Quote Originally Posted by User137 View Post
First off, i'm not making things up. I have built web services and seen many configuration options. You seem to be tackling on minor details now on things you could have thought of solutions yourself too.
Would you mind sharing wich ones? I gues that they arent such prosperous targets as Steam accounts for instance, wich lowers chances off hackers trying to hack them in the first place.

Quote Originally Posted by User137 View Post
What does bots password guessing have to do with humans?
Everything becouse most of the humans can remember only simple passwords wich have some predictable patters. This means that guesing those passwords is easier.

Quote Originally Posted by User137 View Post
Ban IP for 10 hours or ban user, that's minor details. ISP's dynamic IPs usually change at frequency of once per 24 hours, but may vary alot. I used to have same IP for many weeks. Getting 1 user a "access denied" for preventing 1 hacker would be perfectly acceptable trade any day. User can request his password to his email if its lost, no system will let you attempt it more than 10 times, normally just 5.
Yes most ISP-s would assign specific IP's to be used by specific users for some period of time, but most ISP's still alow users to request to be assigned a different IP to them anytime. This meanst that one user cah launch hack attempt from even more than 100 different IP's in the same day.
But here is the problem. After you blacklist certain IP address hacker just request for new one. And since old IP is no longer being assigned to the hacker it can be assigned to another user. And if this another user is a legitimate user you would just prevent him prom accesing your sevices.

Quote Originally Posted by User137 View Post
It doesn't have to be an automatic shutdown. Or don't pull the plug and let system get hacked with all user database stolen, yay! I'd rather stop the system, call the police and see what they can do about the ongoing attack. Doublecheck security settings, maybe change admin passwords and if all ok, restart.
I would rather have some decoy system than stop the whole system for every attack. Why? If you stop the system you clearly tell the hackers that you discovered their hacking atempt and before you would even managed to explain the police that someone tried to hack your system the hackers would already erase all traces behind them. So you only get your system not being available to legitimate users and have no leads to the hackers for police to arest them.
But if you use some kind of a decoy you might hold hackers online long enough to backtrace to them. And how to make a dcoy system. For instance if you detect an atempt to access your database give the hacker impresion that he realy hacked your database engine and start feding him with false information. If you do this long enough it might be posible to backtrace the wareabouts of this hacker. But there is no quarantee that backtracing would be sucsessful.
Most todays hacking attmepts are launched from botnets nad not from a single computers. What this means. This means that hakcing attempt is actualy being launched from certain computers wich have been infected with some troyan's wich gives hackers controll off those computers. Usualy hackers even use pretimed attacks. This means that they actually arent online when athe hack is actually taking place. This makes them erasing traces behind them a lot easier and they have a firm alliby that they have been doing something else at the time making aoutorities a lot harder job in putting them in prison. And sometimes some inocent pepole actually get in trouble becouse the atack actualy originated from their computer and they didn't even know it. That's why most ISP providers usage terms have a clause that the user of the service can be prosecuted and fined if the ISP detects that a hacking attempt originatet from their computer even if their computer was under someones elses controll at the time.