| Author |
Message |
Trubador
Regular
Joined: Dec 28, 2004
Posts: 94
|
 Posted:
Tue Mar 15, 2005 2:57 pm |
|
'ello all.
I've definately had my very first attempted author hack today. (Trubador comes of age  )
the real question is .... What next? Can any one direct me to a FAQ or post on this question?
And if anyone wants to add to your banned IP list here's the Email.
Code:Date & Time: 2005-03-15 15:29:53
Blocked IP: 81.213.198.55
User ID: Anonymous (1)
Reason: Abuse-Author
--------------------
User Agent: Mozilla 4.0 (Linux)
Query String: (site address removed)/admin.php?op=AddAuthor&add_aid=kiegera&add_name=Goda&add_pwd=playboya&add_email=r00t_System@hush.com&add_radminsuper=1&admin=eCcgVU5JT04gU0VMRUNUIDEvKjox
Forwarded For: none
Client IP: none
Remote Address: 81.213.198.55
Remote Port: 1259
Request Method: POST
|
Cheers all and definately cheers Raven and Sentinel !!!!
Trub |
| |
|
|
|
TheosEleos
Life Cycles Becoming CPU Cycles
Joined: Sep 18, 2003
Posts: 960
Location: Missouri
|
| Posted:
Tue Mar 15, 2005 4:19 pm |
|
They have been banned from your site. I'd say Sentinel has done its job and you can go in using your site normally. |
_________________
Only registered users can see links on this board! Get registered or login! |
|
 
 |
|
buildingmaster01
Regular
Joined: Dec 11, 2004
Posts: 68
Location: Indiana, USA
|
| Posted:
Tue Mar 15, 2005 6:29 pm |
|
Thank you for posting that information!!!
Guess who I had today? The exact same guy!
He has tried hitting my site twice now (or at least since I have gotten sentinel). His ip changed since last time. I might suggest doing 81.213.*.* instead of 81.213.198.55. (That is the correct way to block him, right?) |
| |
|
 |
|
southern
Client
Joined: Jan 29, 2004
Posts: 624
|
| Posted:
Wed Mar 16, 2005 8:09 pm |
|
Sure you could. Do you have the .htaccess write-to by Sentinel enabled? |
_________________
Computer Science is no more about computers than astronomy is about telescopes.
- E. W. Dijkstra |
|
|
|
|
buildingmaster01
|
| Posted:
Wed Mar 16, 2005 8:15 pm |
|
Yes, I do. I have even tested it (by accident).  |
| |
|
|
|
|
southern
|
| Posted:
Wed Mar 16, 2005 8:44 pm |
|
Well, you could always ban him manually in Sentinel or type it into .htaccess:
deny from 81.213 |
| |
|
|
|
|
Digital-Overload
Hangin' Around
Joined: May 13, 2005
Posts: 26
|
| Posted:
Fri May 13, 2005 1:32 pm |
|
ok...
got 7.6 running with the 3.0 patch and sentinel... how do i set it up to block this screw ball.. |
| |
|
|
|
|
Raven
Site Admin/Owner
Joined: Aug 27, 2002
Posts: 17088
|
| Posted:
Fri May 13, 2005 10:42 pm |
|
Chances are that IP is not allocated to the same user now. If you have set the various blockers in your NS Configuration panel then anyone who attempts that attack will be automatically blocked. |
| |
|
|
|
|
|
|
![[Valid RSS]](https://www.ravenphpscripts.com/images/valid-rss.png "Validate my RSS feed"){kind=small}
