1. Advertising
    y u no do it?

    Advertising (learn more)

    Advertise virtually anything here, with CPM banner ads, CPM email ads and CPC contextual links. You can target relevant areas of the site and show ads based on geographical location of the user if you wish.

    Starts at just $1 per CPM or $0.10 per CPC.

someone sql injection attacking my website using cloaked IP

Discussion in 'Security' started by MasterOfLogic, Jul 13, 2007.

  1. #1
    hello, a very annoying hacker keeps trying, despite the fact that my site is secure, to sql inject my website. The problem is, he is using IP cloaking and doing it from different IPs every time. I don't know much about IP cloaking, but I'm interested in learning about it. You must first know how to perform an attack i suppose to learn how to protect against it. I'm not at all asking how to cloak IPs for malicious purposes, however, what can you all tell me about IP cloaking? I'm interested in tracking down this guy or at least his ISP so I can put a stop to this annoyance. Any ideas? Let me know thanks!
    SEMrush
     
    MasterOfLogic, Jul 13, 2007 IP
    SEMrush
  2. dnahosting

    dnahosting Active Member

    Messages:
    385
    Likes Received:
    9
    Best Answers:
    0
    Trophy Points:
    60
    #2
    he/she/it is probably just using TOR or a proxy
     
    dnahosting, Jul 13, 2007 IP
  3. N_F_S

    N_F_S Active Member

    Messages:
    2,475
    Likes Received:
    56
    Best Answers:
    0
    Trophy Points:
    90
    #3
    I had the same issues, the main bad thing here is that there are many different IP's.....I couldnt do anything about it as to stop the service temporarily.

    I guess, the only way is to hunt his hostname and not IP, and ban that hostname. But I dunno how to do that (in ASP that is). In php it is possible.
     
    N_F_S, Jul 15, 2007 IP
  4. craigedmonds

    craigedmonds Notable Member

    Messages:
    671
    Likes Received:
    91
    Best Answers:
    0
    Trophy Points:
    220
    #4
    another idea is to set a cookie value using a guid.

    then when he visits your site again using the same browser he will get kicked.

    of course this is not a perfect solution, merely an additional layer of security becasue he could just delete the cookie on his machine but it increases the inconvenience factor slightly.

    I do this using ASP.
     
    craigedmonds, Jul 21, 2007 IP
  5. clickbuild

    clickbuild Member

    Messages:
    89
    Likes Received:
    4
    Best Answers:
    0
    Trophy Points:
    48
    #5
    If it's just one domain I second craigedmonds suggestion - add one other step / feature / protection to make the submit more inconvenient.

    On a directory I run, most of the spam submission came from India, so now we switch up to a 2 step process if the submission is coming from there and it has cut the spam to zero.

    Another suggestion would be to install mod_security if you are running your own server.
     
    clickbuild, Jul 25, 2007 IP