Brothers credit journey of BRUTE FORCE (cont)UPDATE

Similar Messages

• Brothers credit journey of BRUTE FORCE (cont)

  I remember that crazy wacko app spree like yesterday

  tuolumne wrote:
  Kostya1992 wrote:
  If anyone doesn't remember my last post about my brothers "spree", here it is: http://ficoforums.myfico.com/t5/Credit-Cards/Brothers-crazy-credit-journey-PART-II/td-p/3815607 I no longer consider his journey to be a spree, it's more like brute force. He applies for about 20+ cards daily (including any prime cards, etc) and gets what he gets. He's very adamant about it and probably hasn't gone more than 3 days without applying for a few cards for the past 8 months or so. Today he messaged me that he got in with a Chase British Airways VS $3500 limit & 15.99%APR and some type of a Discover card. He probably has over 100 inquiries (last 6 months) on each bureau and 40-50+ new accounts reporting in the last 6 months. His next goal is to get in with AMEX & Citi and his overall goal is to reach the $1,000,000 available credit mark, he is currently at around $200k-$250k. I'm surprised myself, apparently applying once a day for every credit card ever works, haha.How does he even still get approvals? That really is brute force.I ask myself the same thing, lol. His score is like 650 now across the board.

• HT3702 I'm trying to update a game and its telling me I need to view my billing.i check my billing and it isn't giving me a none option. It's forcing me to put a credit card in, in order to update a game. Help please:(

  I'm trying to update a game and its telling me I need to view my billing.i check my billing and it isn't giving me a none option. It's forcing me to put a credit card in, in order to update a game. Help please:(

  Well, that is probably becasue you owe a debt or something similar.
  Check with
  iTunes Store Support
  http://www.apple.com/emea/support/itunes/contact.html

• What the heck is brute-forcing our exchange server?

  Hello all,
  We have been getting FLOOODED with (what seems like) brute force attacks on our server. We use RDP a lot for remote connecting but our firewall (Sonicwall) is setup to block IPs that aren't ours (I've seen this resolve RDP brute-force attacks first-hand).
  The problem is that i'm used to seeing the "Failure Audit" logs with "Logon Type 10" and an IP that was attempting the connection, but now we're being flooded with "Logon Type 8". The issue that has me concerned is that i'm now
  seeing a LARGE amount (438 entries) of failed login attempts with no IP address to indicate where it's coming from.
  Now, as much as I love Batman, I know for a fact noone on our end was trying to login under this account (or the hundreds of other accounts that attempted logins). I copied one of the event viewer logs below and literally ALL of the events are identical
  with the exception of the Account Name (the acct name is different and always something blatantly fake).
  My guess is that there is some type of bot trying to authenticate using OWA to get email access, however I could be 100% wrong (the logic comes from the fact that an exchange file is listed on every event). ANNNNY input / advice on this matter is appreciated!!!
  An account failed to log on.
  Subject:
  Security ID: NETWORK SERVICE
  Account Name: <serverHostname, Edited out for security>
  Account Domain: <our domain>
  Logon ID: 0x3e4
  Logon Type: 8
  Account For Which Logon Failed:
  Security ID: NULL SID
  Account Name: baseball <This is different across the events>
  Account Domain:
  Failure Information:
  Failure Reason: Unknown user name or bad password.
  Status: 0xc000006d
  Sub Status: 0xc0000064
  Process Information:
  Caller Process ID: 0x2f3c
  Caller Process Name: C:\Program Files\Microsoft\Exchange Server\V14\Bin\EdgeTransport.exe
  ^this is what leads us to believe it's coming from OWA / email login attempts
  Network Information:
  Workstation Name: <servername>
  Source Network Address: -
  Source Port: -
  Detailed Authentication Information:
  Logon Process: Advapi
  Authentication Package: MICROSOFT_AUTHENTICATION_PACKAGE_V1_0
  Transited Services: -
  Package Name (NTLM only): -
  Key Length: 0
  This event is generated when a logon request fails. It is generated on the computer where access was attempted.
  The Subject fields indicate the account on the local system which requested the logon. This is most commonly a service such as the Server service, or a local process such as Winlogon.exe or Services.exe.
  The Logon Type field indicates the kind of logon that was requested. The most common types are 2 (interactive) and 3 (network).
  The Process Information fields indicate which account and process on the system requested the logon.
  The Network Information fields indicate where a remote logon request originated. Workstation name is not always available and may be left blank in some cases.
  The authentication information fields provide detailed information about this specific logon request.
  - Transited services indicate which intermediate services have participated in this logon request.
  - Package name indicates which sub-protocol was used among the NTLM protocols.
  - Key length indicates the length of the generated session key. This will be 0 if no session key was requested.

