I am getting messages about failed logins and am locked out from logging in on my computers. I have my login saved on my phone which is why i can post. The ip associated with failed logins is NOT my ip address

I've also seen some odd behavior with regard to login (failure even when given correct credentials). Given that the site's been brought down quite a few times now, I'm betting it's something malicious.

I've had several failed attempts to log on as well. Stating that I have failed at several attempts to log in and to retry in 15 minutes.

I actually got an e-mail from the site and it listed the IP address of the failed logins.

I did a look up and that address comes from Southern California and not Texas. The staff was copied on the e-mail so that is an address that is being used to cause whatever trouble is happening.

Hopefully that will help the admins here track down what is happening

+1, using tapatalk. Current user name and pw works fine with various computers, doesn't work with tapatalk. weird.

Had several of the same problems. Had to reset my password to access, as I'm not cool enough to have the Net on my phone...

Yep, me as well. I go to an address which was linked in another thread in order to login now. That thread has disappeared for some reason. Is something up??

Yep, me as well. I go to an address which was linked in another thread in order to login now. That thread has disappeared for some reason. Is something up??

I have to access through that link as well. I can't access it the normal way, and I also noticed the fact that the thread which spoke about disappeared. I hope that link isn't sketchy or something, it does give me the same site but I want to be able to log on to the normal way through the normal we address. Also wondering what's up..

Can one of you guys with that link post it or PM it to me?

Thanks...

Can one of you guys with that link post it or PM it to me?

Thanks...

i sent you a private message. Again i can only access this site threw the link that was posted in the thread that has magically disappeared. Im still getting multiple spam emails saying that a IP address other then mine is trying to access my account. Why hasn't the staff chimed in to let us know what is going on? Im getting very concerned that unknown people is getting access to our personal info. Staff please let us know what is going on!!!

Someone please PM the link as well?

I have been unable to login for 24hrs. The site has been logging me out when attempting to post. Then will not accept correct PW to log back in. :help:

The thread that gave us the link to login on another entry has disappeared. Without that thread, I am not sure if the link will be available. Seems strange how a thread with that link would just disappear.

I have been dealing with it for a day or two. Any attempt to login I get the failed login, wait 15 minutes, etc...


I finally was able to login after resetting my password twice.
Should i be concerned about my info?

The reason a thread with an unknown IP address was moved is because I can't think of a valid reason to have an unknown, unvetted, and possibly unsafe IP address being passed around.

If you go to a command line and ping M4carbine.net, it certainly will not come back to the IP address that some unknown and faceless entity posted to the forums.

I would suggest ceasing use of an unknown IP address. I would also suggest that by using the www.m4carbine.net URL, go to your password and change it to something secure.

Suggestion would be use one capital letter, one symbol (!@#$%^&*....etc), and at least one number (1,2,3...etc).

"!Password123#" is way more secure than "password123" or "password".



TL; DR -- change your password via the proper URL, navigate alternate IP/URL's at your own peril.

The reason a thread with an unknown IP address was moved is because I can't think of a valid reason to have an unknown, unvetted, and possibly unsafe IP address being passed around.

If you go to a command line and ping M4carbine.net, it certainly will not come back to the IP address that some unknown and faceless entity posted to the forums.

I would suggest ceasing use of an unknown IP address. I would also suggest that by using the www.m4carbine.net URL, go to your password and change it to something secure.

Suggestion would be use one capital letter, one symbol (!@#$%^&*....etc), and at least one number (1,2,3...etc).

"!Password123#" is way more secure than "password123" or "password".



TL; DR -- change your password via the proper URL, navigate alternate IP/URL's at your own peril.

Ok, I tried to do what you said and still having problems. It says wrong password, wait 15 minutes etc... How can I change my password through your link if I can't login??

I also tried changing my password through the other link provided in the thread that has disappeared and when I did that and tried to login with your link, still getting the wrong password schpeel.

Again, I would only recommend using www.m4carbine.net to navigate to the site. Obviously, if you have a known authentic IP address, great use it, otherwise you are running the risk of going to a spoof site, or some "honeypot" trap.

