[Chugalug] d at mn scammers/hackers

Dave Brockman dave at brockmans.com
Thu Oct 18 02:14:29 UTC 2012


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

On 10/17/2012 10:00 PM, Mike Harrison wrote:
> The apache logs show many many thousands of login/password
> attempts on the two joomla sites on this system... from only two
> IP's. in rapid succession. and they finally got one. Then they
> uploaded a new theme, with some extra functionality in the files.

fail2ban probably would have helped...  It can be a pain on websites
at times...

> Note: Both IP's were from static ip leasing services. That's a new
> twist to me... usually they are from another hacked server.

You're going to see more of it....

> Be careful out there. I'm putting my uber-paranoid hat on after 
> about 10 years of not wearing it (all the time), you should also.
> 
> The not so nice people are out to get us all. All of us.

Just because I'm paranoid doesn't mean they're not after me....

Regards,

dtb


- -- 
"Some things in life can never be fully appreciated nor
understood unless experienced firsthand. Some things in
networking can never be fully understood by someone who neither
builds commercial networking equipment nor runs an operational
network."  RFC 1925
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2.0.17 (MingW32)
Comment: Using GnuPG with Mozilla - http://www.enigmail.net/

iEYEARECAAYFAlB/ZgUACgkQABP1RO+tr2R2rQCfT40LarRsKtBGrX2QvQHXEPKO
4oQAn2Mvst/KM+acZhO7EevnqPC2hJ/A
=C3ca
-----END PGP SIGNATURE-----


More information about the Chugalug mailing list