the rum soaked fist: internal martial arts forum

Kelley Graham wrote:They do it ‘cause they can. Who know’s. We probably got caught up with a bunch of other sites. The session table was going mad. 1/2G of growth a day. Brute force most likely script kiddies.

So what people do is scan for vulnerabilities in big chunks. When they find one, they hammer on it to learn, they pass it around to others to do the same, identifying the vulnerabilities.

This site is appallingly outdated. It has no captcha. It has no defense against bots other than to shut down registrations. It's probably on a couple lists.

There's better options out there. I know we've got ourselves a nice protected little niche out here with the same old faces, and all these old folks like to stick with what's familiar, but as you can see... there are problems with usability and availability at times. I wouldn't be surprised if personal information hadn't been harvested already, if there is any that's useful.

Mastadon, for example. There might be a learning curve, but I'd be happy to help get things rolling.

https://joinmastodon.org/

there is the fb group, but it seems to have low use. maybe the admins could also create a subreddit. the "real site" is cooler, even if there are only 8 of us here.

I run two mastodon instances. Not really workable a forum or an archive. Great for chatting. Phpbb, even outdated as it is doesn’t leak personal data. So there’s no harm running old code. Captcha is ok, but the new JavaScript bot protection is working. We had 159 days of uptime until this event and the previous reboot was administrative. 460 days before. 600+ days isn’t bad for a heavily used server. We average 85% utilization. Not bad.

Spam users down. Testing.

Another spike. We're back.