Hacking attempts from

hd4real posted 23rd of August 2008 in Community Voice. 8 comments.

NOTE: SOLUTION IS UPGRADE TO 6.1.4

Hi All,


If you have upgraded or not, I suggest you to add these ip's to your deny list:


89.111.176.86
65.39.140.181
213.33.84.163
67.18.208.106
81.92.196.73
89.208.43.121
81.92.196.73
89.208.43.121
220.125.208.12
200.93.147.155
193.110.89.6
81.29.112.219
201.17.129.24
92.48.68.66
198.66.222.121
72.9.233.10
66.135.41.76


UPDATE:

ip-209-172-55-178.static.privatedns.com
server2.dmusichost.com
mail.multihosts.ru
48-42.bluehost.com


Regards,


Harvliet

 
Comments
·Oldest
·Top
Please login to post a comment.
gameutopia
gameutopia23rd of August 2008
 
I am wondering why exactally why I should add these ip's you specify?

I block a number for a certain reason, but can you provide additional reasoning for blocking them in particular?

Not saying I will or would disagree with you and they are only a few like 18 which is a drop in the bucket. But is there some reason these are on your mind?

I get more attempted attacks on my site in a day then I can possibly count certainly more than 18. If I listed all their ip's this page would be huge.

Ip see more blocking is good sometimes. And other times they are nothing to worry about.

If they are smart they can change their ip and hit you again.

So the smart thing to do is to figure out what they are hitting, and figure out how to prevent what they are hitting rather than the ip. There are millions and millions of ip's out there that change, or can change at will.

So if you can figure out what they are hitting or attempting and prevent that instead, you only have a small file to adjust, edit or configure, rather than block a huge number of growing ip's.

I wouldn't rule out some ip's, and I do tend to block some of the well known ranges, but bottom line is you will do much more if you can block their attempts rather than ip's.

I used to think ip's was the route to go, but after much reasearch and testing, I have found that it is more productive to block the source they are after rather than ip.

Good luck!!
gameutopia
PermalinkReplyPlus0 pluses
hd4real
hd4real23rd of August 2008to gameutopia
 
You are right. They are hitting the security holes which are in Dolphin 6.1.2. I have not yet upgraded to 6.1.4 as my site has mods and i'm not a coder so upgrading will take ages for me and I have to do 3 sites.
PermalinkReplyPlus0 pluses
gameutopia
gameutopia23rd of August 2008to gameutopia
 
Sorry for the double post. It don't matter what your version is make sure register globals is off.

Ip's are good sometimes but if they are hitting safehtml or whatever with a remote file include, just due away with them. Most are libperl crap anyway, so just block them totally.

I just added this to my site, and I need to proof read it but you can check it and get some ideas at:
http://www.dialme.com/articles.php?action=viewarticle&articleID=27

If there is something I can help you with see more in particular be sure to let me know.

gameutopia
PermalinkReplyPlus0 pluses
gameutopia
gameutopia23rd of August 2008
 
I am wondering why exactally why I should add these ip's you specify?

I block a number for a certain reason, but can you provide additional reasoning for blocking them in particular?

Not saying I will or will not disagree with you and they are only a few like 18 which is a drop in the bucket. But is there some reason these are on your mind?

I get more attempted attacks on my site in a day then I can possibly count certainly more than 18. If I listed all their ip's this page would be huge.

Ip see more blocking is good sometimes. And other times they are nothing to worry about.

If they are smart they can change their ip and hit you again.

So the smart thing to do is to figure out what they are hitting, and figure out how to prevent what they are hitting rather than the ip. There are millions and millions of ip's out there that change, or can change at will.

So if you can figure out what they are hitting or attempting and prevent that instead, you only have a small file to adjust, edit or configure, rather than block a huge number of growing ip's.

I wouldn't rule out some ip's, and I do tend to block some of the well known ranges, but bottom line is you will do much more if you can block their attempts rather than ip's.

I used to think ip's was the route to go, but after much reasearch and testing, I have found that it is more productive to block the source they are after rather than ip.

Good luck!!
gameutopia
PermalinkReplyPlus0 pluses
buckmcgoo
buckmcgoo23rd of August 2008
 
Blocking individual ips is an exercise in futility.. they change constantly.
PermalinkReplyPlus0 pluses
tango3d
tango3d27th of August 2008
 
I agree, it is unlikely that your site will be hacked by someone with a static ip address
PermalinkReplyPlus0 pluses
ntlam98
ntlam9817th of September 2008
 
yeah i agree, it better to build great lock than chasing the thief.
PermalinkReplyPlus0 pluses
Facegey
Facegey15th of December 2010
 
can any one explain me why i'm not able to add a IP which starts with 201.222.113.2 every time i add it to the black list and clicking submit it shows up o.o.o.o. added to black list, what i'm doing wrong???
PermalinkReplyPlus0 pluses
 
 
Home
Features
Pricing
Hosting
Support
About
StartDemo
Below is the legacy version of the Boonex site, maintained for Dolphin.Pro 7.x support.
The new Dolphin solution is powered by UNA Community Management System.

Blogs

Dolphin.Pro News
BoonEx News
Our Journey
Social Software World
Community Voice

Help

Support Forums
Documentation
BoonEx at GitHub
Custom Jobs
Contact Support Team

Product

Dolphin.Pro Features
Live Demo & Sandbox
Download Packages
Pricing & Order
Contact Sales Team

Company

Contact Us
About BoonEx
Privacy Policy
Terms & Conditions
© BoonEx Pty Ltd
SSL
© BoonEx
Home
Features
Pricing
Support
Hosting
About
Demo
PET:0.061553955078125