Attack!

Discussion in 'Site & Server Administration' started by Sleepless, Sep 20, 2006.

  1. #1
    I've recently noticed repetitive attacks from various Russian IP addresses that are trying to access the files "easyboard.php" and "sign.php" on my websites. There are no links to these files on my site, and they do not exist.
    I am assuming that a vulnerability was discovered in that PHP software (it's a bulletin board script), and that hackers are trying to take advantage of that by randomly accessing websites with the hope that some of them have installed the software. Please be warned.
     
    Sleepless, Sep 20, 2006 IP
  2. noppid

    noppid gunnin' for the quota

    Messages:
    4,246
    Likes Received:
    232
    Best Answers:
    0
    Trophy Points:
    135
    #2
    I wonder if it's this guest book?

    Spaced to avoid live link... h t t p : //www. onlinetools .org/tools/easyboard.php
     
    noppid, Sep 20, 2006 IP
  3. bnts

    bnts Well-Known Member

    Messages:
    2,329
    Likes Received:
    310
    Best Answers:
    0
    Trophy Points:
    165
    #3
    Wel how do we know we are attacked? I also want to check it out...
     
    bnts, Sep 21, 2006 IP
  4. noppid

    noppid gunnin' for the quota

    Messages:
    4,246
    Likes Received:
    232
    Best Answers:
    0
    Trophy Points:
    135
    #4
    I will venture a guess and say the server logs. Perhaps the 404's if you don't have that file?
     
    noppid, Sep 21, 2006 IP