Stop hacking my server!

Well... Stop trying at any rate!
By Oli on Saturday, 28th April 2007. More information. Comments.

Oli gets mad as hackers converge on his server... But the problem is none of them have a brain cell between them. Sigh...

If you run a web server have you ever wondered what people are trying to do when you notice that your 404-log is jam-packed with requests for dodgy looking files? They're looking for known exploitable scripts.

Here are some that I've had requests for over the past week:

cgi-bin/FormMail.pl
jobs.cgi
events.cgi
media.cgi
newsdesk.cgi
deportes.cgi
newsupdate.cgi
news.cgi
biznews.cgi
app/webeditor/login.cgi
cgi-bin/awstats/awstats.pl
cgi-bin/awstats/awstats.pl
scgi-bin/awstats/awstats.pl
cgi/awstats/awstats.pl
scgi/awstats/awstats.pl
horde/README
horde3/README
horde2/README
horde-3.0.9/README
Horde/README
horde-3.0.5/README
horde-3.0.7/README

Who's doing this and why?!

Who's scanning? Script kiddies. In other words, poor excuses for people using other people's work to try and hack servers so they can use your space, CPU and bandwidth without cost.

Why? Well chances are these "people" want to use your server to do illegal things. This could be just scanning other servers for similar exploits but it could also be things like sending spam, hosting copyright-infringing files or even working together with other servers to take down another server (DDoS).

The slightly idiotic thing is this isn't a Linux server!

The slightly idiotic thing is this isn't a Linux server! Most people with Windows servers don't faff around with Perl and CGI and it should be obvious to anybody with more than one brain cell that when a server writes this in its response header:

Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
X-AspNet-Version: 2.0.50727

... it's not a sodding Linux box!

Grav

Written by Oli on Saturday, 28 April 2007. Tagged with <rant>. Read 6997 times. If you liked it, please give it a digg.

#1 /* 2 years, 10 months ago */
if we catch these asshats doing this can we take them out and shoot them
Quote
Gravatar Tim Haight Anonymous User
#2 — Author comment /* 2 years, 10 months ago */
Amen to that, brother.
QuoteSiteProfile
Gravatar Oli Numero Uno
#3 /* 17 months, 0 days ago */
somebody has hacked into my yahoo mail account. im getting 300 or so emails that arent mine. i closed the account and opened a new address and also new alternate address. the hacker is somehow continuing to use my old yahoo mail account that i deleted. please help!!!!
Quote
Gravatar mona Anonymous User
#4 /* 13 months, 5 days ago */
some body is hacking into my email account on hotmail. what can i do to stop this cause i have personall files and i need this to stop plaese reply to me asap
Quote
Gravatar sam1072 Anonymous User
#5 /* 10 months, 10 days ago */
my step dad has a unidentified program in my moms computer and hes using it to hack in her computer how do i find it and get it out of her computer please if anyone can help let me know my email is snakeater573@gmail.com thanks
Quote
Gravatar Jacob Allen Anonymous User
#6 /* 9 months, 16 days ago */
My husband and i are staying with some friends and i have my computer here he and his girlfriend helped me get signed up on the yahoo.com and ever sence there has been some weard things going on like while i am on the computer the net this little message has been coming up saying downloading my back up files have failed. I havent ever tried to download or backup my files. also shortly after i sign in on yahoo, little message comes up and says i have been signed out because an nother somputer has been signed in under another name. sometimes we will leave when we comeback and i sign on the pc things will be different and also when i sign in my homepage was suppost to be yahoo a couple days ago i came back and my homepage was aol alot of weard things going on HELP
Quote
Gravatar Dianna Vice Anonymous User
#7 /* 21 days, 15 hours ago */
when i try to sign on to the internet, it comes up that i have tried too many times today and won't let me, meanwhile i have been at work all day. how do i stop it from happening. my internet is through my phone line although i do have a wireless also hooked up through my modem. please help, this is really frustrating. thanks
QuoteProfile
Gravatar debbie Normal User

Don't just sit there like a lemon! Reply!

Got something to say? Now's the time to share it with the author and everybody else that reads this posting! Lemons need not apply.

edtBOX - xHTML: yes - bbcode:no
Latest Posts
  1. Debranding and Unlocking a Samsung M8800 Pixon
  2. Facebook worm
  3. My issues with Linux et al
Greatest Posts
  1. Bootable USB Flash Drive
  2. What Really Slows Windows Down
  3. What Slows Windows Down?
Latest Elsewhere
Home | Advertise | About | Contact | Legal © Oli Warner 2001—2007 Proud 9rules member