[BC] Administrivia - Comment and Comcast

[Harold Hallikainen]

Following up on Barry's comments regarding the massive amounts of spam and
other attacks on the Internet, I've had to deal with a script being
uploaded onto my manuals archive
(http://www.hallikainen.org/BroadcastHistory) wiki. It was attacked
Saturday morning from an IP in Russia. I disabled the uploads, then got a
fix from the plugin writer for the wiki. I enabled uploads and was hit
again Tuesday morning. The first time, the upload was about 1:10am PDT.
The user then removed the script about 1:30am. I added triggers to my IP
blacklisting that would catch a unique string I found in the Apache log
from this user. On Tuesday, they uploaded, my script triggered, and their
IP was blocked so they could not remove the script. I copied it over to a
private read only area and disabled writing to the upload directory. The
script is something called c99shell that pretty much gives shell access to
the user. It appears it runs under the apache username, though, so I THINK
it was limited in what it could get to. I'm going to investigate a bit
more after NAB. Meanwhile, I'm still looking for more pdf scans of manuals
to add to the archive, but now I have to take them by email instead of
allowing uploads...

The Internet is the current version of the Wild West.

Harold


-- 
FCC Rules Updated Daily at http://www.hallikainen.com - Advertising
opportunities available!