Ravens PHP Scripts: Forums
 

 

View next topic
View previous topic
Post new topic   Reply to topic    Ravens PHP Scripts And Web Hosting Forum Index -> NukeSentinel™
Author Message
Trubador
Regular
Regular


Joined: Dec 28, 2004
Posts: 94

PostPosted: Tue Mar 15, 2005 2:57 pm Reply with quote

'ello all.

I've definately had my very first attempted author hack today. (Trubador comes of age Smile )

the real question is .... What next? Can any one direct me to a FAQ or post on this question?

And if anyone wants to add to your banned IP list here's the Email.

Code:
Date & Time: 2005-03-15 15:29:53

Blocked IP: 81.213.198.55
User ID: Anonymous (1)
Reason: Abuse-Author
--------------------
User Agent: Mozilla 4.0 (Linux)
Query String: (site address removed)/admin.php?op=AddAuthor&add_aid=kiegera&add_name=Goda&add_pwd=playboya&add_email=r00t_System@hush.com&add_radminsuper=1&admin=eCcgVU5JT04gU0VMRUNUIDEvKjox
Forwarded For: none
Client IP: none
Remote Address: 81.213.198.55
Remote Port: 1259
Request Method: POST


Cheers all and definately cheers Raven and Sentinel !!!!

Trub
 
View user's profile Send private message
TheosEleos
Life Cycles Becoming CPU Cycles


Joined: Sep 18, 2003
Posts: 960
Location: Missouri

PostPosted: Tue Mar 15, 2005 4:19 pm Reply with quote

They have been banned from your site. I'd say Sentinel has done its job and you can go in using your site normally.

_________________
Only registered users can see links on this board! Get registered or login! 
View user's profile Send private message Visit poster's website AIM Address ICQ Number
buildingmaster01
Regular
Regular


Joined: Dec 11, 2004
Posts: 68
Location: Indiana, USA

PostPosted: Tue Mar 15, 2005 6:29 pm Reply with quote

Thank you for posting that information!!!

Guess who I had today? The exact same guy! Smile

He has tried hitting my site twice now (or at least since I have gotten sentinel). His ip changed since last time. I might suggest doing 81.213.*.* instead of 81.213.198.55. (That is the correct way to block him, right?)
 
View user's profile Send private message Yahoo Messenger MSN Messenger
southern
Client


Joined: Jan 29, 2004
Posts: 591
Location: Texas

PostPosted: Wed Mar 16, 2005 8:09 pm Reply with quote

Sure you could. Do you have the .htaccess write-to by Sentinel enabled?

_________________
Computer Science is no more about computers than astronomy is about telescopes.
- E. W. Dijkstra 
View user's profile Send private message Visit poster's website MSN Messenger ICQ Number
buildingmaster01
PostPosted: Wed Mar 16, 2005 8:15 pm Reply with quote

Yes, I do. I have even tested it (by accident). Very Happy
 
southern
PostPosted: Wed Mar 16, 2005 8:44 pm Reply with quote

Well, you could always ban him manually in Sentinel or type it into .htaccess:
deny from 81.213
 
Digital-Overload
Hangin' Around


Joined: May 13, 2005
Posts: 26

PostPosted: Fri May 13, 2005 1:32 pm Reply with quote

ok...

got 7.6 running with the 3.0 patch and sentinel... how do i set it up to block this screw ball..
 
View user's profile Send private message
Raven
Site Admin/Owner


Joined: Aug 27, 2002
Posts: 17077

PostPosted: Fri May 13, 2005 10:42 pm Reply with quote

Chances are that IP is not allocated to the same user now. If you have set the various blockers in your NS Configuration panel then anyone who attempts that attack will be automatically blocked.
 
View user's profile Send private message
Display posts from previous:       
Post new topic   Reply to topic    Ravens PHP Scripts And Web Hosting Forum Index -> NukeSentinel™

View next topic
View previous topic
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
You can attach files in this forum
You can download files in this forum


Powered by phpBB © 2001-2007 phpBB Group
All times are GMT - 6 Hours
 
Forums ©