Obviously, everything on the internet is technically a risk, but using unknown IP addresses is probably a generally bad idea, and increases your risk.

If you can not access the site via www.m4carbine.net, just wait and try again later.

I too was having the same issues logging in. I followed the posted link in the deleted thread being spoke of... I changed my password from that link, and now I am receiving spam emails, and failed log-in emails from that adress... dont use it fellas, its a sham.

Sorry, first post, just thought Id throw it out there.

Alright I am threadjacking my thread back to the original intent.

(1)I attempted to login on Saturday but received a failed login notification that I had exceeded my limit. Since this was in fact my first attempt to login, I was suspicious.
(2)I received an email from m4carbine.net stating that someone had tried to login as me from an address that wasn't my address.
(3)Even after waiting the required 15 minutes, than 24, now 72 hours, my original password did not work.
(4)After changing my password via the forums (using incidentally the password that was not being accepted) I can now login, but still have no explanation from #1,2,3.

I too was having the same issues logging in. I followed the posted link in the deleted thread being spoke of... I changed my password from that link, and now I am receiving spam emails, and failed log-in emails from that adress... dont use it fellas, its a sham.

Sorry, first post, just thought Id throw it out there.

It's working for me. No spam emails, no problems, and this isn't my first post.

Alright I am threadjacking my thread back to the original intent.

(1)I attempted to login on Saturday but received a failed login notification that I had exceeded my limit. Since this was in fact my first attempt to login, I was suspicious.
(2)I received an email from m4carbine.net stating that someone had tried to login as me from an address that wasn't my address.
(3)Even after waiting the required 15 minutes, than 24, now 72 hours, my original password did not work.
(4)After changing my password via the forums (using incidentally the password that was not being accepted) I can now login, but still have no explanation from #1,2,3.

I think you should consider that malicious or otherwise, it often takes a few days if not longer to figure out what has happened after an incident.

Secondarily, consider that you might not be entitled to a full explanation.

Third, if you were smart, you would have simply recognized that something bad was going on, either malicious or otherwise, and simply stayed away until it got figured out.

Bad shit happens on the internet all the time, at a rate that would boggle your mind. Expecting the forum moderators to spend their lives working to figure out a problem for which they get no pay, isn't really reasonable. They aren't cyber security experts, they're mods. I know you might think of them as all knowing gods, but the truth is a bit less grandiose.

I'm sure that when they know, and they decide it's something they want to disclose (consistent with local laws), they will.

All right, I dunno what bug flew up your butt, but your post is anything but helpful and downright condescending.

I originally posted this as I suspected I might not be the only one afflicted by this.

I have not demanded an full explantion, but it would be nice if a simple "Change your password--phishing scam" confirmation were posted.

I recognized this right off the bat as a phishing scam and then posted the details of such. Contrary to popular belief not all the unwashed masses are simpletons and some of us do have some experience in this area.

And then you come in here like a 1000 bull in a china shop swinging your fake balls around to do nothing about the situation but inflame things.

Well played.

I simply wanted to get the focus off the "change your password via this IP" which was an obvious scam and get more info on the failed logins and what caused them and if there was anything to do about it or not. Far be it from some of us to be concerned about the site security and pass along helpful details to the user base and staff.

I can change my password from a computer & tapatalk will let me in for a few minutes then i get the incorrect login thing again but only with tapatalk

All right, I dunno what bug flew up your butt, but your post is anything but helpful and downright condescending.

No bug at all...which one flew up your butt? You know what, I'm tired, I'm sorry your feelings got hurt. It certainly wasn't my intent but it's also been a long weekend and if I was a bit terse it's because your last post was more than a little petulant that you hadn't received immediate notification as to what was occurring, or answers to your question...even though it had been a little more than 48 hours since things started going wonky. Just step away from the computer for a while, it's not the end of the world to go without M4C for a few days.

I'm always amazed that people when people don't get immediate answers to their questions on demand they feel as though they're being slighted or ignored when it might take a few days to even get any answer, let alone a correct one.

