Omega Owners Forum

Please login or register.

Login with username, password and session length
Advanced search  

News:

Welcome to OOF

Pages: [1]   Go Down

Author Topic: Oh FFS, can't these retards get a life  (Read 840 times)

0 Members and 1 Guest are viewing this topic.

TheBoy

  • Administrator
  • *****
  • Offline Offline
  • Gender: Male
  • Brackley, Northants
  • Posts: 107061
  • I Like Lockdown
    • Whatever Starts
    • View Profile
Oh FFS, can't these retards get a life
« on: 29 December 2008, 20:46:33 »

One of the other sites hosted on the OOF server is under a fairly sustained, distributed SQL Injection type attack (not sure why they've picked that site, as its protected from that type of attack).

Server is quite busy dealing with the traffic, and the internet line is busy.

If you don't understand that, simply expect a slowdown for a few mins/hours.
Logged
Grumpy old man

cem_devecioglu

  • Guest
Re: Oh FFS, can't these retards get a life
« Reply #1 on: 29 December 2008, 20:54:54 »

Quote
One of the other sites hosted on the OOF server is under a fairly sustained, distributed SQL Injection type attack (not sure why they've picked that site, as its protected from that type of attack).

Server is quite busy dealing with the traffic, and the internet line is busy.

If you don't understand that, simply expect a slowdown for a few mins/hours.

 :o

sql port must be 1430 ..can you close it (except the local ip)

as only local application must access the db..
« Last Edit: 29 December 2008, 20:57:41 by cem_devecioglu »
Logged

cem_devecioglu

  • Guest
Re: Oh FFS, can't these retards get a life
« Reply #2 on: 29 December 2008, 21:12:21 »

Logged

TheBoy

  • Administrator
  • *****
  • Offline Offline
  • Gender: Male
  • Brackley, Northants
  • Posts: 107061
  • I Like Lockdown
    • Whatever Starts
    • View Profile
Re: Oh FFS, can't these retards get a life
« Reply #3 on: 29 December 2008, 21:24:46 »

Quote
Quote
One of the other sites hosted on the OOF server is under a fairly sustained, distributed SQL Injection type attack (not sure why they've picked that site, as its protected from that type of attack).

Server is quite busy dealing with the traffic, and the internet line is busy.

If you don't understand that, simply expect a slowdown for a few mins/hours.

 :o

sql port must be 1430 ..can you close it (except the local ip)

as only local application must access the db..
Sorry, sql attack vector via the website on http.  Fairly common attack, hence most sites have code specifically looking for sql commands being passed as parameters.

This type of attack cannot be easily stopped at firewalls, as its via port 80, so need to protect in code.

Unsure why this one is suddenly being hit in the way it is, as its been protected (in asp code) from sql injection for ages  :-/.  Must be planned or targetted, as it is a sustained attack from around 200 different IPs, rather than the occasional 'drive by' attacks we always get
Logged
Grumpy old man

cem_devecioglu

  • Guest
Re: Oh FFS, can't these retards get a life
« Reply #4 on: 29 December 2008, 21:35:19 »

Quote
Quote
Quote
One of the other sites hosted on the OOF server is under a fairly sustained, distributed SQL Injection type attack (not sure why they've picked that site, as its protected from that type of attack).

Server is quite busy dealing with the traffic, and the internet line is busy.

If you don't understand that, simply expect a slowdown for a few mins/hours.

 :o

sql port must be 1430 ..can you close it (except the local ip)

as only local application must access the db..
Sorry, sql attack vector via the website on http.  Fairly common attack, hence most sites have code specifically looking for sql commands being passed as parameters.

This type of attack cannot be easily stopped at firewalls, as its via port 80, so need to protect in code.

Unsure why this one is suddenly being hit in the way it is, as its been protected (in asp code) from sql injection for ages  :-/.  Must be planned or targetted, as it is a sustained attack from around 200 different IPs, rather than the occasional 'drive by' attacks we always get

 :o

must have copied itself on other machines..

