I have been getting a lot lately... and had an interesting one. One computer was hammering my server. They were trying a dictionary attack on one of my forms, in addition to trying sql injection on every dynamic page. Strangely, the IP address of the attacker, 204.238.82.17, was from the USA. It was a security company. I called them and asked what they were doing. They said a security audit! They said they had permission. Turns out they were hired to test a website that is one letter off from my domain name and they made a mistake. They stopped immediately. At least they told me I passed:)
My ftp server has also been getting dictionary attacks from Amsterdam 95.154.246.98.. luckily my ftp sites are set up to allow only certain ip addresses. At 08:14 PM 1/12/2010, you wrote: >Didn't know about that IP. Thanks > >They got in through some code that was written literally 10 years ago >on one of the clients forgotten sites. I've fixed up the cfquery tags >and added my anti-injection code to the whole dir. > >Thanks > >-- ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~| Want to reach the ColdFusion community with something they want? Let them know on the House of Fusion mailing lists Archive: http://www.houseoffusion.com/groups/cf-talk/message.cfm/messageid:329625 Subscription: http://www.houseoffusion.com/groups/cf-talk/subscribe.cfm Unsubscribe: http://www.houseoffusion.com/cf_lists/unsubscribe.cfm?user=89.70.4