No, I've just mentioned major flaws in the security solutions you have suggested. What solution to use for Steam? I don't know because I don't have knowledge of their specific system and most likely neither do you. The rest is just pure speculation as I've said earlier.Originally Posted by User137
Because accounts are hosted for human users, not spam bots. Therefore, you can still guess passwords set by humans which have the nature of using easy to remember passwords instead of random letters.
It seems that you did not understand my reply. Please, check (or recheck) what subnetting is about. That is, ISP may have only one public IP with many internal (local) IP addresses given to their users. If by means of spoofing or by using proxy you thought of an IP address to be spammer and blocked it, not only you have blocked one single user, but the entire subnet! Therefore, many users will get denial of service, while the attacker can simply use a different IP address then and continue the attack. You may try to block the specific port instead of IP, but it won't help either because ports can be reused in ISP for different users and attacker can simply use a different port or most likely use as many ports and as many IP addresses as possible. Therefore, as I've said, IP blocking (check the Wikipedia link, it actually mentions the risks involved) is not an efficient security measure.
What to do in this case? It's a difficult scenario, which will most likely require multiple solutions and it still won't protect you completely. Hardware firewalls, packet filtering, redundancy, symmetric authentication are some things you can do to detect what information is legitimate, but sooner or later you will have to assume that your system will be messed up with and you will need to include steps for recovery instead of defense. This is where raw data encryption comes into play, which we have discussed earlier.
What you are saying is fiction, that the system somehow will detect if is being hacked and say "Warning! System is being hacked, shut down? Y/N". What you are really getting are login attempts, but there is no way for you to know whether they are legitimate or some sort of attack. For instance, there are users, including myself, who may insist on logging in, more than 5 times in a row. In my own example, I have over ten passwords and sometimes I don't remember which one I've used on the particular web site, therefore I have to try all of them. An alternative solution would be simply a delay (e.g. few seconds) so that it will take quite some time for an automatic solution to guess the password, which you can detect later in the logs and do the necessary investigation on the matter without affecting any of the users or shutting down the system prematurely.
As for calling the police, that was funny. You may want to try calling FBI or NSA first.
There are other ways to ensure security instead of using IP whitelist, which as I've said earlier, won't do the job.
What solutions should you use to improve security? It depends on the particular implementation. You may use both hardware and software solutions, packet filtering, redundant internal servers and a lot more. However, as it has been said earlier, you will most likely never achieve total impenetrable security as long as you are connected to another network, just the same as you will never protect your hardware completely from the lightning strikes (btw, yet another interesting topic which we should sometime discuss) as long as you are connected to a power outlet.
Reply With Quote
Bookmarks