I will look into details of port 80 attack..
Logged

TheBoy

  • Administrator
  • *****
  • Offline Offline
  • Gender: Male
  • Brackley, Northants
  • Posts: 107061
  • I Like Lockdown
    • Whatever Starts
    • View Profile
Re: Oh FFS, can't these retards get a life
« Reply #5 on: 29 December 2008, 21:44:00 »

Quote
I will look into details of port 80 attack..
Its an injection technique - programmatically fill out a web form but putting in special character, followed by SQL commands.

If some useless programmer passes it straight to the database with an asp code like:
"SELECT * FROM table WHERE logonname = " & request.forms("logonid")
they a cleverly encoded bit of text in the logonid text box can present any SQL command tagged on the end of the text, including getting a list of all databases, their tables, and modifying them all (or just DROPping them).

Logged
Grumpy old man

Mr Skrunts

  • Get A Life!!
  • *****
  • Offline Offline
  • Gender: Male
  • Skruntie Land.
  • Posts: 25681
  • 3.O Elite Saloon with all the toys,
    • 2003 CD 2.2 Auto
    • View Profile
Re: Oh FFS, can't these retards get a life
« Reply #6 on: 29 December 2008, 21:50:52 »

Aint you got some clever bit of software to give a sting in the harris.

Just cant understand these sort of attcks, especially where there is nothing to gain, unless it's some midless dick trying to bring you down.
« Last Edit: 29 December 2008, 21:51:16 by skruntie »
Logged
Ask yourself :  " WHY do I believe in what I believe?"

Remember that my opinions expressed here are not representative of the opinions of other members on the OOF Forum.

cem_devecioglu

  • Guest
Re: Oh FFS, can't these retards get a life
« Reply #7 on: 29 December 2008, 21:53:41 »

Quote
Aint you got some clever bit of software to give a sting in the harris.

Just cant understand these sort of attcks, especially where there is nothing to gain, unless it's some midless dick trying to bring you down.

some of them got their salaries from virus software companies >:(
Logged

TheBoy

  • Administrator
  • *****
  • Offline Offline
  • Gender: Male
  • Brackley, Northants
  • Posts: 107061
  • I Like Lockdown
    • Whatever Starts
    • View Profile
Re: Oh FFS, can't these retards get a life
« Reply #8 on: 29 December 2008, 21:58:52 »

Quote
Aint you got some clever bit of software to give a sting in the harris.

Just cant understand these sort of attcks, especially where there is nothing to gain, unless it's some midless dick trying to bring you down.
Tonights particular attack is trying to modify the website (most websites are driven by a back end database now) to have all the pages just a list of links off to websites that have embedded nasties on
Logged
Grumpy old man

Mr Skrunts

  • Get A Life!!
  • *****
  • Offline Offline
  • Gender: Male
  • Skruntie Land.
  • Posts: 25681
  • 3.O Elite Saloon with all the toys,
    • 2003 CD 2.2 Auto
    • View Profile
Re: Oh FFS, can't these retards get a life
« Reply #9 on: 29 December 2008, 22:14:31 »

Link em to a remote site with a warning.

Logged
Ask yourself :  " WHY do I believe in what I believe?"

Remember that my opinions expressed here are not representative of the opinions of other members on the OOF Forum.

Martin_1962

  • Guest
Re: Oh FFS, can't these retards get a life
« Reply #10 on: 29 December 2008, 22:29:49 »

Quote
Quote
Aint you got some clever bit of software to give a sting in the harris.

Just cant understand these sort of attcks, especially where there is nothing to gain, unless it's some midless dick trying to bring you down.
Tonights particular attack is trying to modify the website (most websites are driven by a back end database now) to have all the pages just a list of links off to websites that have embedded nasties on

I suppose they are Russian or Chinese sites :(
Logged
Pages: [1]   Go Up
 

Page created in 0.012 seconds with 17 queries.