Received via email notification;
A user with IP address 172.98.32.190 has been locked out from signing in or using the password recovery form for the following reason: Exceeded the maximum number of login failures which is: 20. The last username they tried to sign in with was: ‘720media’.
The duration of the lockout is 4 hours.
User IP: 172.98.32.190
User hostname: 172.98.32.190
User location: Washington, District of Columbia, United States
DC, eh? Assuming it’s not ID spoofing…
I need to see what I have to do to cut the 20 down to, like, three…
Forward the email to abuse@layerswitch.com and tell them you are complaining about a brute force attempt on your server. Somebody may lose an account.
OK, I did, but I don’t understand– I looked up Layerswitch and see they’re Netherlands-based and deal with network exchanges– why would they have anything to do with this?
Abuse tracking 101:
https://who.is/whois-ip/ip-address/172.98.32.190
They also offer VPN service, which I suspect will figure into this.
From a command prompt: (open cmd in windoze, terminal in MAC or Linux)
whois 192.98.32.290
From a command prompt: (open cmd in windoze, terminal in MAC or Linux)
whois 192.98.32.290
Nevermind! Microsoft doesn’t think windoze users need the “whois” command. Reason number 5,294 to switch.