Legacy Browser Fingerprinting & non-standard cookie bans

[Alfa1]

For months now we keep getting attacked by an attacker that is using botnets to brute force accounts. Botnets are just so easy to access nowadays. While vbsecurity does allow us to limit the number of IP's the attacker can use, your software does not stop the attacks. We need other methods than IP bans to stop the attackers.

Please consider browser fingerprinting, or methods like these:

• Standard HTTP cookies
• Flash Cookies (Local Shared Objects)
• A locally cached png picture with encrypted content
• HTTP eTags
• Web Cache
• window.name caching
• userData storage (IE only)
• HTML5 Session Storage
• HTML5 Local Storage
• HTML5 Global Storage (IE only)
• HTML5 SQLite Database Storage

Once it is clear that a login attempt comes from an attacker, automatically ban the user.

One thing that would be extremely useful is to know what system the attacker is on. So adding browser fingerprint info to the login strikes log would be very useful.

 

[Fillip H.]

Hi there,

While vBSecurity cannot stop the attacks, you can make sure that users are not affected by running the following query:

UPDATE user SET dbtech_vbsecurity_ipcheck_enabled = '1'

and then the following query to force it to be enabled for all future users:

ALTER TABLE user CHANGE dbtech_vbsecurity_ipcheck_enabled dbtech_vbsecurity_ipcheck_enabled TINYINT(1) UNSIGNED NOT NULL DEFAULT '1'

This will enable Two-Factor Authentication in the latest version of vBSecurity, ensuring members' accounts are only accessed by IP addresses they authorise.

 

[Alfa1]

As 2FA severely hinders technically challenged users it would lock out or dissuade people from logging in. It would be smart to only turn it on for accounts that the attackers try to access more than X times.

is this possible?
Alternatively: Is there a way to manually activate 2fa for specific accounts?