The Board Game Hut - Great Games Supported By Great Service
  1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.
Dismiss Notice
Welcome to Senior Gamers!

We are a community for mature gamers who primarily play online games on PlayStation consoles (PS4, PS3, PS Vita). You can find out more in our About Us section.

If you are new to the site, why not register? By doing so and being an active member you can view the site without adverts, make posts and more. You can register here and even do so using Facebook, Twitter or Google+!

Site security

Discussion in 'Website News & Support' started by HaloJ, 28 Sep 2012.

  1. HaloJ

    HaloJ Serious Gamer
    Senior Citizen

    Joined:
    28 Apr 2012
    Messages:
    1,362
    Likes Received:
    330
    Trophy Points:
    1,270
    PSN:
    HaloJ
    We've seen an increased interest from guests on the community recently. It looks to be some form of probing attack probably based on SQL injection through the forums.

    I'm just posting this as a convenient note of the IP and whois information.

    Code:
    Guest IP: 202.46.60.208 » Whois
    Mozilla/5.0 (Windows NT 5.1; rv:6.0.2) Gecko/20100101 Firefox/6.0.2	Index page	Fri 28 Sep 2012, 12:46 pm Guest IP: 202.46.50.134 » Whois
    Mozilla/5.0 (Windows NT 5.1; rv:6.0.2) Gecko/20100101 Firefox/6.0.2	Index page	Fri 28 Sep 2012, 12:46 pm
    Guest IP: 202.46.62.116 » Whois
    Mozilla/5.0 (Windows NT 5.1; rv:6.0.2) Gecko/20100101 Firefox/6.0.2	Index page	Fri 28 Sep 2012, 12:46 pm
    Guest IP: 202.46.53.70 » Whois
    Mozilla/5.0 (Windows NT 5.1; rv:6.0.2) Gecko/20100101 Firefox/6.0.2	Index page	Fri 28 Sep 2012, 12:46 pm
    Guest IP: 202.46.55.34 » Whois
    Mozilla/5.0 (Windows NT 5.1; rv:6.0.2) Gecko/20100101 Firefox/6.0.2	Index page	Fri 28 Sep 2012, 12:46 pm
    Guest IP: 202.46.61.93 » Whois
    Mozilla/5.0 (Windows NT 5.1; rv:6.0.2) Gecko/20100101 Firefox/6.0.2	Index page	Fri 28 Sep 2012, 12:46 pm
    Guest IP: 173.236.240.254 » Whois	Viewing user control panel	Fri 28 Sep 2012, 12:45 pm
    Guest IP: 180.76.5.51 » Whois
    Mozilla/5.0 (compatible; Baiduspider/2.0; +http://www.baidu.com/search/spider.html)	Index page	Fri 28 Sep 2012, 12:45 pm
    Google [Bot] IP: 66.249.74.10 » Whois
    Mozilla/5.0 (compatible; Googlebot/2.1; +http://www.google.com/bot.html)	Index page	Fri 28 Sep 2012, 12:44 pm
    
    
    Whois
    % [whois.apnic.net node-3]
    % Whois data copyright terms    http://www.apnic.net/db/dbcopyright.html
    
    inetnum:        202.46.32.0 - 202.46.63.255
    netname:        SUNRISE
    descr:          ShenZhen Sunrise Technology Co.,Ltd.
    descr:          2002 Jiabin Road,Luohu District,ShenZhen,China
    country:        CN
    admin-c:        MM546-AP
    tech-c:         MM546-AP
    mnt-by:         MAINT-CNNIC-AP
    mnt-routes:     MAINT-CNNIC-AP
    status:         ALLOCATED PORTABLE
    changed:        hm-changed@apnic.net 20050705
    source:         APNIC
    
    person:         Max Ma
    nic-hdl:        MM546-AP
    e-mail:         maxma@zequn.com
    address:        2002 Jiabin Road,Luohu District,ShenZhen ,China
    phone:          +86-755-82131588
    fax-no:         +86-755-82131651
    country:        CN
    changed:        shenzhi@cnnic.cn 20050701
    mnt-by:         MAINT-CNNIC-AP
    source:         APNIC
    Close window
    Powered by phpBB® Forum Software © phpBB Group
     
  2. Jkrohn1

    Jkrohn1 5P4M 80T
    Senior Citizen

    Joined:
    29 Jun 2012
    Messages:
    3,649
    Likes Received:
    428
    Trophy Points:
    1,265
    PSN:
    JKrohn1
    So it's not something to be worried about?
     
  3. HaloJ

    HaloJ Serious Gamer
    Senior Citizen

    Joined:
    28 Apr 2012
    Messages:
    1,362
    Likes Received:
    330
    Trophy Points:
    1,270
    PSN:
    HaloJ
    Not overly. I'm concerned about the number of guest hits increasing but it's not to the state that it's a denial of service attack nor any number that the hosting can't currently handle. My main issue is that those guest users are taking up resources. I know a few of them are bots which I need to add to the bot database but a good number are ranged IP addresses originating in the far east. Most often though if a site is breached they're not after the data they just want to piggy back a malware installation system or even secretly host a Paypal or a Bank scam site.

    Passwords wise they're all encrypted but it's always good practice if inconvenient to use different passwords for different sites.

    Abs
     
  4. HERMAN_JELMET

    HERMAN_JELMET Meatbag
    Staff Member Senior Citizen

    Joined:
    29 Jun 2012
    Messages:
    2,664
    Likes Received:
    1,664
    Trophy Points:
    1,620
    PSN:
    HERMAN_JELMET
    Just block china