  Hi,
  logontype 8 is the same as logontype 3 -network logon except for the fact the password is sent in clear text.
  I think your OWA is publicly available and someoen is trying to access it. The fact the logontype is 8 indicates you might use basic authentication on the website- which is quite insecure. it migh lso be some other servcies (like smb) are available from
  the internet and abused.
  make sure the server is only reachable on the web on the needed ports 443 for the website, 25 for smtp. You firewall should block all the rest!
  For rdp (and other management tools) I would recommend blocking access over the internet and configuring some vpn solution.
  MCP/MCSA/MCTS/MCITP
  Thank you! This goes along with what we were thinking so it's very nice to see someone else saying it. We are looking more into the firewall rules and most likely getting an updated firewall altogether. With any luck we will be ok after setting up the new
  wall with all fresh Rules while keeping the threat in mind. Lots of rules currently and limited security options since it's ancient.
  Thanks for the response!

• Brute force on admin account - Windows Domain

  Hello,
  I have seen a rise of attempts to brute force our Administrator account on a awindows domain. I have in place, a Cisco ASA5505 w/ IPS sensor. I'd like to use the IPS sensor to automatically block IP's that brute force after x failed login attempts.
  Question is, is there a signature present (we auto update and are current) which will detect this and, what do we need to do to enable / configure this to kill the connection and deny further attempts.
  THIS is what I need to stop: We are getting a few hundred a day.
  Logon Failure:
         Reason:            Unknown user name or bad password
         User Name:      administrator
         Domain:            xxx
         Logon Type:      10
         Logon Process:      User32 
         Authentication Package:      Negotiate
         Workstation Name:      xxx
         Caller User Name:      xxx
         Caller Domain:      xxx
         Caller Logon ID:      (0x0,0x3E7)
         Caller Process ID:      8728
         Transited Services:      -
         Source Network Address:      213.171.220.184
         Source Port:      9674

  Hello
  To my knowledge there is no such signature,you need to create a custom signature to achive this.
  If you have Cisco MARS; you can pull these events directly in MARS and create a regex rule for the same. Add email notification to this rule as usual to ensure alerting as desired.  Windows events can either be pulled  by MARS or can be pushed using the Snare agent.
  Please see this link for more details:
  http://www.cisco.com/en/US/docs/security/security_management/cs-mars/6.0/device/configuration/guide/cfgHost.html#wp718623
  Regards
  Farrukh

• How can I force an update of Core Services?

  Hello!
  I am trying to get MATLAB 2014a to work on my macbook air.
  I have followed all the steps in the troubleshooting guides but I am in need of an update from apple it seems.
  I have been waiting for a week now for the update to appear and it hasn't yet. I have restarted, reinstalled and tried many other tricks like moving the install to a new directory and such.
  https://www.mathworks.com/support/bugreports/1116607
  Is there any way to force an update, or do I just have to wait?
  Thanks in advance!

  Thanks everyone for the many solutions.
  I ended up un-selecting all the songs in library(edit->select all, then right click and uncheck), setting the ipod to "update checked songs only", then syncing which removed songs.
  Then select all songs again, re-sync and solved.
  Don't forget to undo the "update checked songs only" option.
  I think the manual solution above may have been easier, but only read that solution now.

