[tor-talk] Is this a practical vulnerability?
Andreas Krey
a.krey at gmx.de
Fri Oct 19 12:40:51 UTC 2012
On Fri, 19 Oct 2012 11:25:34 +0000, Anon Mus wrote:
...
> Within 24hrs of making that Tor hidden service live I could see, in my
> firewall logs, hundreds of repeated attempts trying to hack my server,
> directly from the internet, not via my hidden Tot service.
Welcome to the internet. Have an open web server, and it will get
accessed by scum that tries known vulnerabilities: /memberlist.php,
/index.php, /user/soapCaller.bs, thats normal.
> All were
> attempting to access various types of services/permissions which were
> mainly focused on attempting to gain control of a "web page server".
How can you tell that from firewall logs? If it just blocks the access
you will only see the source address, but not the actual HTTP request.
...
> attack strategy over a 12 hour period. Hundreds of commands were sent,
> many in quick succession as if they were in some sort of script file,
Can you be any more detailed about those attacks? What commands, on
what service, and why do you even get to know the commands if there
is no such service on your computer?
Andreas
--
"Totally trivial. Famous last words."
From: Linus Torvalds <torvalds@*.org>
Date: Fri, 22 Jan 2010 07:29:21 -0800
More information about the tor-talk
mailing list