Ammo For Sale

« « A civil rights victory | Home | New York Boycott » »

Busy Bees

So, after GunNuts got hacked and reading Les’ post on securing wordpress, I installed Better WP Security. It logs attempts to log in to my blog software. Within 45 minutes, it logged about 30 attempts. That surprised me.

7 Responses to “Busy Bees”

  1. Kristophr Says:

    Add those attempts’ IP addresses to your htaccess file’s “deny” section.

  2. atrius Says:

    You should see the practically endless attempts to break into SSH servers. 😀

  3. ByteEnable Says:

    There are scripts running on machines in places like Poland, including China, that constantly scan the internet for open machines or hackable software that is running. I would use Drupal. I think there is a plugin that makes Drupal behave like WordPress. WordPress is notorious for being breached.

  4. SJ Says:

    Any word on what weakness was exploited at GunNuts?

    I’m guessing, if it was similar to the pattern you and Les saw, that a password was either leaked or guessed.

    Pro-Tip: It’s possible, on some web-sites, for an attacker on one of those sites to sniff out your password.

    This depends mostly on how the site-programmer chose to store your password.

    If this password is shared across many sites, and the attacker knows the login-name for those other sites, he might get access to them.

    Anyway, one method of defense is to use a different, hard-to-guess passwords for each site. Except that makes passwords hard to remember, too.

    This is one reason that tools like PasswordSafe were invented.

  5. Rob Reed Says:

    Don’t forget Farmer Frank lost his blog to hackers.

  6. Barron Barnett Says:

    SJ I know what the attack vector was on the GunNuts hit and it was a site vulnerability. I saw it first hand, if you went to a non existent page it kicked you into the theme editor under his login. From there you could do some serious damage.

  7. Caleb Says:

    It was definitely a 404 vulnerability. I fixed it, but by the time I had noticed it and corrected it, the damage was done.