If you're going to surf the internet, it behooves everyone to learn a few basic tools that allow you to do so securely. It isn't even hard to spoof an official looking email that directs you to "reset" your password.

If your password isn't being accepted and you're getting a lot of behavior you're not familiar with (i.e. emails telling you someone is trying to log into your account), this would be what you call a clue. Trying to force the issue, by repeatedly re-entering your password or keep trying the same thing and expecting a different result is pointless in the case of something accidental and probably a recipe for disaster in the case of something malicious.

well after 2 days i can now log in but the site is going slow as hell but im happy to be able to log back in. I did use that link that was provided a yesterday but figured not too after i really thought about it. I did receive alot of emails that a certain IP address was trying to log in on my account with the log password. But it was me but the IP address wasnt mine and i wasnt using the link provided before. I have no idea what the hell that was about but any way Staff any news on what the hell was going on. Was the member that provided that link been banned and reported ?

I have no reason to believe that the IP address was provided maliciously. Fact of the matter is, users should be using www.m4carbine.net to get to the site -- unless you personally do the legwork to vet the IP address that you are being instructed, or told, works.

Sometimes the worst happens when people believe things that are innocently offered. Which is why I stated, no fewer than three times, to only use our url --> www.m4carbine.net

I couldn't make it any clearer.

The internet is risky, our site is paying a pretty penny, apparently, to try and make the site more useable, and more secure each day. There is someone, "who" is open to interpretation, who likes to try and impede our operation.

We will not provide full disclosure of what we're doing, but we are trying to make it better, and always looking for better security.

When we feel there is a worthwhile update, one will be posted. Otherwise, please use the site if it's available, and enjoy your time here. If you can not navigate here via www.m4carbine.net, we apologize in advance.

Thanks.

I was unable to login at all during the latter half of the 16th and all day on the 17th. This morning (18th), I was finally able to login using a new PW/reset.

I have attempted at least 4 password resets.

After each reset, I used the M4C email's embedded link to attempt to change the PW. After the initial attempt, I received the multiple login failures warning and 15 minute time out.

I sent an email to M4C staff. The staff provided me with an IP address. A trace early on the 17th indicated a dynamic IP address/computer in Leesville, LA. In the afternoon, a trace indicated a static IP address assigned to the web hosting corporation Lunar Pages in Anaheim,CA.

I wonder if our User IDs have been compromised. The M4C site has been experiencing problems the last few days; site off line and many users unable to login. The type of problem associated with inability of many members to log in during the last 36 hours period would indicate some sort of nefarious activity by unknown person(s) or a problem with M4C host/server. If there were continuous attempts to login using a User ID, I suspect the M4C server was being subject to a Brute Force Attack. Especially if many User IDs were experiencing this problem. And, such could explain why the M4C site was periodically going down since Sunday.

I saw no indication of spoofing.

No doubt, Gunshot and Archer have access to Admin tools provided by the host to analyze server activity. Does the host provide you with tools to analyze potential web site attacks or do you need to contact the provider? Either case, it should be relatively easy to see if the web site has experienced unusual activity.

I have had absolutely no other problems with any other web site requiring a login, email accounts or anything else with my i5 MacBook Pro running behind software/hardware firewalls. Everything is healthy on my end.

In so far as passwords, an 8 character, human generated password using upper and lower case, numbers and One special character can be broken in seconds with internet available software by a person acting unethically and possibly illegally. Best to use a random PW generator; MIT has a good one.

I was unable to login at all during the latter half of the 16th and all day on the 17th. This morning (18th), I was finally able to login using a new PW/reset.

I have attempted at least 4 password resets.

After each reset, I used the M4C email's embedded link to attempt to change the PW. After the initial attempt, I received the multiple login failures warning and 15 minute time out.

I sent an email to M4C staff. The staff provided me with an IP address. A trace early on the 17th indicated a dynamic IP address/computer in Leesville, LA. In the afternoon, a trace indicated a static IP address assigned to the web hosting corporation Lunar Pages in Anaheim,CA.

