Community « Discussion forum « Bug tracker «
Annoying attack vector: users/edit.php, yacs threat?
I started running awstats on my yacs based site and I'm seeing a ton of hits on users/edit.php...is it a security threat?
I'm seeing a lot of activity on the users/edit.php path, looks like automated probes, in my logfiles. After some googling, I'm pretty sure it's an attack vector on some software called "File Store" (sql injection, according to http://xforce.iss.net/xforce/xfdb/25183.)
Has anyone else noticed this? Is it a non-issue for Yacs? I'm thinking of blocking those incoming IPs at my firewall to help keep my server and logfiles uncluttered with "street trash".
tnx,
R
Has anyone else noticed this? Is it a non-issue for Yacs? I'm thinking of blocking those incoming IPs at my firewall to help keep my server and logfiles uncluttered with "street trash".
tnx,
R
Problem has been recorded
| GnapZ from Caribbean 2970 posts |
My logs do not show any activity on users/edit.php (tried on 5 yacs servers). Thanks for your feed-back. |
Rod 52 posts |
What surprises me is that this is a name virtual host on a 3rd level dns record: dev.morison.biz, and I don't give that name out or link it anywhere (and google doesn't know about it). These guys must scan dns records to find sites with a 200 on that url, then start throwing their attack at it. I might setup a packet sniff from some of these IPs and see what's in their post data. |
| GnapZ from Caribbean 2970 posts |
Rod : This does not depend of Ya cs but you should send thses informatio to your hosting service and/or your registrar. |
Bernard from nearby-an-airport Associate, 6995 posts |
You are right,and hackers are certainly attempting to attack YACS, looking for vulnerabilities. Please send me by e-mail a list of most attacked scripts, and I will have a specific review of these, just to check if we could raise the bar in some areas. No panic here, YACS has been already attacked in the past, and is benefiting from a strong architecture. We have learnt from experience that good security results from continuous efforts and vigilance. Thank you for your contributions in this area. |
Edit
Delete
