Exceeding Daily bandwidth

Re: Exceeding Daily bandwidth

Unread postby Chacal » Mon May 20, 2019 1:32 pm

So far so good, the backlog is only 8 uploads. I'm publishing 2 or 3 daily.
Over the hill and gathering speed
Chacal
 
Posts: 4804
Joined: Tue Jul 05, 2011 1:11 pm
Location: Quebec, Canada

Re: Exceeding Daily bandwidth

Unread postby minerman146 » Mon May 20, 2019 1:41 pm

Bob, Is there any way to implement complex passwords at the user AND the system level? You will never outpace the ip addresses unless you ip block parts of the world such as the PRC and the RF. I also advise you change all your system ids and implement 14 character passwords.
User avatar
minerman146
 
Posts: 1717
Joined: Fri Mar 20, 2015 8:15 pm
Location: Cornwall, New York

Re: Exceeding Daily bandwidth

Unread postby buzz456 » Mon May 20, 2019 2:09 pm

Fourteen character passwords? !*roll-laugh*! !*roll-laugh*! Surely you jest. The nuclear codes aren't that long. !!det!!
Buzz
39 and holding.
"Some people find fault like there's a reward for it."- Zig Ziglar
"If you can dream it you can do it."- Walt Disney
Image
User avatar
buzz456
Site Admin
 
Posts: 16038
Joined: Sun Mar 21, 2010 8:30 am
Location: Sycamore, Il

Re: Exceeding Daily bandwidth

Unread postby minerman146 » Mon May 20, 2019 2:29 pm

buzz456 wrote:Fourteen character passwords? !*roll-laugh*! !*roll-laugh*! Surely you jest. The nuclear codes aren't that long. !!det!!

Not kidding, my admin passes are 14 char minimum and complex. Cap, special, character and numbers and no readable words. Literally a jumble of characters. Your admin names should not be Admin nor your names. Your database SA account must be complex. Its worth it for peace of mind and to NOT have to dig out of a hack event to harden your security.

Of course I'm self interested as 4 years of my routes "story" is here. I would cry like a baby if that were to disappear.
User avatar
minerman146
 
Posts: 1717
Joined: Fri Mar 20, 2015 8:15 pm
Location: Cornwall, New York

Re: Exceeding Daily bandwidth

Unread postby artimrj » Mon May 20, 2019 3:19 pm

The forum software has an IP blocker that stops them from getting to forum. It is called DNSBL check. They apparently got a huge list of IP that are known spammer/hackers. They keep trying to get in like 30 or 40 times a minute, but they are blocked from the forum. I get a block log and transfer the IPs to the cpanel IP deny utility that stops them from getting in anywhere. My admin password for the site/Joomla is 16 characters long. Caps and numbers.
Bob Artim - Generation X²
I don't have a PHD, I have a DD214... Freedom carries sacrifice

6th Gen i7 6700K @ 4.0 GHz, 16 gig, NVidia GTX 970 4 Gig, 5 TB of Maxtor HDs, 128 Gig SSD, 800 W PSU & Win 10 64 bit
User avatar
artimrj
Site Admin
 
Posts: 4463
Joined: Sun Jan 31, 2010 3:07 pm
Location: Beaver, Pennsylvania

Re: Exceeding Daily bandwidth

Unread postby minerman146 » Mon May 20, 2019 4:12 pm

Bob, That is good to hear. Other than making sure your forum software is up to date, is to research vulnerabilities and exploits, then re mediate. This again reminds me of how much time you guys put into RWA ... just to make it work. This is before all your posting, repainting and data uploads.
User avatar
minerman146
 
Posts: 1717
Joined: Fri Mar 20, 2015 8:15 pm
Location: Cornwall, New York

Re: Exceeding Daily bandwidth

Unread postby Chacal » Mon May 20, 2019 5:53 pm

minerman146 wrote:Cap, special, character and numbers and no readable words.


Research has shown that this is not useful, and it is even harmful, unless you are using a password manager app, which is recommended.
See NIST SP 800-63 B, in Annex.

Recommended practice 1:
The resistance of a password is determined by:
1- Length
2- Length
3- Length.

Also, length.
So a 20-character-long passphrase of random words is resistant AND can be remembered.

