[OPLINTECH] Is your website and network safe ?
Bob Neeper
neeperro at oplin.org
Wed Sep 14 10:50:25 EDT 2011
No internet website is immune from attack !
Last night I configured Wireshark for a 7 hour communication capture on one of
our websites to help with a problem.
Checking this morning I found a short attack from a Server Location of Lithuania
and a long attack from Korea.
There was a 9 minute attack captured from Korea before Wireshark timed out.
Partial server log from Lithuania. Trying to POST to our site.
Partial server log from Korea. Trying to find something to exploit.
ZmEu is a bot run by a blackhat Romanian hacker group. It searches for poorly
configured software installations that would allow the script to take control of
the server. Looks for scripts in various common directories such as "/admin/",
"/scripts/" and "/phpMyAdmin/".
--
R. W. (Bob) Neeper
Community Library
44 Burrer Dr.
Sunbury, Oh 43074
Tel: (740)-965-3901
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.oplin.org/pipermail/oplintech/attachments/20110914/ce924acd/attachment-0001.html
-------------- next part --------------
A non-text attachment was scrubbed...
Name: ghahabfb.jpg
Type: image/jpeg
Size: 119287 bytes
Desc: not available
Url : http://lists.oplin.org/pipermail/oplintech/attachments/20110914/ce924acd/ghahabfb-0001.jpg
-------------- next part --------------
A non-text attachment was scrubbed...
Name: daedhaga.jpg
Type: image/jpeg
Size: 231008 bytes
Desc: not available
Url : http://lists.oplin.org/pipermail/oplintech/attachments/20110914/ce924acd/daedhaga-0001.jpg
More information about the OPLINTECH
mailing list