I wonder if our User IDs have been compromised. The M4C site has been experiencing problems the last few days. Our inability to log in during a 36 hours period would indicate some sort of nefarious activity by unknown person(s) or a problem with M4C host/server. If there was continuous attempts to login using a User ID, I suspect the M4C was being subject to a Brute Force Attack. Especially if many User IDs were experiencing this problem. And, such could explain why the M4C site was periodically going down since Sunday.

I saw no indication of spoofing.

No doubt, Gunshot and Archer have access to Admin tools provided by the host to analyze server activity. Does the host provide you with tools to analyze potential web site attacks or do you need to contact the provider? Either case, it should be relatively easy to see if the web site has experienced unusual activity.

I have had absolutely no other problems with any other web site requiring a login, email accounts or anything else with my i5 MacBook Pro running behind software/hardware firewalls. Everything is healthy on my end.

This. I am going to take a vacation from M4c until this thing gets sorted out. I love this website, but until everything gets back to normal and I can login in using what I used last week with no problems, I am staying away................:cray:
Also, those that are still logining in via the unknown IP, this could be causing more problems. Adios and until next time.

I was unable to login at all during the latter half of the 16th and all day on the 17th. This morning (18th), I was finally able to login using a new PW/reset.

I have attempted at least 4 password resets.

After each reset, I used the M4C email's embedded link to attempt to change the PW. After the initial attempt, I received the multiple login failures warning and 15 minute time out.

I sent an email to M4C staff. The staff provided me with an IP address. A trace early on the 17th indicated a dynamic IP address/computer in Leesville, LA. In the afternoon, a trace indicated a static IP address assigned to the web hosting corporation Lunar Pages in Anaheim,CA.

I wonder if our User IDs have been compromised. The M4C site has been experiencing problems the last few days; site off line and many users unable to login. The type of problem associated with inability of many members to log in during the last 36 hours period would indicate some sort of nefarious activity by unknown person(s) or a problem with M4C host/server. If there were continuous attempts to login using a User ID, I suspect the M4C server was being subject to a Brute Force Attack. Especially if many User IDs were experiencing this problem. And, such could explain why the M4C site was periodically going down since Sunday.

I saw no indication of spoofing.

No doubt, Gunshot and Archer have access to Admin tools provided by the host to analyze server activity. Does the host provide you with tools to analyze potential web site attacks or do you need to contact the provider? Either case, it should be relatively easy to see if the web site has experienced unusual activity.

I have had absolutely no other problems with any other web site requiring a login, email accounts or anything else with my i5 MacBook Pro running behind software/hardware firewalls. Everything is healthy on my end.

In so far as passwords, an 8 character, human generated password using upper and lower case, numbers and One special character can be broken in seconds with internet available software by a person acting unethically and possibly illegally. Best to use a random PW generator; MIT has a good one.

This. Also if any assistance is needed there are those of us with computer security/webhosting security expertise available to assist if needed.

Alright, enough.

Firstly, we're not going to discuss M4C site security in an open forum.

Secondly, the reason some people are getting failures, and not others, is because you may be unlucky enough to share an IP address, or range, that is attempting to slow the site through DDos, etc.

Thirdly, the internet is a risky place. A password can almost always be compromised quickly, assuming you have unlimited access to continue trying. More characters, and more symbols makes it much, much harder especially when the crack only gets three shots at it, then a 15+ minute timeout. Not foolproof, but then again it adds to the levels of security.

Lastly, using unknown IP addresses, and then entering data in those addresses can take an MIT generated, 100 character password and give it away. Worrying about what security we have in place for M4C when you are willing to navigate unknown IP addresses and enter usernames and passwords there is ironic, to be completely frank.

So for now, this thread is done. If our staff has any salient updates, we will post them. Otherwise we will continue to ferret out the issues, and sources, of the cyber attacks.

I am not an admin and I do not have access to any special tools that you guys don't.

I do know a bit about cyber security.