Exceeding Daily bandwidth

Announcements and Discussion about Trains-and-Drivers.net Development

Re: Exceeding Daily bandwidth

Unread postby Chacal » Mon May 20, 2019 1:32 pm

So far so good, the backlog is only 8 uploads. I'm publishing 2 or 3 daily.
Over the hill and gathering speed
Chacal
 
Posts: 4787
Joined: Tue Jul 05, 2011 1:11 pm
Location: Quebec, Canada

Re: Exceeding Daily bandwidth

Unread postby minerman146 » Mon May 20, 2019 1:41 pm

Bob, Is there any way to implement complex passwords at the user AND the system level? You will never outpace the ip addresses unless you ip block parts of the world such as the PRC and the RF. I also advise you change all your system ids and implement 14 character passwords.
User avatar
minerman146
 
Posts: 1671
Joined: Fri Mar 20, 2015 8:15 pm
Location: Cornwall, New York

Re: Exceeding Daily bandwidth

Unread postby buzz456 » Mon May 20, 2019 2:09 pm

Fourteen character passwords? !*roll-laugh*! !*roll-laugh*! Surely you jest. The nuclear codes aren't that long. !!det!!
Buzz
39 and holding.
"Some people find fault like there's a reward for it."- Zig Ziglar
"If you can dream it you can do it."- Walt Disney
Image
User avatar
buzz456
Site Admin
 
Posts: 15864
Joined: Sun Mar 21, 2010 8:30 am
Location: Sycamore, Il

Re: Exceeding Daily bandwidth

Unread postby minerman146 » Mon May 20, 2019 2:29 pm

buzz456 wrote:Fourteen character passwords? !*roll-laugh*! !*roll-laugh*! Surely you jest. The nuclear codes aren't that long. !!det!!

Not kidding, my admin passes are 14 char minimum and complex. Cap, special, character and numbers and no readable words. Literally a jumble of characters. Your admin names should not be Admin nor your names. Your database SA account must be complex. Its worth it for peace of mind and to NOT have to dig out of a hack event to harden your security.

Of course I'm self interested as 4 years of my routes "story" is here. I would cry like a baby if that were to disappear.
User avatar
minerman146
 
Posts: 1671
Joined: Fri Mar 20, 2015 8:15 pm
Location: Cornwall, New York

Re: Exceeding Daily bandwidth

Unread postby artimrj » Mon May 20, 2019 3:19 pm

The forum software has an IP blocker that stops them from getting to forum. It is called DNSBL check. They apparently got a huge list of IP that are known spammer/hackers. They keep trying to get in like 30 or 40 times a minute, but they are blocked from the forum. I get a block log and transfer the IPs to the cpanel IP deny utility that stops them from getting in anywhere. My admin password for the site/Joomla is 16 characters long. Caps and numbers.
Bob Artim - Generation X²
I don't have a PHD, I have a DD214... Freedom carries sacrifice

6th Gen i7 6700K @ 4.0 GHz, 16 gig, NVidia GTX 970 4 Gig, 5 TB of Maxtor HDs, 128 Gig SSD, 800 W PSU & Win 10 64 bit
User avatar
artimrj
Site Admin
 
Posts: 4435
Joined: Sun Jan 31, 2010 3:07 pm
Location: Beaver, Pennsylvania

Re: Exceeding Daily bandwidth

Unread postby minerman146 » Mon May 20, 2019 4:12 pm

Bob, That is good to hear. Other than making sure your forum software is up to date, is to research vulnerabilities and exploits, then re mediate. This again reminds me of how much time you guys put into RWA ... just to make it work. This is before all your posting, repainting and data uploads.
User avatar
minerman146
 
Posts: 1671
Joined: Fri Mar 20, 2015 8:15 pm
Location: Cornwall, New York

Re: Exceeding Daily bandwidth

Unread postby Chacal » Mon May 20, 2019 5:53 pm

minerman146 wrote:Cap, special, character and numbers and no readable words.


Research has shown that this is not useful, and it is even harmful, unless you are using a password manager app, which is recommended.
See NIST SP 800-63 B, in Annex.

Recommended practice 1:
The resistance of a password is determined by:
1- Length
2- Length
3- Length.

Also, length.
So a 20-character-long passphrase of random words is resistant AND can be remembered.

Recommended practice 2:
Avoid re-using passphrases on multiple sites, unless these are throw-aways sites (i.e. you don't care about your account neing hacked on these).
Considering techniques used by today's hackers, this is the most important recommendation.

Recommended practice 3:
Use a a password manager app. It will help you follow the first two recommendations.
Over the hill and gathering speed
Chacal
 
Posts: 4787
Joined: Tue Jul 05, 2011 1:11 pm
Location: Quebec, Canada

Re: Exceeding Daily bandwidth

Unread postby minerman146 » Mon May 20, 2019 7:48 pm

Chacal I held back on the password manager (3) which is really key to making all the password recommendations possible. I presumed simple passwords were being used. The next thought I had when I was making my recommendation was this and is directed at Bob. (please don't respond) Confirm that this sites password repository is encrypted and not stored in plain text. Last, is to secure and harden whatever credentials are used for database and web service access. This is actually what the hackers are trying to get at.

Chacal - that was such a good point, I use the business edition of RoboForm, there is a demo version you can put to use from www.roboform.com. I'll defer to you on preaching the advantages to our team here at RWA!
User avatar
minerman146
 
Posts: 1671
Joined: Fri Mar 20, 2015 8:15 pm
Location: Cornwall, New York

Re: Exceeding Daily bandwidth

Unread postby Chacal » Tue May 21, 2019 1:18 am

Minerman, all that you said is quite true.
Switching to using a password manager is an effort, but it is worth it.
There are several free or cheap ones.
Over the hill and gathering speed
Chacal
 
Posts: 4787
Joined: Tue Jul 05, 2011 1:11 pm
Location: Quebec, Canada

Previous

Return to Trains and Drivers

Who is online

Users browsing this forum: No registered users and 1 guest