Vulnerability Attack

For all Non-Joomla! security issues. ie 3pd Components etc.

Moderator: General Support Moderators

Forum rules
Locked
stormdevil
Joomla! Apprentice
Joomla! Apprentice
Posts: 10
Joined: Fri Sep 28, 2007 6:33 am

Vulnerability Attack

Post by stormdevil » Mon Jun 30, 2008 10:57 am

I am currently watching as someone / something hammers at my Joomla website looking for vulnerabilities.

As I get emailed when someone looks for a file that doesn't exist I can see this thing searching for different files (presumably to find an exploit).
This has been going on for the last 2 hours with over 1000 attempts to find different files - none of which I have obviously since they are flagged up as missing files, but some I recognise as files / components with known security issues. At the rate of access - this has to be scripted!

I'd love to know how to stop this. It's also pretty scary to know that someone is trying to get at my site.

Has anyone else experienced anything similar?

Toni
Toni (http://www.qivva.com)

Visit http://extensions.qivva.com for the latest Calendar module for EventList

auroramae
Joomla! Enthusiast
Joomla! Enthusiast
Posts: 140
Joined: Sun May 07, 2006 1:19 am

Re: Vulnerability Attack

Post by auroramae » Sun Jul 06, 2008 11:45 pm

I posted a message about this same phenomenon this week. Something looking for non existent extensions. I am sorry to be of no help to you. At least I know now that I'm not alone.

User avatar
mandville
Joomla! Master
Joomla! Master
Posts: 15150
Joined: Mon Mar 20, 2006 1:56 am
Location: The Girly Side of Joomla in Sussex

Re: Vulnerability Attack

Post by mandville » Mon Jul 07, 2008 12:09 am

if it is using libwww as the agent, then block that in your htaccess . search for libwww on this forum and you will find the code.
otherise just slam out the IP - save your inbox
HU2HY- Poor questions = Poor answer
Un requested Help PM's will be reported, added to the foe list and possibly just deleted
{VEL Team Leader}{TM Auditor }{ Showcase & Security forums Moderator}

Crwills
Joomla! Apprentice
Joomla! Apprentice
Posts: 16
Joined: Sat Apr 24, 2010 5:21 am
Contact:

Re: Vulnerability Attack

Post by Crwills » Sun Apr 25, 2010 2:37 am

Block IP address using plugins like phoca, It will work. ;)
C R Wills
Law Directory - http://www.attorneylawyerdirectory.org
Constuction Directory - http://constructiontoday.org

yehgnet
Joomla! Apprentice
Joomla! Apprentice
Posts: 21
Joined: Thu Dec 11, 2008 12:51 pm
Location: MM
Contact:

Re: Vulnerability Attack

Post by yehgnet » Sun Jan 02, 2011 7:53 am

Attackers are hunting for flawed components. Make sure you don't use one.

http://docs.joomla.org/Vulnerable_Extensions_List


Locked

Return to “3rd Party/Non Joomla! Security Issues”