[Closed]: Is this a hacker? (logs included) [Closed]: Is this a hacker? (logs included)
 

News:

cpg1.5.48 Security release - upgrade mandatory!
The Coppermine development team is releasing a security update for Coppermine in order to counter a recently discovered vulnerability. It is important that all users who run version cpg1.5.46 or older update to this latest version as soon as possible.
[more]

Main Menu

[Closed]: Is this a hacker? (logs included)

Started by Edgar Fletcher, June 17, 2009, 10:52:46 PM

Previous topic - Next topic

0 Members and 1 Guest are viewing this topic.

Edgar Fletcher

What are these guys up to? I suspect no good.

from access log:
Quote125.122.24.181 - - [17/Jun/2009:02:25:16 -0400] "POST /db_input.php HTTP/1.1" 417 819 "http://www.mydomain.com/db_input.php" "-"
125.122.24.181 - - [17/Jun/2009:02:35:27 -0400] "POST /db_input.php HTTP/1.1" 417 819 "http://www.mydomain.com/db_input.php" "-"
125.122.24.181 - - [17/Jun/2009:03:09:38 -0400] "POST /db_input.php HTTP/1.1" 417 819 "http://www.mydomain.com/db_input.php" "-"

125.120.139.246 - - [17/Jun/2009:11:53:34 -0400] "POST /db_input.php HTTP/1.1" 417 819 "http://www.mydomain.com/db_input.php" "-"

Joachim Müller

Post even less information. We're mind-readers. Our capabilities are amazing. We'll look into our magic crystal balls and will tell you in an instant. Please just wait your turn. The next available psychic will look into your issues. Please stand by. Beep.
If you don't want to wait, post the real content of your log and a link to your gallery (minimum!).

Edgar Fletcher

Ok.

I get some activity on my gallery which causes me to be suspicious; what is it?

Now get real. I obfuscated my domain in the log segment because it matters not what the site is ... the hits to the php files are what is in question. My site is always updated to the latest version. Are you always so accommodating? If you don't know the answer to the question, simply ignoring the thread would have been better than your flippant response.  I am in my sixth year of using Coppermine ... never had to ask a question before, and you can be sure I will not do it again. Feel free to ban my username.


François Keller

QuoteIf you don't know the answer to the question, simply ignoring the thread would have been better than your flippant response
Joachim told you to give us the real content of your log, and a link to your galerie so we can have a better idea to help you.
QuoteI am in my sixth year of using Coppermine ... never had to ask a question before, 
nice to see you have no problems in six years, it's surely because Coppermine is an amazing script, simple to use...
Quoteand you can be sure I will not do it again. Feel free to ban my username.
It's your choice...
Avez vous lu la DOC ? la FAQ ? et cherché sur le forum avant de poster ?
Did you read the DOC ? the FAQ ? and search the board before posting ?
Mon Blog

Joachim Müller

Quote from: Edgar Fletcher on June 20, 2009, 05:18:39 AM
I obfuscated my domain in the log segment because it matters not what the site is ...
It matters must. It's of utmost importance. We need to see it to advice anything. That's why I asked for it. It's you who has been posting aq "flippant response" and I have really no idea why we should bother dealing with people like you who come here and drop their question without showing any respect to the rules that exist on this board. If you're invited into someone else's house, do you always pee on the carpet first?

Quote from: Edgar Fletcher on June 20, 2009, 05:18:39 AMMy site is always updated to the latest version.
Maybe you should leave that to supporters to decide.

Quote from: Edgar Fletcher on June 20, 2009, 05:18:39 AMIf you don't know the answer to the question
There can be no answer to your question with so little information. You need to post more information to enable others to help you. That's what I said, nothing else.

Quote from: Edgar Fletcher on June 20, 2009, 05:18:39 AMFeel free to ban my username.
We don't ban people lightheartedly. We ban people because they misbehave dramatically. So far, you only have misbehaved sightly. Let's end this discussion and the silly accusations and return to your issues instead if you still need help. If you don't need help, then fine - stay away.

Edgar Fletcher

Joachim,

It may be a good idea to take some time off from supporting Coppermine. Do a quick survey of your recent responses to requests from real users. It is not a good indicator when a project manager singes users for asking questions. For example, why would you chastise a user for installing an old version?  An appropriate response may be along the lines of,
Quote"Thanks for using Coppermine, but unfortunately, the version you are using is quite old. Click on this link to download and install the latest version. I'll be happy to address your questions about the current version."
I am a former support person. I know the strains. Take some rest. Coppermine is a great product! Let's not let fatigue scare future users away!

Edgar

Joe Carver

@  Edgar Fletcher

Fabricio Ferrero

@Edgar Fletcher: Despite that you broke some rules, let's says that you didn't. More than half of the issue that are posted here may solve with an upgrade. And, of course, you would stop some noob hack your site. Read again what you quoted... does any of the words sound bad?

Or it was kindly asking for a requirement needed to be allowed to post?

If you were hacked, I'm 99% sure that you was not running the last stable version. Please, post a link and you will have support accordingly.
Read Docs and Search the Forum before posting. - Soporte en español
--*--
Fabricio Ferrero's Website

Catching up! :)

Joachim Müller

This is leading nowhere - Edgar, take this as an appreciation of your efforts: <°)))o><
Locking.