hello, a very annoying hacker keeps trying, despite the fact that my site is secure, to sql inject my website. The problem is, he is using IP cloaking and doing it from different IPs every time. I don't know much about IP cloaking, but I'm interested in learning about it. You must first know how to perform an attack i suppose to learn how to protect against it. I'm not at all asking how to cloak IPs for malicious purposes, however, what can you all tell me about IP cloaking? I'm interested in tracking down this guy or at least his ISP so I can put a stop to this annoyance. Any ideas? Let me know thanks!
I had the same issues, the main bad thing here is that there are many different IP's.....I couldnt do anything about it as to stop the service temporarily. I guess, the only way is to hunt his hostname and not IP, and ban that hostname. But I dunno how to do that (in ASP that is). In php it is possible.
another idea is to set a cookie value using a guid. then when he visits your site again using the same browser he will get kicked. of course this is not a perfect solution, merely an additional layer of security becasue he could just delete the cookie on his machine but it increases the inconvenience factor slightly. I do this using ASP.
If it's just one domain I second craigedmonds suggestion - add one other step / feature / protection to make the submit more inconvenient. On a directory I run, most of the spam submission came from India, so now we switch up to a 2 step process if the submission is coming from there and it has cut the spam to zero. Another suggestion would be to install mod_security if you are running your own server.