looks like script kiddie tried to get me
Charles Ulrich
charles at idealso.com
Wed Nov 17 10:19:14 PST 2004
Steel City Phantom said:
> bsd 4.9, apache 1.3
>
> my postnuke started emailing me with hack attempts. i look at my log
> and find about a half a meg of where it looks like a script kiddie tried
> to poke in the dark at this site. the hits are WAY too close together
> to be manual, here is a snip from the log
[snip]
> anyone have any ideas what tool they would have used to do this. none
> of my other logs show any access so he/she just tried to hit the web
> app. we are probably going to end up calling the police when my boss
> wakes up, but i want to get your opinions too.
If you have a public web server, you're going to get attacks like these just
as sure as you'll get spam sent to a public email address. Calling the police
is likely just going to waste both their time and yours as 1) most police
departments do not have the tools or experience to investigate network
intrusion attempts, 2) script kiddies, while lacking in the brain cell
department, are usually smart enough not to launch attacks from their own
system, and 3) the attack didn't succeed and as far as you know, no damage was
done.
The best thing to do is just keep your server patched and remain diligent.
Another person recommended contacting the abuse department of the ISP. That
couldn't hurt if you consider it worth your time.
--
Charles Ulrich
Ideal Solution, LLC - http://www.idealso.com
More information about the freebsd-questions
mailing list