• There seems to be an uptick in Political comments in recent months. Those of us who are long time members of the site know that Political and Religious content has been banned for years. Nothing has changed. Please leave all political and religious comments out of the forums.

    If you recently joined the forums you were not presented with this restriction in the terms of service. This was due to a conversion error when we went from vBulletin to Xenforo. We have updated our terms of service to reflect these corrections.

    Please note any post refering to a politician will be considered political even if it is intended to be humor. Our experience is these topics have a way of dividing the forums and causing deep resentment among members. It is a poison to the community. We appreciate compliance with the rules.

    The Staff of SOH

  • Server side Maintenance is done. We still have an update to the forum software to run but that one will have to wait for a better time.

Notice, On-Off Today

ok it has been installed, this morning I will recompile the forums to clean the floors.:a1089:
 
in the past 18 hours we have caught 150 trying to hack us from behind, here is an example of just 1 of these attacks

Time: Wed Mar 4 17:16:53 2015 -0500
IP: 90.203.219.111 (GB/United Kingdom/5acbdb6f.bb.sky.com)
Failures: 5 (mod_security)
Interval: 300 seconds
Blocked: Yes

Log entries:

[Wed Mar 04 17:16:48 2015] [error] [client 90.203.219.111] ModSecurity: Access denied with redirection to http://www.sim-outhouse.com/ using status 302 (phase 2). Match of "pm AppleWebKit Android" against "REQUEST_HEADERS:User-Agent" required. [file "/usr/local/apache/conf/modsec_vendor_configs/OWASP/rules/REQUEST-20-PROTOCOL-ENFORCEMENT.conf"] [line "299"] [id "960015"] [rev "3"] [msg "Request Missing an Accept Header"] [severity "NOTICE"] [ver "OWASP_CRS/3.0.0"] [maturity "9"] [accuracy "8"] [tag "Host: www.sim-outhouse.com"] [tag "OWASP_CRS/PROTOCOL_VIOLATION/MISSING_HEADER_ACCEPT"] [tag "WASCTC/WASC-21"] [tag "OWASP_TOP_10/A7"] [tag "PCI/6.5.10"] [hostname "www.sim-outhouse.com"] [uri "/sohforums/showthread.php"] [unique_id "VPeEUEjpTOoAADILetIAAAAJ"]
[Wed Mar 04 17:16:49 2015] [error] [client 90.203.219.111] ModSecurity: Access denied with redirection to http://www.sim-outhouse.com/ using status 302 (phase 2). Match of "pm AppleWebKit Android" against "REQUEST_HEADERS:User-Agent" required. [file "/usr/local/apache/conf/modsec_vendor_configs/OWASP/rules/REQUEST-20-PROTOCOL-ENFORCEMENT.conf"] [line "299"] [id "960015"] [rev "3"] [msg "Request Missing an Accept Header"] [severity "NOTICE"] [ver "OWASP_CRS/3.0.0"] [maturity "9"] [accuracy "8"] [tag "Host: www.sim-outhouse.com"] [tag "OWASP_CRS/PROTOCOL_VIOLATION/MISSING_HEADER_ACCEPT"] [tag "WASCTC/WASC-21"] [tag "OWASP_TOP_10/A7"] [tag "PCI/6.5.10"] [hostname "www.sim-outhouse.com"] [uri "/"] [unique_id "VPeEUUjpTOoAADILetMAAAAJ"]
