Attack on server via Gallery Attack on server via Gallery
 

News:

cpg1.5.48 Security release - upgrade mandatory!
The Coppermine development team is releasing a security update for Coppermine in order to counter a recently discovered vulnerability. It is important that all users who run version cpg1.5.46 or older update to this latest version as soon as possible.
[more]

Main Menu

Attack on server via Gallery

Started by marian, June 07, 2007, 08:30:44 PM

Previous topic - Next topic

0 Members and 1 Guest are viewing this topic.

Print
Go Down Pages1
User actions

marian

June 07, 2007, 08:30:44 PM Last Edit: June 08, 2007, 10:43:10 AM by GauGau
We had an attack on the server today and have tracked it down to one IP addy hitting Gallery images at a crazy rate, until it ran out of memory.
We have been remiss about upgrading and I'll get that done as soon as India wakes up. So my first question is will upgrading stop a repeat? The IP addy has been banned, but might be spoofed.
There are two odd things about this. 1. Although we have changed to pid URLS, the URLS that showed up in the logs were pos - like /photos/displayimage.php?pos=-1982. 2. The pix viewed counter did not go up in accordance with the rate images were being hit.
Any advice much appreciated.

Nibbler

#1
June 08, 2007, 01:43:59 AM
Updating won't protect you from a DOS attack - you'll need to counter that at the server or firewall level.
Print
Go Up Pages1
User actions