Recommended practice 2:
Avoid re-using passphrases on multiple sites, unless these are throw-aways sites (i.e. you don't care about your account neing hacked on these).
Considering techniques used by today's hackers, this is the most important recommendation.

Recommended practice 3:
Use a a password manager app. It will help you follow the first two recommendations.
Over the hill and gathering speed
Chacal
 
Posts: 4804
Joined: Tue Jul 05, 2011 1:11 pm
Location: Quebec, Canada

Re: Exceeding Daily bandwidth

Unread postby minerman146 » Mon May 20, 2019 7:48 pm

Chacal I held back on the password manager (3) which is really key to making all the password recommendations possible. I presumed simple passwords were being used. The next thought I had when I was making my recommendation was this and is directed at Bob. (please don't respond) Confirm that this sites password repository is encrypted and not stored in plain text. Last, is to secure and harden whatever credentials are used for database and web service access. This is actually what the hackers are trying to get at.

Chacal - that was such a good point, I use the business edition of RoboForm, there is a demo version you can put to use from www.roboform.com. I'll defer to you on preaching the advantages to our team here at RWA!
User avatar
minerman146
 
Posts: 1717
Joined: Fri Mar 20, 2015 8:15 pm
Location: Cornwall, New York

Re: Exceeding Daily bandwidth

Unread postby Chacal » Tue May 21, 2019 1:18 am

Minerman, all that you said is quite true.
Switching to using a password manager is an effort, but it is worth it.
There are several free or cheap ones.
Over the hill and gathering speed
Chacal
 
Posts: 4804
Joined: Tue Jul 05, 2011 1:11 pm
Location: Quebec, Canada

Re: Exceeding Daily bandwidth

Unread postby CArailroader » Fri Jun 21, 2019 11:23 am

What was the outcome? Did publishing small amounts of files every day help with reducing the bandwidth?
CArailroader
 
Posts: 437
Joined: Fri Sep 16, 2016 9:16 pm
Location: California

Re: Exceeding Daily bandwidth

Unread postby artimrj » Fri Jun 21, 2019 9:23 pm

No, blocking the spammers which I do daily, is holding them at bay. But they still keep trying. Can not figure out why they want in here so bad.
Bob Artim - Generation X²
I don't have a PHD, I have a DD214... Freedom carries sacrifice

6th Gen i7 6700K @ 4.0 GHz, 16 gig, NVidia GTX 970 4 Gig, 5 TB of Maxtor HDs, 128 Gig SSD, 800 W PSU & Win 10 64 bit
User avatar
artimrj
Site Admin
 
Posts: 4463
Joined: Sun Jan 31, 2010 3:07 pm
Location: Beaver, Pennsylvania

Re: Exceeding Daily bandwidth

Unread postby mindenjohn » Sat Jun 22, 2019 3:26 am

Probably so as to access the members list to sell so that we can all receive even more offers that we can’t live without OR it might be that the dumbos think that by accessing the site they access a method of controlling all of America’s Railwork(ing)s.
John

He who never tries will not fail but will never succeed.
Age doesn’t stop you, it just slows you down.
mindenjohn
 
Posts: 221
Joined: Fri Oct 05, 2018 4:34 am
Location: West Yorkshire, UK

Re: Exceeding Daily bandwidth

Unread postby AmericanSteam » Mon Jul 01, 2019 8:26 am

Thought we had lost RWA again yesterday afternoon. Could not log in. I guess you were uploading files. I was back up in about 45 minuets.
TS2019 64 bit, Intel I7 6700K, Liquid Cooled, ASUS GTX 1060 6 GB, 32 GB DDR-4 3200 MHz, Samsung 500 GB 970 EVO Plus M.2 system drive, Samsung 500GB 960 EVO M.2 drive for TS2019
Using a Raildriver with TS2019 Raildriver interface by Cobra One and RW Enhancer.
Youtube https://www.youtube.com/channel/UC9-N4b ... subscriber
User avatar
AmericanSteam
 
Posts: 775
Joined: Mon Nov 02, 2015 9:54 am
Location: Grass Valley, California

Previous

Return to TSW General Forum

Who is online

Users browsing this forum: No registered users and 2 guests