Print

Please login or register.
1 Hour 1 Day 1 Week 1 Month Forever
Login with username, password and session length

[TheBoy]

One of the other sites hosted on the OOF server is under a fairly sustained, distributed SQL Injection type attack (not sure why they've picked that site, as its protected from that type of attack).

Server is quite busy dealing with the traffic, and the internet line is busy.

If you don't understand that, simply expect a slowdown for a few mins/hours.

[cem_devecioglu]

One of the other sites hosted on the OOF server is under a fairly sustained, distributed SQL Injection type attack (not sure why they've picked that site, as its protected from that type of attack).

Server is quite busy dealing with the traffic, and the internet line is busy.

If you don't understand that, simply expect a slowdown for a few mins/hours.

 

sql port must be 1430 ..can you close it (except the local ip)

as only local application must access the db..

[cem_devecioglu]

probably you have seen

http://www.pc-library.com/ports/tcp-udp-port/1434/

[TheBoy]

One of the other sites hosted on the OOF server is under a fairly sustained, distributed SQL Injection type attack (not sure why they've picked that site, as its protected from that type of attack).

Server is quite busy dealing with the traffic, and the internet line is busy.

If you don't understand that, simply expect a slowdown for a few mins/hours.

 

sql port must be 1430 ..can you close it (except the local ip)

as only local application must access the db..

Sorry, sql attack vector via the website on http.  Fairly common attack, hence most sites have code specifically looking for sql commands being passed as parameters.

This type of attack cannot be easily stopped at firewalls, as its via port 80, so need to protect in code.

Unsure why this one is suddenly being hit in the way it is, as its been protected (in asp code) from sql injection for ages  :-/.  Must be planned or targetted, as it is a sustained attack from around 200 different IPs, rather than the occasional 'drive by' attacks we always get

[cem_devecioglu]

One of the other sites hosted on the OOF server is under a fairly sustained, distributed SQL Injection type attack (not sure why they've picked that site, as its protected from that type of attack).

Server is quite busy dealing with the traffic, and the internet line is busy.

If you don't understand that, simply expect a slowdown for a few mins/hours.

 

sql port must be 1430 ..can you close it (except the local ip)

as only local application must access the db..

Sorry, sql attack vector via the website on http.  Fairly common attack, hence most sites have code specifically looking for sql commands being passed as parameters.

This type of attack cannot be easily stopped at firewalls, as its via port 80, so need to protect in code.

Unsure why this one is suddenly being hit in the way it is, as its been protected (in asp code) from sql injection for ages  :-/.  Must be planned or targetted, as it is a sustained attack from around 200 different IPs, rather than the occasional 'drive by' attacks we always get

 

must have copied itself on other machines..

I will look into details of port 80 attack..

[TheBoy]

I will look into details of port 80 attack..

Its an injection technique - programmatically fill out a web form but putting in special character, followed by SQL commands.

If some useless programmer passes it straight to the database with an asp code like:
"SELECT * FROM table WHERE logonname = " & request.forms("logonid")
they a cleverly encoded bit of text in the logonid text box can present any SQL command tagged on the end of the text, including getting a list of all databases, their tables, and modifying them all (or just DROPping them).

[Mr Skrunts]

Aint you got some clever bit of software to give a sting in the harris.

Just cant understand these sort of attcks, especially where there is nothing to gain, unless it's some midless dick trying to bring you down.

[cem_devecioglu]

Aint you got some clever bit of software to give a sting in the harris.

Just cant understand these sort of attcks, especially where there is nothing to gain, unless it's some midless dick trying to bring you down.

some of them got their salaries from virus software companies

[TheBoy]

Aint you got some clever bit of software to give a sting in the harris.

Just cant understand these sort of attcks, especially where there is nothing to gain, unless it's some midless dick trying to bring you down.

Tonights particular attack is trying to modify the website (most websites are driven by a back end database now) to have all the pages just a list of links off to websites that have embedded nasties on

[Mr Skrunts]

Link em to a remote site with a warning.

[Martin_1962]

Aint you got some clever bit of software to give a sting in the harris.

Just cant understand these sort of attcks, especially where there is nothing to gain, unless it's some midless dick trying to bring you down.

Tonights particular attack is trying to modify the website (most websites are driven by a back end database now) to have all the pages just a list of links off to websites that have embedded nasties on

I suppose they are Russian or Chinese sites