Ravens PHP Scripts: Forums
 

 

View next topic
View previous topic
Post new topic   Reply to topic    Ravens PHP Scripts And Web Hosting Forum Index -> RN v2.20.00 - All Issues
Author Message
blith
Client


Joined: Jul 18, 2003
Posts: 977

PostPosted: Tue Jul 29, 2008 7:29 am Reply with quote

Please tell me if this is bad?

Code:
Date & Time: 2008-07-28 02:26:42 CDT GMT -0500 Blocked IP: 87.118.70.5 User ID: Anonymous (1)

Reason: Abuse-Script
--------------------
User Agent: Mozilla/5.0 (Windows; U; WinNT4.0; en-US; rv:1.2b) Gecko/20021001 Phoenix/0.2 Query String: Only registered users can see links on this board! Get registered or login!
Get String: Only registered users can see links on this board! Get registered or login! Result: registered (registering only mode is ON); Post String: Only registered users can see links on this board! Get registered or login! Forwarded For: none Client IP: none Remote Address: 87.118.70.5 Remote Port: 4991 Request Method: GET
--------------------
Who-Is for IP
 
View user's profile Send private message Visit poster's website
Gremmie
Former Moderator in Good Standing


Joined: Apr 06, 2006
Posts: 2415
Location: Iowa, USA

PostPosted: Tue Jul 29, 2008 11:12 am Reply with quote

Someone is running what looks like a malfunctioning probe/attack script against you. I get these all the time.

_________________
Only registered users can see links on this board! Get registered or login! - An Event Calendar for PHP-Nuke
Only registered users can see links on this board! Get registered or login! - A Google Maps Nuke Module 
View user's profile Send private message
blith
PostPosted: Tue Jul 29, 2008 12:19 pm Reply with quote

Gremmie wrote:
Someone is running what looks like a malfunctioning probe/attack script against you. I get these all the time.


Thank you. It is nice that Sentinel caught it! RavensScripts My question is I do not have script blocking writing to htaccess like all the others. Should I be instantly and permabanning Abuse-Script?
 
blith
PostPosted: Tue Jul 29, 2008 3:49 pm Reply with quote

Well, now I am kind of confused. After looking at this it almost seems as if people are trying to register. I just received another one:
Code:
User Agent: Mozilla/5.0 (Windows; U; Windows NT 6.0; en-US; rv:1.8.1.16) Gecko/20080702 Firefox/2.0.0.16 Query String: Only registered users can see links on this board! Get registered or login!

Get String: Only registered users can see links on this board! Get registered or login! Result: registered (registering only mode is ON); Post String: Only registered users can see links on this board! Get registered or login! Forwarded For: none Client IP: none Remote Address: 12.201.65.188 Remote Port: 63457 Request Method: GET

Can it be that prevelant that people are trying to hack or ar they trying to register?
 
Gremmie
PostPosted: Tue Jul 29, 2008 4:40 pm Reply with quote

No one who was legitimately trying to register would concoct such a GET string. Anyone registering would do it via POST.

BTW, I accidently clicked on the above and got blocked/banned from your site. Smile
 
evaders99
Former Moderator in Good Standing


Joined: Apr 30, 2004
Posts: 3221

PostPosted: Tue Jul 29, 2008 9:35 pm Reply with quote

Basically its a spam robot. They register an account, they spam your comments/forums for their junk. You should feel free to ban that IP

_________________
- Only registered users can see links on this board! Get registered or login! -

Need help? Only registered users can see links on this board! Get registered or login! 
View user's profile Send private message Visit poster's website
blith
PostPosted: Wed Jul 30, 2008 7:21 am Reply with quote

Thank you both very much! I am at ease now.
Gremmie I will fix that in case I need you in the future Wink
 
Gremmie
PostPosted: Wed Jul 30, 2008 7:30 am Reply with quote

But evaders99, what's up with the op variable? Why would they include all that "Result: registered ..." crap in there? That makes me think their script is horked.
 
warren-the-ape
Worker
Worker


Joined: Nov 19, 2007
Posts: 196
Location: Netherlands

PostPosted: Wed Jul 30, 2008 8:01 am Reply with quote

Gremmie wrote:
BTW, I accidently clicked on the above and got blocked/banned from your site. Smile


Yep, roflll did the same yesterday Embarassed Laughing (I have a dutch IP Wink)
 
View user's profile Send private message
evaders99
PostPosted: Wed Jul 30, 2008 11:48 am Reply with quote

Their script is "horked" Smile
 
Gremmie
PostPosted: Wed Jul 30, 2008 12:09 pm Reply with quote

evaders99 wrote:
Their script is "horked" Smile


They sure run the d*** thing a lot, judging by the amount of times I see it each week. Don't they notice it isn't working? Laughing Oh well, have fun with that kiddies!
 
Display posts from previous:       
Post new topic   Reply to topic    Ravens PHP Scripts And Web Hosting Forum Index -> RN v2.20.00 - All Issues

View next topic
View previous topic
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
You can attach files in this forum
You can download files in this forum


Powered by phpBB © 2001-2007 phpBB Group
All times are GMT - 6 Hours
 
Forums ©