Constant hack attempts on AWF

Capitalism vs Socialism vs Communism comparisons, especially as you see in heightened political debates, are a waste of time because what we really see over time is a melding of the systems into hybrids. As discussed above. The United States, the Nordic region, and China are good examples of this. Each have their own flavors, of course.
Fair enough: It's a question of degree.
 
It's not personal and they are not trying to hack the forum, they are trying to hack the web server it runs on. They don't hand pick targets, they use automated tools that scan many many IP's for one specific vulnerability or a set of vulnerabilities. Wordpress is popular, because many unpatched modules have issues. Only after finding an outdated module it becomes manual labor, they can leverage it to get a shell on the server.
 
It's not personal and they are not trying to hack the forum, they are trying to hack the web server it runs on. They don't hand pick targets, they use automated tools that scan many many IP's for one specific vulnerability or a set of vulnerabilities. Wordpress is popular, because many unpatched modules have issues. Only after finding an outdated module it becomes manual labor, they can leverage it to get a shell on the server.
You seem to know a lot about this. :unsure:
 
Actually, that was an option being offered by the Navy for our advanced certifications.
 
I like to expand my horizon, so I'm training to become OSCP (a certification for penetration testers/ ethical hackers), so I know some things yes.
ethical hacker!? you want a start? find this code behind Jon's pages:
Code:
forums/js/xf/preamble.min.js?
I guarantee you there's a secret in it. ;)
 
ummmmm.....@Ismailmrabet?? you need to post that in a technical section here. thanks.
 
Adam, the post to which you refer has been moved to Modules and VBA.
 
Adam, the post to which you refer has been moved to Modules and VBA.
I wasn't telling you how to do your job. you were just asleep when I caught it. but that's nothing new under the sun, is it Richard? :p

therefore stay awake, for the son of man is coming at an hour you do not expect

- Jesus Christ
 
Sheesh, Adam, I'm not the ONLY moderator on the forum. And I wasn't asleep. I was having breakfast and reading the newspaper, if you are going to make a "thing" of it.
 
A reference to "your age is showing" is totally inappropriate and not at all appreciated. I have addressed that many times.
 
Just given a little day or two's holiday to someone.
I figured that was your doing! considering that there was no "reason" given on the ban notification page. by the way Jon, why haven't you responded to my PM about paying you a visit in person?
 
I've spent all day on security issues for my various websites, finding hacked WordPress installations all over the place. To give you an idea of the number of failed hack attempts on this site, just take a look below:

1613568905113.png


That's like 15 hack attemps in a couple of minutes. It works out at over 10,000 hack attempts per day. Astonishing!
 
That's too bad, Jon. Sorry the site comes under such continual adversity. I hope you are lucky & successful in your efforts at identifying and safekeeping
 
I think it's predominately bots, and if you have an online presence, it's inevitable.

When I used to run a mail server at home the anti-spam and spam catchers would frequently deal with 10,000's of "events" on a daily basis.
My domain was purely privately run for my own use, and I had one mailing list on it subscribed to by 20 people. Hardly ibm.com

One of the simplest and most effective features was to delay the response to a HELO request by about 30 seconds. Most bots and spam malware would only wait for about 10 seconds and give up. Any legitimate host would wait for about 60 seconds.
I remember seeing about a 70% success rate in that one feature removing rubbish connect attempts.
 
According to the scanner, they are mostly not bots:

1613579041837.png


Edit: My personal view is that these are likely to be bots, even though it says Human. Why? Because they are all trying to log in with either admin or access-programmers as the username.
 
Last edited:
Hacker names were trace down. Therefore, they are human.
Maybe they set an automated program that runs over the Internet.
Alternatively, bots run automatically, while others only execute commands when they receive specific input.
 

Users who are viewing this thread

Back
Top Bottom