Closed nixtux closed 5 years ago
I've removed the ban that caused this but I'm unsure if this was the result of a bug in uberserver or not.
The ip 78.46.100.157 was banned (manually, by me) due to spamming hundreds of login attempts with incorrect username and password, which looked suspiciously brute force-ish - the username used was AndroUser2. Is that your connection attempts? Or perhaps this IP relates to the whole IRC bridge?
e.g.
2019-02-16 00:17:03 INFO Protocol.out_DENIED:3176 [934] Failed to log in user <AndroUser2>: Invalid username or password (1/3)
2019-02-16 00:19:09 INFO Protocol.out_DENIED:3176 [936] Failed to log in user <AndroUser2>: Invalid username or password (1/3)
2019-02-16 00:19:14 INFO Protocol.out_DENIED:3176 [937] Failed to log in user <AndroUser2>: Invalid username or password (2/3)
2019-02-16 00:22:39 INFO Protocol.out_DENIED:3176 [941] Failed to log in user <AndroUser2>: Invalid username or password (3/3)
I think it's my connect attempts, well my irc client trying to use a second user name if first fails.
I'm still not sure exactly what's wrong here
irc client auto reconnects every 5 sec.
Does it do this even if you are logged in?
78.46.100.157 is springrts.com :-)
I think there are no issues with the automated rate limiters (per IP for registration attempts, per username for logins) and the current IRC bridge.
In any case, the plan is for IRC to go via Springs matrix server and new bridge interface.
unfortunately this relates to the IRC protocol translation and not the "true" bridge - so this issue still stands
a few IRC clients spam hundreds of failing login attempts (on 5 second repeat), often without even a valid username
this pollutes logfiles
probably best not to change anything here (sadly)
[16:25] -irc.springrts.com- *** Login denied on lobby server (You are banned: (login/registration spam), 29 days remaining) Current system seems a bit too over zealous, by irc client auto reconnects every 5 sec. Also should moderators not be immune to auto system bans?