• Netbeans 6.1 SMS NON-Brute force ability listen to multiple ports

  First of all, my appologies for being a nubie coming from Mobile6. The company I slave at is migrating from MS Mobile to j2me!!! I am porting a code segment that listens to all incoming/outgoing SMS text messages and logs the messages into another java contact applet for our sales department. Our company policy(I cannot change) allows the sales department to use any/multiple SMS packages and install onto the device.
  Based on my understanding of the (MessageConnection)Connector.open("sms://" foo); I must include a port address to listen in on. Is there a NON-brute forced methodogy to poll "active" ports the device is using to send/recieve SMS text message?
  /dz
  Little Rock, AR.

  db,
  I was reading a blog by Bill Day [http://weblogs.java.net/blog/billday/archive/2004/02/midp_push_using.html]
  regarding MIDP Push; A paragraph jumped at me, it was "...
  Whichever network(s) you're application will be using, you need to find out what protocols they allow inbound to handsets. At the least, most GSM carriers will allow SMS (since they use SMS for short text messaging). Assuming your network does support SMS, from the server part of your application you would need to generate an SMS message directed to the port you bound your MIDlet to in its static or dynamic push registry settings. Assuming the network passes the SMS as expected, your MIDlet should be awakened when the SMS arrives in the handset..."
  Either I'm not understanding your reponse, the info in this blog is incorrect or I must include a port address as part of the open method of the Connector. Still confused.
  /dz

• Credit card/payment confirmation for app updation

  Why is it compulsory to have a credit card information for application download/updation. It is not possible for every MAC user to own a credit. Its also weird that it doesnt accept my debit card details.
  If Apple guys are listening, its NOT FAIR!

  Its also weird that it doesnt accept my debit card details.
  Try this support article > iTunes Store: My credit card's security code or zip code does not match my bank's records
  And keep in mind your credit or debit card credentials must be associated with the same country where you reside.
  Why is it compulsory to have a credit card information for application download/updation.
  It's not. Click Account right side of the App Store window under Quick Links then sign in. Click Edit to the right of Payment Type.
  Select None
  Make sure your name and billing address correct then click Done.
  An alternative would be to purchase iTunes Gift cards which can be redeemed at the iTunes or Mac App Store >  Choose your iTunes Gift Card - Apple Store
  iTunes Store: How to redeem a code

• I have been using firefox on this computer for four years. last night you forced an update, and now i get a message saying it isnt possible to use firefox wtf

  i have been using firefox on my computer for four years. now you force an update i didnt even want, cuz everything was FINE already, and now if i try to use firefox, it says it cant even be used on my computer. i want to watch my shows, i dont want to spend hours resetting things up or waiting for an email to tell me what im supposed to do. why in hell do you force updates when things are working just f-ing fine, that make everything worse, why cant anything that works ever just be left alone to work.

  hello, the last version that was compatible with os x 10.4.11 is firefox 3.6.28 - you can download it from here: [http://www.mozilla.org/en-US/firefox/all-older.html]
  [https://support.mozilla.org/en-US/kb/install-firefox-mac?s=installing&r=7&e=es&as=s#os=mac&browser=fx35 Install Firefox on Mac]
  afterwards please disable automatic-updates in preferences > advanced > updates so that it doesn't happen again...

• Does clearing cache & data in Google Services Framework really force OTA updates?

  While waiting for Big Red to push the OTA 4.3 update to their Samsung GS3 customers, I read somewhere that clearing the cache + data + selecting Force Stop in the Google Services Framework app [settings>applications manager>all] before checking the device software update status [settings>about phone>software update>check new] would force available OTA updates to the device; however, after repeated attempts, I've been unsuccessful achieving that objective. In fact, after doing all that AND removing both the battery + sim card for 30-60 seconds, the date/time stamp in the update status continues to read the most recent status check.
  Though I've seen several claims of success doing this on different devices, has anyone else in the VZW Community tried this and has gotten a successful 'force update' on their GS3?

  No, that will not force an update, especially one that does not exist.

• I have an Ipad2. I wanted to pay for some accessories on a game through my brothers credit card and it wouldn't go through. And now a message pops up cannot connect to iTunes Store please contact iTune support.

