Aug 99
Location: Liverpool
User status: Online
|
Information is on general release now as I don't really want any misconceptions about the problem, or weeks and weeks of people getting third hand information.
Last night at 20:11 I got an email from a user who couldn't log in, saying he hadn't changed the password but it was incorrect. I looked in the log and the password had indeed been reset. The IP address and machine fingerprint were different to the one which this user tends to use, but as there are legitimate reasons for this (ie. round at a mates house, in work etc.) I reset the password again and advised the user.
Please note - this is not a 'hacking' attempt, merely functionality which exists for any user who is logged out, which was being misused. There is no compromised access to account as the new password is emailed to the registered email address, so you'll get back in, you just get logged out until you find out the new password, which is moderately annoying.
I had a quick look around the log and to my surprise there were 16 other examples of this totalling just over 50 minutes of activity, which obviously is a problem. There were also a smaller number some time ago which shared some of the same characteristics. While I was looking through the logs three more appeared. I made the decision to let them happen in order to ensure we had good data, and I was online to rectify anyway. This guys name was also available to me, as well as a small amount of post history from a few months back, which was nice.
Usual procedure in this case is to fire off an email to the abuse team at whatever ISP the offending user is coming from and wait for a reply. Luckily enough I had a few other lines of enquiry and I was able to acquire the name and phone number of the technical contact for that range of IP addresses, who I phoned, but being 8pm wasn't at his desk.
I made a few other enquiries and was eventually put through to his mobile. I explained the situation and he asked if he could call me back with further details. He phoned back five minutes later explaining that he had track this user down and now might want information in order to discipline him. I said this wasn't necessary and I would prefer to speak to him direct. He agreed and gave me the direct line to the team on which this guy worked and the name of his team leader who would be answering the phone.
I phoned and asked to be put through to the offending user and explained that this had to stop. I think I surprised him a little, but he agreed with me.
As a result of this incident there will be some code changes which I'm about to do tonight which should reduce the likelyhood of abuse taking place. I'm keen not to slow down legitimate use, so things most likely won't look any different and users won't be inconvenienced by extra crap like secret questions and the like which are pointless anyway. I can do this perfectly well with some backroom log things for checking history, address and machine usage etc.
Essay. In summary, if you are going to have a play, turn your phone off, as it might ring an hour later. 
[Edited on 10-11-2005 by Ian]
|
Robbo
Member
Registered: 6th Aug 02
Location: London
User status: Offline
|
Sticky?
|
Matt H
Member
Registered: 11th Sep 01
Location: South Yorkshire
User status: Offline
|
Go on Ian 
|
Ian
Site Administrator
Registered: 28th Aug 99
Location: Liverpool
User status: Online
|
quote:
Originally posted by Robbo
Sticky?
No it was quite easy
|
Matt H
Member
Registered: 11th Sep 01
Location: South Yorkshire
User status: Offline
|
quote:
Originally posted by Ian
quote:
Originally posted by Robbo
Sticky?
No I used a kleenex
|
Robbo
Member
Registered: 6th Aug 02
Location: London
User status: Offline
|
|
dave17
Member
Registered: 3rd Sep 02
Location: Greater London
User status: Offline
|
Inspector Griffiths
|
langey
Member
Registered: 7th Sep 03
Location: Wigan
User status: Offline
|
i was wondering what you meant when said your ringing them at work lol 
|
Mistamist
Member
Registered: 16th Jul 03
Location: Gillingham, Kent
User status: Offline
|
If i knew how to play, i would, just to rub myself off to ians voice when he rings 
Good work bossman!
|
Carl
Member
Registered: 9th May 04
Location: Jimmy Bennett's la la land.
User status: Offline
|
why did you edit the posts that mentioned names?
(Questions Ian like the some guy questioned Jessica Fletcher as she unvailed the killer at the end of every episode)
[Edited on 10-11-2005 by Ian]
|
Ian
Site Administrator
Registered: 28th Aug 99
Location: Liverpool
User status: Online
|
Names are removed to protect the innocent
|
Matt H
Member
Registered: 11th Sep 01
Location: South Yorkshire
User status: Offline
|
quote:
Originally posted/edited by Ianl
(Questions Ian like the some guy questioned Jessica Fletcher as she unvailed the killer at the end of every episode)
What the fook are you on about laaa? 
|
Carl
Member
Registered: 9th May 04
Location: Jimmy Bennett's la la land.
User status: Offline
|
quote:
Originally posted by Ian
Names are removed to protect the innocent
 your just abusing your power now! 
Add a Y onto the end of my username and i turn into a fit female who may happen to post on corsasport, I also like wearing bike leathers and straddling things. 
[Edited on 10-11-2005 by Carl]
|
Ian
Site Administrator
Registered: 28th Aug 99
Location: Liverpool
User status: Online
|
I would prefer to mention no names at least until the people involved post in here to confirm its OK.
There's a bit of background to the reasons this has happened which is not a computing issue.
|
Matt H
Member
Registered: 11th Sep 01
Location: South Yorkshire
User status: Offline
|
quote:
Originally posted by Matt H
quote:
Originally posted/edited by Ianl
(Questions Ian like the some guy questioned Jessica Fletcher as she unvailed the killer at the end of every episode)
What the fook are you on about laaa?
|
Nismo
Member
Registered: 12th Sep 02
User status: Offline
|
I confirm its ok
Nice one Ian
|
Carl
Member
Registered: 9th May 04
Location: Jimmy Bennett's la la land.
User status: Offline
|
quote:
Originally posted by Matt H
quote:
Originally posted by Matt H
quote:
Originally posted/edited by Ianl
(Questions Ian like the some guy questioned Jessica Fletcher as she unvailed the killer at the end of every episode)
What the fook are you on about laaa?
Ian on a weekend
|
Butler
Member
Registered: 2nd Jun 05
Location: London
User status: Offline
|
|
ajscorsa
Member
Registered: 30th Apr 02
Location: Perceton, North Ayrshire
User status: Offline
|
must give a to Ian he must have shit his pants when he answered the phone lol
|
CorsAsh
Member
Registered: 19th Apr 02
Location: Munich
User status: Offline
|
"MiniIan, stop humping the users"
|
dave17
Member
Registered: 3rd Sep 02
Location: Greater London
User status: Offline
|
What did you say to him?
|
CorsAsh
Member
Registered: 19th Apr 02
Location: Munich
User status: Offline
|
quote:
Originally posted by dave17
What did you say to him?
"AY AY AY, CAAAAAAAAAAAAAAAAAAAAAAAAAAAAAALLLLLM DOWN CALM DOWN!"
|
Matt H
Member
Registered: 11th Sep 01
Location: South Yorkshire
User status: Offline
|
quote:
Originally posted by CorsAsh
quote:
Originally posted by dave17
What did you say to him?
"AY AY AY, CAAAAAAAAAAAAAAAAAAAAAAAAAAAAAALLLLLM DOWN CALM DOWN!"
He made him beg for mersey
Sorry 
|
Doug
Member
Registered: 8th Oct 03
User status: Offline
|
Go Ian!!!!
*turns phone off*
|
Ian
Site Administrator
Registered: 28th Aug 99
Location: Liverpool
User status: Online
|
quote:
Originally posted by dave17
What did you say to him?
Hi, Ian Griffiths here, Corsa Sport. Just calling about these pass resets, they need to stop.
|
