Re: Your account on TechSpot OpenBoards has been locked

8

8r1n

Posts: 18   +0
Hi Admin,
Can someone enlighten me reference your E-mail today:

Your account on TechSpot OpenBoards has been locked because someone has tried to log into the account with the wrong password more than 5 times. You will be able to attempt to log in again in another 15 minutes.
The person trying to log into your account had the following IP address: 70.86.138.114
Click to expand...

I have not accessed my account for several days & the following IP address: 70.86.138.114 is shown by "Link Advisor" as:
theplanet.com | Owner: ThePlanet.com Internet Services, Inc., United States, 1333 Stemmons Freeway, Suite #110, 75207, Dallas, TX | Server location: United States
Is there a bug in the system as I know your "Bandwidth is by "THE PLANET"
Anyone any ideas? as I can't think why anyone should want to h*ck into my account?
Peace
8r1n
 
It seems you're not the only one having that problem. Searching the Web for that IP address returns more people on different forums having the same problem, with the same IP address. You should private message Julio and ask him about it; it's possible that he could block that IP.

Regards :)

Edit: I've been doing more research and there are a lot of people at other places having the same problem. I tried to trace the route to the IP address, but eventually the requests just timed out. Ping requests don't work either. The weird thing is, this IP belongs to The Planet, a web hosting company; I don't think they are an ISP.

So I guess all you can do is have a very strong password, not just word(s), but numbers and symbols mixed in.
 
kitty500cat,
Thanks for the heads up? I do have "alpha numeric" password now, perhaps that's why they didn't gain access. I will also try & do some checks myself now that I know it's not a TS bug?
Peace
8r1n
 
Just search Google for the IP and you'll see other threads about it. Hopefully Julio will see this thread soon.

Regards :)
 
Have just been doing just that & you are correct many people are experiencing the same as myself, I suppose it's a full day tomorrow changing my Passwords on my many accounts! Luckily I don't have my Bank account details on this disk!
Peace
8r1n
 
I received many emails from users yesterday who had received that message and were trying to help, I have (hopefully) resolved that problem by banning that IP. I yet have to hear from more members since I took that measure.
 
Julio,
Thank you very much for the Swift Action. I suppose it may be a good idea to inform other sites I belong to, is also ban the that IP?
Peace
8r1n
 
Same problem new IP

The person trying to log into your account had the following IP
address: 74.53.243.34
Click to expand...

My account has been locked out twice today and I have not been here in a week. Address resolves to The Planet.
 
I have reported this to The Planet directly and banned the IP. Many users have emailed me reporting the same again.
 
Again- Password Stealer

I got the same message too for the second time! I started this post with the same problem. It has also happened on a Digital camera site I know, same IP!!

Here's what a whois threw up

IP Information for 74.53.243.34

IP Location: United States Dallas Theplanet.com Internet Services Inc Resolve Host: 22.f3.354a.static.theplanet.com IP Address: 74.53.243.34 Blacklist Status: Clear
Whois Record

OrgName: ThePlanet.com Internet Services, Inc.
OrgID: TPCM
Address: 1333 North Stemmons Freeway
Address: Suite 110
City: Dallas
StateProv: TX
PostalCode: 75207
Country: US

ReferralServer: rwhois://rwhois.theplanet.com:4321

NetRange: 74.52.0.0 - 74.54.255.255
CIDR: 74.52.0.0/15, 74.54.0.0/16
NetName: NETBLK-THEPLANET-BLK-14
NetHandle: NET-74-52-0-0-1
Parent: NET-74-0-0-0-0
NetType: Direct Allocation
NameServer: NS1.THEPLANET.COM
NameServer: NS2.THEPLANET.COM
Comment:
RegDate: 2006-02-17
Updated: 2007-07-11

RTechHandle: PP46-ARIN
RTechName: Pathos, Peter
RTechPhone: +1-214-782-7800
RTechEmail: http://source.domaintools.com/email....3f1715a6986a84

OrgAbuseHandle: ABUSE271-ARIN
OrgAbuseName: Abuse
OrgAbusePhone: +1-214-782-7802
OrgAbuseEmail: http://source.domaintools.com/email....df50b8def0352f

OrgNOCHandle: TECHN33-ARIN
OrgNOCName: Technical Support
OrgNOCPhone: +1-214-782-7800
OrgNOCEmail: http://source.domaintools.com/email....3f1715a6986a84

OrgTechHandle: TECHN33-ARIN
OrgTechName: Technical Support
OrgTechPhone: +1-214-782-7800
OrgTechEmail: http://source.domaintools.com/email....3f1715a6986a84

== Additional Information From rwhois://rwhois.theplanet.com:4321 ==

network:Class-Name:network
network:ID:THEPLANET-BLK-14
network:Auth-Area:74.52.0.0/15
network:Network-Name:TPIS-BLK-74-53-243-0
network:IP-Network:74.53.243.32/28
network:IP-Network-Block:74.53.243.32 - 74.53.243.47
network:Organization-Name:Brillant
network:Organization-City:ROMORANTIN LANTHENAY
network:Organization-Zip:41200
network:Organization-Country:FR
networkescription-Usage:customer
network:Server-Pri:ns1.theplanet.com
network:Server-Sec:ns2.theplanet.com
network:Tech-Contact;I:http://source.domaintools.com/email....df50b8def0352f
network:Admin-Contact;I:http://source.domaintools.com/email....df50b8def0352f
network:Created:20070713
network:Updated:20070713

network:Class-Name:network
network:ID:THEPLANET-BLK-14
network:Auth-Area:74.52.0.0/15
network:Network-Name:TPIS-BLK-74-53-243-0
network:IP-Network:74.53.243.32/28
network:IP-Network-Block:74.53.243.32 - 74.53.243.47
network:Organization-Name:Brillant
network:Organization-City:ROMORANTIN LANTHENAY
network:Organization-Zip:41200
network:Organization-Country:FR
networkescription-Usage:customer
network:Server-Pri:ns1.theplanet.com
network:Server-Sec:ns2.theplanet.com
network:Tech-Contact;I:http://source.domaintools.com/email....df50b8def0352f
network:Admin-Contact;I:http://source.domaintools.com/email....df50b8def0352f
network:Created:20070713
network:Updated:20070713

I cannot understand the reason for it? as not much can be gained if anything. Just register for a account? unless it is some sort of "Deniel of Service Attack?
8r1n
 
I have added those two IP Addresses to an IP Tables DROP, so now they wont be able to access the server at all on any port...

If any more of these abuses happen please e-mail me or Julio directly (I've also subscribed to this thread)
 
You must log in or register to reply here.

Similar threads

midian182
Netflix will start charging US customers for sharing account passwords
Replies
10
Views
709
saladbarsmash
S
captaincranky
TechSpot Failed to Access my Email Address
Replies
5
Views
969
captaincranky
captaincranky
Julio Franco
The complete list of alternatives to all Google products
2 3 4
Replies
98
Views
34K
wizardB
wizardB

Latest posts

Back