Retarded script kiddies

Problems with the Windows version of XAMPP, questions, comments, and anything related.

Retarded script kiddies

Postby taustin » 13. January 2006 00:50

I've just discovered a 3.4 megabyte error log for my default web site. 16 hours of continuous probing for vulnerabilities, all from one of four adjacent IP addresses in Maryland (our of a single /24).

Now, I can understand script kiddies using automated software they don't understand to scan IP addresses at random, but I mean, really! 16 *hours*? What part of "access denied" don't they understand?

(I am absolutely convinved that, even if you have only a single web site on your serer, you should configure it with virtual hosts, and set the default web site up with a "deny all" directive. This stops the automated IP address scans cold, and 99.99% of the script kiddies simply don't understand why they can't even connect.)
taustin
 
Posts: 150
Joined: 24. September 2004 00:23
Location: Huntington Beach CA

Postby taustin » 13. January 2006 18:20

OK, this turns out to have been a "non-intrusive" security scan by some halfwits in Maryland who claim to be an "online security analyst," hired by a credit card company we have a merchant account with.

First, you halfwits, sixteen hours of probing so intense it interferes with anti-virus scans isn't a non-intrusive scan, it's an attack.

Second, most of what you were looking for were bad scripting vulernatiblities, and you were scanning by IP address. That means, you halfwits, that you were scanning the wrong web site, and it was an invalid scan to begin with, because the default virtual host is set to reject all connections period.

Morons. And they get pay a lot of money to do nothing worth doing.
taustin
 
Posts: 150
Joined: 24. September 2004 00:23
Location: Huntington Beach CA


Return to XAMPP for Windows

Who is online

Users browsing this forum: No registered users and 48 guests