I dont know what the motivation is. All I've seen is repeated attempts to inject stuff into the database - never getting anywhere. So that means all the attempts so far are simply attempts to get at passwords or schema. I'm supposing once they get a look at the database they'll be able to figure out what's there that they want. If they're after credit card or user info I have bad news for them ... it's not a commercial site. There AREN'T any customer details because there are no customers LOL
I get attempts on the email server every day. At least a hundred attempts a day over all the sites I manage. I dont see them now because I have automated the defences. Once an ip address is banned, they can submit hundreds of forms a minute and i wont see any of them because the first line of the form processing is to check if the user's ip address is banned, and only proceed further if it's not. I'm guessing the reason for these probes is to find mail servers that are open to exploitation, so they can send spams through them. Cheers Mike Kear Windsor, NSW, Australia Adobe Certified Advanced ColdFusion Developer AFP Webworks http://afpwebworks.com ColdFusion 9 Enterprise, PHP, ASP, ASP.NET hosting from AUD$15/month On Tue, May 3, 2011 at 1:09 AM, Gerald Guido <gerald.gu...@gmail.com> wrote: > > Mike, out of curiosity, what seems to be motivating these attacks? Malware > injections? Hacker cred? Revenge or grudge? Or just to vandalize and do > damage? It seems like a LOT of effort. I am also surprised that they are > using the same IP for so long and not changing proxies. > > Thanx > G! ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~| Order the Adobe Coldfusion Anthology now! http://www.amazon.com/Adobe-Coldfusion-Anthology/dp/1430272155/?tag=houseoffusion Archive: http://www.houseoffusion.com/groups/cf-talk/message.cfm/messageid:344130 Subscription: http://www.houseoffusion.com/groups/cf-talk/subscribe.cfm Unsubscribe: http://www.houseoffusion.com/groups/cf-talk/unsubscribe.cfm