constantlykambo said:i am sure many of you noticed that weird posts in foreign language (non English)
with hyper links.... are we under attack ?
According to server logs, we average about 2 attempts/second. Mostly brute force attacks at commonly used ports, from IP addresses all around the world. Those log files get big quick!are we under attack ?
Ethan said:According to server logs, we average about 2 attempts/second.
I don't think it's unusual for a server that is on the open web. It comes in waves, sometimes more, sometimes less. Most of the time, it's not a 1:1 deliberate attack per se. I suspect much of the noise comes from compromised computers whose owners are oblivious that there may be malicious scripts running on their machine, doing the dirty work, and dropping off the payload back home.helterbelter said:Ethan said:According to server logs, we average about 2 attempts/second.
That many ?!? ..... is that normal for a forum ?
JohnRoberts said:I heard there is a new Iphone hack.. where you click on a link and they gotcha...
JR
PRR said:> Sorry but don't see nothing here..........?
Our moderators are good with the mops.
This forum had a rash of spam in Russian for mirrors.
Next day, another forum had a rash of the same Russian mirrors. I counted 14 identical posts from one "member" at the moment I clicked "Report to moderator".
This is hardly even graffiti. Posts wash-off easier than spray paint.
I do think it notable that this poster didn't bother to notice that this forum is not Russian language, and not about mirrors (no matter how beautiful in the photos). And on the other forum, the spammer was posting the same message 6 times in one thread.
This of course is different from the "2 per second attacks". All software has bugs. If you make a request to a server for something you shouldn't have, it just might give it to you if you phrase the request just-so. MicroSoft webserver was very prone to mis-counting directory levels and giving access to "root directory" if a hacker put enough slashes and dots in a URL. A decade ago there was a bug in Apache Mod Rewrite which would allow access to wrong folders. PHP and other server processes have sometimes been vulnerable to subtle syntax.
As a best-case, a hacker could access financial and membership records on the server but supposedly outside the public folders. (Usually the hacker gets nothing worth the trouble. I have even seen "hack scripts" working industriously trying to gain access to files that WERE public with simple public URLs.)
Enter your email address to join: