2007-06-18, 11:51 AM
hello and sorry for my poor english firstly...
a week ago somebody attacked my site 91 times and cracker tracker logged it, the logs are look like;
2007-06-09, 23:58:01, 1181422704, 84.16.240.251, forums=19&postthread=1&keywords=%22%3e+%3ca+href%3dhttp%3a%2f%2fblackpussy.pornzonehost.com%2fxxx-black-pussy.html%3eveggi%3c%2fa%3e&action=do_search, Java/1.6.0
2007-06-10, 14:20:31, 1181474454, 84.16.240.251, forums=19&postthread=1&keywords=%22%3e+%3ca+href%3dhttp%3a%2f%2fblackpussy.pornzonehost.com%2fxxx-black-pussy.html%3eryokb%3c%2fa%3e&action=do_search, Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; .NET CLR 1.1.4322; InfoPath.1)
2007-06-10, 14:20:32, 1181474455, 84.16.240.251, forums=19&postthread=1&keywords=%22%3e+%3ca+href%3dhttp%3a%2f%2fblackpussy.pornzonehost.com%2fxxx-black-pussy.html%3eryokb%3c%2fa%3e&action=do_search, Java/1.6.0
2007-06-10, 14:20:44, 1181474467, 84.16.240.251, forums=19&postthread=1&keywords=%22%3e+%3ca+href%3dhttp%3a%2f%2fblackpussy.pornzonehost.com%2fxxx-black-pussy.html%3eryokb%3c%2fa%3e&action=do_search, Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; .NET CLR 1.1.4322; InfoPath.1)...
then I banned the attacker ip and then the attacks ended... but after that I saw interesting event... a lot of guest wiewed the same thread along two or three days... then I moved that thread to trash can, at this time a lot of guest looked the no permissions area... then I deleted that interesting topic; and this time in whois online page, a lot of guests reading thread...
I hope I tell my problem correctly...
a week ago somebody attacked my site 91 times and cracker tracker logged it, the logs are look like;
2007-06-09, 23:58:01, 1181422704, 84.16.240.251, forums=19&postthread=1&keywords=%22%3e+%3ca+href%3dhttp%3a%2f%2fblackpussy.pornzonehost.com%2fxxx-black-pussy.html%3eveggi%3c%2fa%3e&action=do_search, Java/1.6.0
2007-06-10, 14:20:31, 1181474454, 84.16.240.251, forums=19&postthread=1&keywords=%22%3e+%3ca+href%3dhttp%3a%2f%2fblackpussy.pornzonehost.com%2fxxx-black-pussy.html%3eryokb%3c%2fa%3e&action=do_search, Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; .NET CLR 1.1.4322; InfoPath.1)
2007-06-10, 14:20:32, 1181474455, 84.16.240.251, forums=19&postthread=1&keywords=%22%3e+%3ca+href%3dhttp%3a%2f%2fblackpussy.pornzonehost.com%2fxxx-black-pussy.html%3eryokb%3c%2fa%3e&action=do_search, Java/1.6.0
2007-06-10, 14:20:44, 1181474467, 84.16.240.251, forums=19&postthread=1&keywords=%22%3e+%3ca+href%3dhttp%3a%2f%2fblackpussy.pornzonehost.com%2fxxx-black-pussy.html%3eryokb%3c%2fa%3e&action=do_search, Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; .NET CLR 1.1.4322; InfoPath.1)...
then I banned the attacker ip and then the attacks ended... but after that I saw interesting event... a lot of guest wiewed the same thread along two or three days... then I moved that thread to trash can, at this time a lot of guest looked the no permissions area... then I deleted that interesting topic; and this time in whois online page, a lot of guests reading thread...
I hope I tell my problem correctly...