[Wed Mar 04 17:16:49 2015] [error] [client 90.203.219.111] ModSecurity: Access denied with redirection to http://www.sim-outhouse.com/ using status 302 (phase 2). Match of "pm AppleWebKit Android" against "REQUEST_HEADERS:User-Agent" required. [file "/usr/local/apache/conf/modsec_vendor_configs/OWASP/rules/REQUEST-20-PROTOCOL-ENFORCEMENT.conf"] [line "299"] [id "960015"] [rev "3"] [msg "Request Missing an Accept Header"] [severity "NOTICE"] [ver "OWASP_CRS/3.0.0"] [maturity "9"] [accuracy "8"] [tag "Host: www.sim-outhouse.com"] [tag "OWASP_CRS/PROTOCOL_VIOLATION/MISSING_HEADER_ACCEPT"] [tag "WASCTC/WASC-21"] [tag "OWASP_TOP_10/A7"] [tag "PCI/6.5.10"] [hostname "www.sim-outhouse.com"] [uri "/"] [unique_id "VPeEUUjpTOoAADILetQAAAAJ"]
[Wed Mar 04 17:16:49 2015] [error] [client 90.203.219.111] ModSecurity: Access denied with redirection to http://www.sim-outhouse.com/ using status 302 (phase 2). Match of "pm AppleWebKit Android" against "REQUEST_HEADERS:User-Agent" required. [file "/usr/local/apache/conf/modsec_vendor_configs/OWASP/rules/REQUEST-20-PROTOCOL-ENFORCEMENT.conf"] [line "299"] [id "960015"] [rev "3"] [msg "Request Missing an Accept Header"] [severity "NOTICE"] [ver "OWASP_CRS/3.0.0"] [maturity "9"] [accuracy "8"] [tag "Host: www.sim-outhouse.com"] [tag "OWASP_CRS/PROTOCOL_VIOLATION/MISSING_HEADER_ACCEPT"] [tag "WASCTC/WASC-21"] [tag "OWASP_TOP_10/A7"] [tag "PCI/6.5.10"] [hostname "www.sim-outhouse.com"] [uri "/"] [unique_id "VPeEUUjpTOoAADILetUAAAAJ"]
[Wed Mar 04 17:16:49 2015] [error] [client 90.203.219.111] ModSecurity: Access denied with redirection to http://www.sim-outhouse.com/ using status 302 (phase 2). Match of "pm AppleWebKit Android" against "REQUEST_HEADERS:User-Agent" required. [file "/usr/local/apache/conf/modsec_vendor_configs/OWASP/rules/REQUEST-20-PROTOCOL-ENFORCEMENT.conf"] [line "299"] [id "960015"] [rev "3"] [msg "Request Missing an Accept Header"] [severity "NOTICE"] [ver "OWASP_CRS/3.0.0"] [maturity "9"] [accuracy "8"] [tag "Host: www.sim-outhouse.com"] [tag "OWASP_CRS/PROTOCOL_VIOLATION/MISSING_HEADER_ACCEPT"] [tag "WASCTC/WASC-21"] [tag "OWASP_TOP_10/A7"] [tag "PCI/6.5.10"] [hostname "www.sim-outhouse.com"] [uri "/"] [unique_id "VPeEUUjpTOoAADILetYAAAAJ"]
 