  I have an Ipad2. I wanted to pay for some accessories on a game through my brothers credit card and it wouldn't go through. And now a message pops up cannot connect to iTunes Store please contact iTune support.

  You have to contact Apple Support.
  https://ssl.apple.com/emea/support/itunes/contact.html

• Credit Managment: Sales Order last in update the Credit Limit

  Hello,
  I have a problem. When creating sales order with a few seconds of difference (from 1 to 5), the first sales order (that consumes all the credit limit) doesn´t reach to update the credit limit and for that reason the system permits to create the second one.
  I have an other case of two sales orders created in exactly the same time, so the system permited to create both of them.
  Do you think there is some solution for those cases?
  Thank you.
  Regards
  Jimena.-

  Hi Praveen,
  We use this functionality in that case for example you have two customer A and B.
  You want to maintain the credit limit 2000$ for both the customers.
  So we use this functionality, we assign the customer as credit account in another credit account.
  Now doesn't matter customer A buy the goods from you or customer B.
  System consider only 2000$ not 4000$.
  Hope it helps,
  Regards,
  MT

• How can I force the update of items from my local iTunes media onto cloud?

  I have a complete library of music in iTunes on my Mac. When I create
  a new playlist or import some new CD into the iTunes music library I want to
  export and refresh all music files, directories and playlists to the cloud (iMatch).
  How do I force an update of my local music library back into the Cloud
  (and not from Cloud onto my computer)?

  Thanks everyone for the many solutions.
  I ended up un-selecting all the songs in library(edit->select all, then right click and uncheck), setting the ipod to "update checked songs only", then syncing which removed songs.
  Then select all songs again, re-sync and solved.
  Don't forget to undo the "update checked songs only" option.
  I think the manual solution above may have been easier, but only read that solution now.

• Forcing an Update of my textfield

  Currently I have a for loop which goes through and draws a really long list of objects.  Each object is contained in its own sprite and as it draws them I wanted to have a text box saying "Ojects" + nObjectsTotalLoaded + " of " + nObjectsTotal + " have been Loaded."  Right now I am timing out because my loops takes so long, but i figured that if I have a textbox updating as it creates each object that it will also fix my problem with timeout.  Let me know what you guys think. I can provide more of my code if needed.

  There is know way to force and update inside of a for-loop or while-loop.  Flash doesn't interrupt them.  Maybe you can break you loop into multiple loops.
  You can also not draw all the objects at once.  I would suggest you use a Timer or addEventListener(Event.ENTER_FRAME, ...). To divide how many object you draw at one time.
  But depending on how many objects you have you might want to reduce the number or handle drawing a different way to increase performance.

• Question about brute force attacks

  How does ironport deals with brute force attacks on ssh and https?
  There is some kind of control?
  If someone leaves ironport's 22 and 443 ports "open" to the internet, it would be a problem if ironport does not control number of invalid logins attempts...

  uhm, i think it would be against Ironport Systems main purpose, that is to keep the appliances doing only its jobs. If you give a firewall, ppl will be able to use ironport to another tasks beyond MT task, and i think it's not wise...
  I'm not talking about using it as a firewall to protect other systems. I'm talking about it having a built-in software firewall for protecting itself.
  Ok, i understand what you say, but i cannot see the major usefulness of the built-in fw. If you really want your system to be safe, just dont run the stuff. Keep ssh and https disabled on the public interface.
  On the begining, i was concerned about ppl that leaves the ssh and https ports opened to the net. And when i say opened, i reaaly mean without fw.
  I think we are missing the spot.
  But just in case, do you guys really think ironportnation's forums have enough spot to this kind of discuss?
  You're the one who started this thread. If you don't think this is an appropriate place for it then why did you start it?
  Ok, what i'm trying to say, is that, in my (silly) opinion, ironportnation's forums should be more visited, more commented. I dont see the ironport's legion here. Many ppl just sign in and almost never log in.
  But who cares with my opinion? so let's not discuss it, let's forget it.
  I keep thinking that 'Robot Exclusion Protocol' should be considered.
  If you don't agree, check it out
  another tip, the crawler is indexing the 'login help' page.