Penetration Testing mailing list archives
cyveillance attack on our servers
From: "Campbell Murray" <electronichacker () googlemail com>
Date: Wed, 11 Oct 2006 09:55:46 +0100
Group, your thoughts and experience please. We have recently been subject to a series of scans originating from the IP address 65.222.176.125. A lookup on Arin reveals the owners as cyveillance and further investigation via Google indicates that we are not alone as victims of hacking attacks from this organisation: please read http://cyveillance.linuxgod.net/ Logs that we have collected from our webservers show not just site crawling [which we have no problem with] but attempts to uncover hidden directories, cross site scripting and SQL injection against known and possible page targets on our main AND satellite websites. The pattern of the scans is similar to that of the Syhunt assessment tool and we are assuming either this or a similar tool has been used on our URLs. Has anybody else experienced similar problems with this organisation? Kind Regards, Campbell ------------------------------------------------------------------------ This List Sponsored by: Cenzic Need to secure your web apps? Cenzic Hailstorm finds vulnerabilities fast. Click the link to buy it, try it or download Hailstorm for FREE. http://www.cenzic.com/products_services/download_hailstorm.php?camp=701600000008bOW ------------------------------------------------------------------------
Current thread:
- cyveillance attack on our servers Campbell Murray (Oct 11)