nuther 1, note the same id tag
[unique_id "VPeKaEjpTOoAAFq7rpYAAAAU"]

Time: Wed Mar 4 17:42:54 2015 -0500
IP: 198.20.67.254 (US/United States/koala.filekoala.com)
Failures: 5 (mod_security)
Interval: 300 seconds
Blocked: Yes

Log entries:

[Wed Mar 04 17:42:48 2015] [error] [client 198.20.67.254] ModSecurity: Access denied with redirection to http://www.sim-outhouse.com/ using status 302 (phase 2). Operator EQ matched 0 at REQUEST_HEADERS. [file "/usr/local/apache/conf/modsec_vendor_configs/OWASP/rules/REQUEST-20-PROTOCOL-ENFORCEMENT.conf"] [line "317"] [id "960009"] [rev "1"] [msg "Request Missing a User Agent Header"] [severity "NOTICE"] [ver "OWASP_CRS/3.0.0"] [maturity "9"] [accuracy "9"] [tag "Host: www.sim-outhouse.com"] [tag "OWASP_CRS/PROTOCOL_VIOLATION/MISSING_HEADER_UA"] [tag "WASCTC/WASC-21"] [tag "OWASP_TOP_10/A7"] [tag "PCI/6.5.10"] [hostname "www.sim-outhouse.com"] [uri "/sohforums/archive/index.php/t-74671.html"] [unique_id "VPeKaEjpTOoAAFq7rpIAAAAU"]
[Wed Mar 04 17:42:48 2015] [error] [client 198.20.67.254] ModSecurity: Access denied with redirection to http://www.sim-outhouse.com/ using status 302 (phase 2). Operator EQ matched 0 at REQUEST_HEADERS. [file "/usr/local/apache/conf/modsec_vendor_configs/OWASP/rules/REQUEST-20-PROTOCOL-ENFORCEMENT.conf"] [line "317"] [id "960009"] [rev "1"] [msg "Request Missing a User Agent Header"] [severity "NOTICE"] [ver "OWASP_CRS/3.0.0"] [maturity "9"] [accuracy "9"] [tag "Host: www.sim-outhouse.com"] [tag "OWASP_CRS/PROTOCOL_VIOLATION/MISSING_HEADER_UA"] [tag "WASCTC/WASC-21"] [tag "OWASP_TOP_10/A7"] [tag "PCI/6.5.10"] [hostname "www.sim-outhouse.com"] [uri "/"] [unique_id "VPeKaEjpTOoAAFq7rpMAAAAU"]
[Wed Mar 04 17:42:48 2015] [error] [client 198.20.67.254] ModSecurity: Access denied with redirection to http://www.sim-outhouse.com/ using status 302 (phase 2). Operator EQ matched 0 at REQUEST_HEADERS. [file "/usr/local/apache/conf/modsec_vendor_configs/OWASP/rules/REQUEST-20-PROTOCOL-ENFORCEMENT.conf"] [line "317"] [id "960009"] [rev "1"] [msg "Request Missing a User Agent Header"] [severity "NOTICE"] [ver "OWASP_CRS/3.0.0"] [maturity "9"] [accuracy "9"] [tag "Host: www.sim-outhouse.com"] [tag "OWASP_CRS/PROTOCOL_VIOLATION/MISSING_HEADER_UA"] [tag "WASCTC/WASC-21"] [tag "OWASP_TOP_10/A7"] [tag "PCI/6.5.10"] [hostname "www.sim-outhouse.com"] [uri "/"] [unique_id "VPeKaEjpTOoAAFq7rpQAAAAU"]
[Wed Mar 04 17:42:48 2015] [error] [client 198.20.67.254] ModSecurity: Access denied with redirection to http://www.sim-outhouse.com/ using status 302 (phase 2). Operator EQ matched 0 at REQUEST_HEADERS. [file "/usr/local/apache/conf/modsec_vendor_configs/OWASP/rules/REQUEST-20-PROTOCOL-ENFORCEMENT.conf"] [line "317"] [id "960009"] [rev "1"] [msg "Request Missing a User Agent Header"] [severity "NOTICE"] [ver "OWASP_CRS/3.0.0"] [maturity "9"] [accuracy "9"] [tag "Host: www.sim-outhouse.com"] [tag "OWASP_CRS/PROTOCOL_VIOLATION/MISSING_HEADER_UA"] [tag "WASCTC/WASC-21"] [tag "OWASP_TOP_10/A7"] [tag "PCI/6.5.10"] [hostname "www.sim-outhouse.com"] [uri "/"] [unique_id "VPeKaEjpTOoAAFq7rpUAAAAU"]
[Wed Mar 04 17:42:48 2015] [error] [client 198.20.67.254] ModSecurity: Access denied with redirection to http://www.sim-outhouse.com/ using status 302 (phase 2). Operator EQ matched 0 at REQUEST_HEADERS. [file "/usr/local/apache/conf/modsec_vendor_configs/OWASP/rules/REQUEST-20-PROTOCOL-ENFORCEMENT.conf"] [line "317"] [id "960009"] [rev "1"] [msg "Request Missing a User Agent Header"] [severity "NOTICE"] [ver "OWASP_CRS/3.0.0"] [maturity "9"] [accuracy "9"] [tag "Host: www.sim-outhouse.com"] [tag "OWASP_CRS/PROTOCOL_VIOLATION/MISSING_HEADER_UA"] [tag "WASCTC/WASC-21"] [tag "OWASP_TOP_10/A7"] [tag "PCI/6.5.10"] [hostname "www.sim-outhouse.com"] [uri "/"] [unique_id "VPeKaEjpTOoAAFq7rpYAAAAU"]
 
this is fun catching flies

Time: Wed Mar 4 17:46:34 2015 -0500
IP: 54.144.41.13 (US/United States/ec2-54-144-41-13.compute-1.amazonaws.com)
Failures: 5 (mod_security)
Interval: 300 seconds
Blocked: Yes

Log entries:

[Wed Mar 04 17:46:29 2015] [error] [client 54.144.41.13] ModSecurity: Access denied with redirection to http://sim-outhouse.com/ using status 302 (phase 2). Match of "pm AppleWebKit Android" against "REQUEST_HEADERS:User-Agent" required. [file "/usr/local/apache/conf/modsec_vendor_configs/OWASP/rules/REQUEST-20-PROTOCOL-ENFORCEMENT.conf"] [line "299"] [id "960015"] [rev "3"] [msg "Request Missing an Accept Header"] [severity "NOTICE"] [ver "OWASP_CRS/3.0.0"] [maturity "9"] [accuracy "8"] [tag "Host: sim-outhouse.com"] [tag "OWASP_CRS/PROTOCOL_VIOLATION/MISSING_HEADER_ACCEPT"] [tag "WASCTC/WASC-21"] [tag "OWASP_TOP_10/A7"] [tag "PCI/6.5.10"] [hostname "sim-outhouse.com"] [uri "/robots.txt"] [unique_id "VPeLRUjpTOoAAF8c6fsAAAAR"]
[Wed Mar 04 17:46:29 2015] [error] [client 54.144.41.13] ModSecurity: Access denied with redirection to http://www.sim-outhouse.com/ using status 302 (phase 2). Match of "pm AppleWebKit Android" against "REQUEST_HEADERS:User-Agent" required. [file "/usr/local/apache/conf/modsec_vendor_configs/OWASP/rules/REQUEST-20-PROTOCOL-ENFORCEMENT.conf"] [line "299"] [id "960015"] [rev "3"] [msg "Request Missing an Accept Header"] [severity "NOTICE"] [ver "OWASP_CRS/3.0.0"] [maturity "9"] [accuracy "8"] [tag "Host: www.sim-outhouse.com"] [tag "OWASP_CRS/PROTOCOL_VIOLATION/MISSING_HEADER_ACCEPT"] [tag "WASCTC/WASC-21"] [tag "OWASP_TOP_10/A7"] [tag "PCI/6.5.10"] [hostname "www.sim-outhouse.com"] [uri "/sohforums/showthread.php"] [unique_id "VPeLRUjpTOoAAF8Z564AAAAM"]
[Wed Mar 04 17:46:29 2015] [error] [client 54.144.41.13] ModSecurity: Access denied with redirection to http://sim-outhouse.com/ using status 302 (phase 2). Match of "pm AppleWebKit Android" against "REQUEST_HEADERS:User-Agent" required. [file "/usr/local/apache/conf/modsec_vendor_configs/OWASP/rules/REQUEST-20-PROTOCOL-ENFORCEMENT.conf"] [line "299"] [id "960015"] [rev "3"] [msg "Request Missing an Accept Header"] [severity "NOTICE"] [ver "OWASP_CRS/3.0.0"] [maturity "9"] [accuracy "8"] [tag "Host: sim-outhouse.com"] [tag "OWASP_CRS/PROTOCOL_VIOLATION/MISSING_HEADER_ACCEPT"] [tag "WASCTC/WASC-21"] [tag "OWASP_TOP_10/A7"] [tag "PCI/6.5.10"] [hostname "sim-outhouse.com"] [uri "/"] [unique_id "VPeLRUjpTOoAAF8c6fwAAAAR"]
[Wed Mar 04 17:46:29 2015] [error] [client 54.144.41.13] ModSecurity: Access denied with redirection to http://www.sim-outhouse.com/ using status 302 (phase 2). Match of "pm AppleWebKit Android" against "REQUEST_HEADERS:User-Agent" required. [file "/usr/local/apache/conf/modsec_vendor_configs/OWASP/rules/REQUEST-20-PROTOCOL-ENFORCEMENT.conf"] [line "299"] [id "960015"] [rev "3"] [msg "Request Missing an Accept Header"] [severity "NOTICE"] [ver "OWASP_CRS/3.0.0"] [maturity "9"] [accuracy "8"] [tag "Host: www.sim-outhouse.com"] [tag "OWASP_CRS/PROTOCOL_VIOLATION/MISSING_HEADER_ACCEPT"] [tag "WASCTC/WASC-21"] [tag "OWASP_TOP_10/A7"] [tag "PCI/6.5.10"] [hostname "www.sim-outhouse.com"] [uri "/"] [unique_id "VPeLRUjpTOoAAF8Z568AAAAM"]
[Wed Mar 04 17:46:29 2015] [error] [client 54.144.41.13] ModSecurity: Access denied with redirection to http://www.sim-outhouse.com/ using status 302 (phase 2). Match of "pm AppleWebKit Android" against "REQUEST_HEADERS:User-Agent" required. [file "/usr/local/apache/conf/modsec_vendor_configs/OWASP/rules/REQUEST-20-PROTOCOL-ENFORCEMENT.conf"] [line "299"] [id "960015"] [rev "3"] [msg "Request Missing an Accept Header"] [severity "NOTICE"] [ver "OWASP_CRS/3.0.0"] [maturity "9"] [accuracy "8"] [tag "Host: www.sim-outhouse.com"] [tag "OWASP_CRS/PROTOCOL_VIOLATION/MISSING_HEADER_ACCEPT"] [tag "WASCTC/WASC-21"] [tag "OWASP_TOP_10/A7"] [tag "PCI/6.5.10"] [hostname "www.sim-outhouse.com"] [uri "/robots.txt"] [unique_id "VPeLRUjpTOoAAGGv96AAAAAJ"]
 
they just dont give up, must be from titan
the code is so far out that i have to show a screen shot only

look-001.jpg
 
Back
Top