 |
|
 |
|
- Readme First! -
Read and follow the rules, otherwise your posts will be closed |
|
|
|
|
|
There are currently, 178 guest(s) and 0 member(s) that are online.
You are Anonymous user. You can register for free by clicking here |
|
|
|
|
|
|
 Timothy writes "It seems a wide variety of hits from Lacnic sites in the 200 and 201 IP range are union attempts, or calls on admin.php
Lacnic will issue a trouble ticket number, but they never reply and never close the trouble ticket. LACNIC is member of the NRO (Number Resource Organization)
The ineffectiveness of Lacnic to stop Brazilian hackers and others, and their abuse of their own trouble ticket system demands attention.
Recently we've seen attempts to access admin.php while spoofing Google's IP addresses. To automatically ban the IP's means a webmaster's site would no longer be spidered by Google. Google Adsense revenue and other income would drop off.
Also at issue is one website with a .ws extension. We contacted administrators for .ws, and got the same lack of interest as we did from Lacnic. Again, PhpNuke webmasters are still vulnerable due to lack of action on the part of the providers.
From a legal standpoint, the US Supreme Court ruled that the registrars are not responsible for the registrant. So Network Solutions could take your money, but are not responsible for anything the registrant does. It falls back on the hosting company to take action.
Yahoo, for one does not include hacking as an area for complaints. (see http://abuse.yahoo.com/ ) where most providers that offer free sites (the cause of many problems) include hacking on their abuse reporting page.
At NukeFind ( www.NukeFind.com ) we recommend deleting admin.php and auth.php from the web directory all together. When we need to perform admin functions, we FTP the files back to the server and take care of business. When finished we delete them.
For more, and to see addresses to hacker websites to watch out for, our IP address ban list, helpful contact information, etc, download our zip compressed text file from:
our livephone.us website here
(We will not publish this information where it can be spidered or accessed directly.)
LivePhone.us specializes in voice over the Internet. Our NukeFind website is the world's largest database of Nuke Powered websites.
"
|
|
Posted on Saturday, May 29 @ 17:21:22 CEST by Zhen-Xjell |
|
|
|
|
| |
|
Average Score: 5
Votes: 2
|
|
|
|
|
|
|
| | The comments are owned by the poster. We aren't responsible for their content. |
| | | | |
| No Comments Allowed for Anonymous, please register | | | | |
Re: Update - Hacking from Lacnic (Score: 1)
by Zhen-Xjell on Saturday, May 29 @ 17:22:57 CEST
(User Info | Send a Message) http://castlecops.com | | Are you sure it isn't from Google Proxy that is used by the translater? The Google crawler comes in from completely different CIDR address. |
| | | | |
Re: Update - Hacking from Lacnic (Score: 1)
by Imagination on Sunday, May 30 @ 14:04:44 CEST
(User Info | Send a Message) | | ive also had these attempts on my site but the weird thing being they only attack the one site that leads me to beleave ti is aimed where as the other sites i have are sage from this strange but true |
| | | | |
Re: Update - Hacking from Lacnic (Score: 1)
by Xeon on Monday, May 31 @ 00:31:43 CEST
(User Info | Send a Message) http://www.credit-repair-combat.com/ | Yes, these and the RIPE and APNIC IP's are fully banned from my sites for this same reason.
The Class A ban numbers are owned by these ISP's and since my site is a USA only site, they get the full Class A ban. Others aren't so fortunate since they want to allow IP's from those areas of the world and it makes life very difficult.
Here are the ones I recommend banning if you are only interested in traffic from US IP's.
They are:
80.*
81.*
82.*
83.*
202.*
203.*
210.*
211.*
212.*
213.*
217.*
218.*
219.*
220.*
221.*
222.*
Those are the primaries, there are a few scattered others, but their easy to spot if you're really paying attention to the traffic on your sites.
See ya,
213.*
217.* |
| | | | | |
|
