...

View Full Version : cracking attempts coming from 209.239.43.18.



Austin
06-01-2008, 09:40 PM
It seems that your forums are trying to be cracked. Well at least the usernames. I have tons of forum accounts over the internet with very easy to guess usernames, usually austin.

Well I have been getting emails from all these forums saying my account has been locked because someone has tried to login more than 5 times in a row unsuccessfully. It emails with the originating IP address and I have tried calling and contacting the company hosting the website that has tried to hack into my account on all these different forums. It ALWAYS originates from the following IP: 209.239.43.18.

I have also contacted the company that the IP address comes from. The company is navisite.com and there phone number is 978-946-5800

Do you have any suggestions for shutting down these cracking attempts? I'm sure it is happening to tons of members and not just me.

tomws
06-02-2008, 04:44 PM
This might be more useful.


root@spider:~# whois 209.239.43.18

OrgName: Alabanza, Inc.
OrgID: ALAB
Address: 10 East Baltimore St., 10th floor
City: Baltimore
StateProv: MD
PostalCode: 21202
Country: US

NetRange: 209.239.32.0 - 209.239.63.255
CIDR: 209.239.32.0/19
NetName: ALABANZA-BALT-1
NetHandle: NET-209-239-32-0-1
Parent: NET-209-0-0-0-0
NetType: Direct Allocation
NameServer: NS.ALABANZA.COM
NameServer: NS2.ALABANZA.COM
Comment:
RegDate: 1998-05-20
Updated: 2000-01-26

RTechHandle: TC12-ARIN
RTechName: Cunningham, Thomas
RTechPhone: +1-410-779-1400
RTechEmail: ipadmin@alabanza.com

OrgTechHandle: DLE60-ARIN
OrgTechName: Lee, Dong
OrgTechPhone: +1-410-779-1400
OrgTechEmail: donglee@alabanza.com

OrgTechHandle: TECHS24-ARIN
OrgTechName: Tech Support
OrgTechPhone: +1-410-779-1400
OrgTechEmail: ipadmin@alabanza.com
# ARIN WHOIS database, last updated 2008-06-01 19:10
# Enter ? for additional hints on searching ARIN's WHOIS database.

WA
06-02-2008, 10:26 PM
Bots like these have been hitting forums around the net for a long time now, and it's definitely not the first time it's happened on CF either. That's why it's always important to choose a password that's at least not something like "password", one that can be guessed within 5 guesses (before the cracker is locked out for 15 minutes).

IP banned btw.



EZ Archive Ads Plugin for vBulletin Copyright 2006 Computer Help Forum