- This topic has 4 voices and 13 replies.
-
Posts
-
I'm still uncertain if the recent hacker will not come back. I'm sure he posted a link to this site somewhere to “show off” to his buddies about his recent hack. When he sees that the site is back up again he may try to hit us again. I have tried to block a large chunk of IP addresses but he can always get around this if he wants. Stay tuned.
Site back up once again. Looks like there's something the hacker is exploiting that needs to be fixed unless we want to keep playing this game. I sent a message to my web host to see what the problem is.
I made a suggestion at CL. I think I can help you out on an interim basis until you are sure your host has its act together. I have plenty of database space if you want to move your database to my server to protect all the recent posts. I have a copy of this smf version (it needs to be upgraded to 1.1.3, but you can do that). All you have to do is drop the tables and upload your tables and the forum will be ready. It's an option though.
We must be very careful about these color alerts, Captain Kirk got in big trouble for going to red alert when he should have gone to yellow….now if I was a real geek I could tell you the exact name of the episode, but I cant remember…. ;D
Looks like I'm not the only one who has been hit by Turkish hackers. Perhaps this will spur baby blue to crack down on Turkey.
Yes, there can be evil robots.
Some of them scan for vulnerabilities on a web site to gain access to areas they shouldn't have access. I'm not sure that the robots themselves would make any changes but they could alert a hacker on the other end that such a vulnerability is ripe for exploiting. One way to tell when a bad robot has come to your site is by reading the site's error log, which will tell you pages that someone or something attempted to access but failed because it doesn't exist. For example, a robot might scan many sites for a particular program that some people may have installed on their site that they do not have secured.Some robots will also sign up on forums (as you have seen with spammers at NJO) or even take advantage of e-mail sending features on certain sites to send out spam to other people. There are probably some robots which also try to break passcodes on sites.I think that the bad robots that come to this site will probably not be named in the Spiders area of the "Who's online" feature, but instead will only be known by their IP numbers. I suppose right about now I should be asking you why you were all of a sudden interested in malicious spiders.... 😮Are these robots setoff by, attracted to, or looking for keywords? That's what I meant by pattern. Sometimes there's only 2 or 3 of them here, sometimes 14 or 15. Why is that? There was a lot of robot chatter this evening it appeared.
That….is a good question. One thing – I think that more postings feed them and attract them. For one, postings go to the RSS feed set up and that is sent around to different blog or other feed readers. I think that spiders/robots will see the links and come to this site. I don't know that specific words on this site would attract them here, but it's an interesting theory. Otherwise, I'm not sure why Yahoo swarms the site every so often. But I like it when it does happen.
This is what it looks like currently in the “who's online” area:Wanderers User Time Action Guest (87.19.146.31, IE) 07:09:55 AM Posting in Renaissance fans?. Guest (84.44.133.103, IE) 07:09:25 AM Viewing the board index of Western Civ Forum. Guest (82.60.145.139, IE) 07:09:01 AM Posting in Renaissance fans?. Guest (87.15.197.2, IE) 07:08:24 AM Posting in Renaissance fans?. Guest (151.77.151.143, IE) 07:07:54 AM Posting in Renaissance fans?. Guest (82.50.67.193, IE) 07:07:23 AM Posting in Renaissance fans?. Guest (68.34.212.3, IE) 07:05:52 AM Posting in Renaissance fans?. Guest (82.54.71.123, IE) 07:05:50 AM Posting in Renaissance fans?. Guest (87.5.197.66, IE) 07:05:44 AM Posting in Renaissance fans?. Guest (79.9.230.136, IE) 07:04:09 AM Posting in Renaissance fans?. You can kind of guess that there aren't actually 9 or so people posting in the Renaissance board. I think these are robots trying to spam the site. They might alternatively be spiders that wandered onto the posting area of a particular page. However, a trace of their IP addresses revealed at least one originating in Amsterdam (i.e. Europe, possibly Asia), and I bet the rest are the same. We have certain controls in place here to prevent spammers from posting, and it has seemed to work for the most part.
Some of them scan for vulnerabilities on a web site to gain access to areas they shouldn't have access. I'm not sure that the robots themselves would make any changes but they could alert a hacker on the other end that such a vulnerability is ripe for exploiting. One way to tell when a bad robot has come to your site is by reading the site's error log, which will tell you pages that someone or something attempted to access but failed because it doesn't exist. For example, a robot might scan many sites for a particular program that some people may have installed on their site that they do not have secured.Some robots will also sign up on forums (as you have seen with spammers at NJO) or even take advantage of e-mail sending features on certain sites to send out spam to other people. There are probably some robots which also try to break passcodes on sites.I think that the bad robots that come to this site will probably not be named in the Spiders area of the "Who's online" feature, but instead will only be known by their IP numbers. I suppose right about now I should be asking you why you were all of a sudden interested in malicious spiders.... 😮
