Joshua Stream Pre

Thread: More Hackers

  1. #1

    More Hackers

    Just a heads up for all of you running sites, We just got a wave of hacking attempts on our site, from Denmark and Germany. There were around 100 IP addresses cached and logged by our watchdog. But I know a few other sites have had issues in the past right about the same time we get hit. So I thought I would let you all know it is happening to us again.

  2. #2
    Oberoten's Avatar
    Join Date
    May 2006
    Älvsbyn, Sweden
    Well looks like they left me alone this time at the least. No fun new mainpage for either of the Wikis... Thanks for the headsup though.

    - Obe
    For your Ars Magica needs :

    Atque in perpetuum frater, Ave atque vale.

  3. #3
    After further investigation into the logs it looks like they were trying to hack into the downloads section on the site. Kinda funny when you stop to think about the fact that not only do we not have any downloads on the site yet, but the entire system is actually commented out on the core because we are not sure yet that there will ever be any downloads on the site.

  4. #4
    Maybe they wanted to put something on there...? instead of taking...
    Religion is an insult to human dignity.
    With or without it you would have good people doing good things and evil people doing evil things.
    But for good people to do evil things, that takes religion...

  5. #5
    I doubt it. That would have been VERY easy to do.

  6. #6
    mr_h's Avatar
    Join Date
    Dec 2005
    GMT -5 / EST
    I dunno if it'd help you, but there's a program I'm running on my server that monitors the logs. If it finds a number of repeated failed attempts (it checks for specific key phrases/words) that match break in attempts, it puts that IP Address in hosts.deny for a while (I think mines set to 10 minutes). Since most of the attacks against my box seems to come from bots, this seems to stop them (IE, no more reaction from the box, it drops the attempt and moves on).

    The programs called OSSEC HIDS. It can be a bit complex, but I used some guides at Ubuntu to make it a lil easier.
    DM: For reference sake, when a bad guys dies, I'll turn their token over. So an upside down 'A' or 'B' means it's a corpse.
    PC 1: So if we kill a 'M' is it reincarnated as a 'W'?
    PC 2: That damn 'O' just won't die!

  7. #7
    Oh we are using watchdog. It has a predefined set of rules that it watches for. When it finds a violation it blacklists the IP and sends an email. If it gets more than 10 violations in a 10 minute period of time, it sends an alarm to the company, and they call you (provided you are current on your bill). No matter what it keeps a full log of IP address, and resolutions.

Thread Information

Users Browsing this Thread

There are currently 1 users browsing this thread. (0 members and 1 guests)

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
Virtual DND

Log in

Log in