Notice, On-Off Today
March 3rd, 2015, 08:46
#1
SOH Administrator
Notice, On-Off Today
We are installing a new security script "ModSecurity" to this server, and we have to recompile the server scripts to do this, and some downtime is expected.
To read more on this go here, https://www.modsecurity.org/
Look What I Have Become!
March 4th, 2015, 03:33
#2
SOH Administrator
ok it has been installed, this morning I will recompile the forums to clean the floors.
Look What I Have Become!
March 4th, 2015, 13:37
#3
SOH Administrator
in the past 18 hours we have caught 150 trying to hack us from behind, here is an example of just 1 of these attacks
Time: Wed Mar 4 17:16:53 2015 -0500
IP: 90.203.219.111 (GB/United Kingdom/5acbdb6f.bb.sky.com)
Failures: 5 (mod_security)
Interval: 300 seconds
Blocked: Yes
Log entries:
[Wed Mar 04 17:16:48 2015] [error] [client 90.203.219.111] ModSecurity: Access denied with redirection to http://www.sim-outhouse.com/ using status 302 (phase 2). Match of "pm AppleWebKit Android" against "REQUEST_HEADERS:User-Agent" required. [file "/usr/local/apache/conf/modsec_vendor_configs/OWASP/rules/REQUEST-20-PROTOCOL-ENFORCEMENT.conf"] [line "299"] [id "960015"] [rev "3"] [msg "Request Missing an Accept Header"] [severity "NOTICE"] [ver "OWASP_CRS/3.0.0"] [maturity "9"] [accuracy "8"] [tag "Host: www.sim-outhouse.com"] [tag "OWASP_CRS/PROTOCOL_VIOLATION/MISSING_HEADER_ACCEPT"] [tag "WASCTC/WASC-21"] [tag "OWASP_TOP_10/A7"] [tag "PCI/6.5.10"] [hostname "www.sim-outhouse.com"] [uri "/sohforums/showthread.php"] [unique_id "VPeEUEjpTOoAADILetIAAAAJ"]
[Wed Mar 04 17:16:49 2015] [error] [client 90.203.219.111] ModSecurity: Access denied with redirection to http://www.sim-outhouse.com/ using status 302 (phase 2). Match of "pm AppleWebKit Android" against "REQUEST_HEADERS:User-Agent" required. [file "/usr/local/apache/conf/modsec_vendor_configs/OWASP/rules/REQUEST-20-PROTOCOL-ENFORCEMENT.conf"] [line "299"] [id "960015"] [rev "3"] [msg "Request Missing an Accept Header"] [severity "NOTICE"] [ver "OWASP_CRS/3.0.0"] [maturity "9"] [accuracy "8"] [tag "Host: www.sim-outhouse.com"] [tag "OWASP_CRS/PROTOCOL_VIOLATION/MISSING_HEADER_ACCEPT"] [tag "WASCTC/WASC-21"] [tag "OWASP_TOP_10/A7"] [tag "PCI/6.5.10"] [hostname "www.sim-outhouse.com"] [uri "/"] [unique_id "VPeEUUjpTOoAADILetMAAAAJ"]
[Wed Mar 04 17:16:49 2015] [error] [client 90.203.219.111] ModSecurity: Access denied with redirection to http://www.sim-outhouse.com/ using status 302 (phase 2). Match of "pm AppleWebKit Android" against "REQUEST_HEADERS:User-Agent" required. [file "/usr/local/apache/conf/modsec_vendor_configs/OWASP/rules/REQUEST-20-PROTOCOL-ENFORCEMENT.conf"] [line "299"] [id "960015"] [rev "3"] [msg "Request Missing an Accept Header"] [severity "NOTICE"] [ver "OWASP_CRS/3.0.0"] [maturity "9"] [accuracy "8"] [tag "Host: www.sim-outhouse.com"] [tag "OWASP_CRS/PROTOCOL_VIOLATION/MISSING_HEADER_ACCEPT"] [tag "WASCTC/WASC-21"] [tag "OWASP_TOP_10/A7"] [tag "PCI/6.5.10"] [hostname "www.sim-outhouse.com"] [uri "/"] [unique_id "VPeEUUjpTOoAADILetQAAAAJ"]
[Wed Mar 04 17:16:49 2015] [error] [client 90.203.219.111] ModSecurity: Access denied with redirection to http://www.sim-outhouse.com/ using status 302 (phase 2). Match of "pm AppleWebKit Android" against "REQUEST_HEADERS:User-Agent" required. [file "/usr/local/apache/conf/modsec_vendor_configs/OWASP/rules/REQUEST-20-PROTOCOL-ENFORCEMENT.conf"] [line "299"] [id "960015"] [rev "3"] [msg "Request Missing an Accept Header"] [severity "NOTICE"] [ver "OWASP_CRS/3.0.0"] [maturity "9"] [accuracy "8"] [tag "Host: www.sim-outhouse.com"] [tag "OWASP_CRS/PROTOCOL_VIOLATION/MISSING_HEADER_ACCEPT"] [tag "WASCTC/WASC-21"] [tag "OWASP_TOP_10/A7"] [tag "PCI/6.5.10"] [hostname "www.sim-outhouse.com"] [uri "/"] [unique_id "VPeEUUjpTOoAADILetUAAAAJ"]
[Wed Mar 04 17:16:49 2015] [error] [client 90.203.219.111] ModSecurity: Access denied with redirection to http://www.sim-outhouse.com/ using status 302 (phase 2). Match of "pm AppleWebKit Android" against "REQUEST_HEADERS:User-Agent" required. [file "/usr/local/apache/conf/modsec_vendor_configs/OWASP/rules/REQUEST-20-PROTOCOL-ENFORCEMENT.conf"] [line "299"] [id "960015"] [rev "3"] [msg "Request Missing an Accept Header"] [severity "NOTICE"] [ver "OWASP_CRS/3.0.0"] [maturity "9"] [accuracy "8"] [tag "Host: www.sim-outhouse.com"] [tag "OWASP_CRS/PROTOCOL_VIOLATION/MISSING_HEADER_ACCEPT"] [tag "WASCTC/WASC-21"] [tag "OWASP_TOP_10/A7"] [tag "PCI/6.5.10"] [hostname "www.sim-outhouse.com"] [uri "/"] [unique_id "VPeEUUjpTOoAADILetYAAAAJ"]
Look What I Have Become!
March 4th, 2015, 13:46
#4
SOH Administrator
nuther 1, note the same id tag
[unique_id "VPeKaEjpTOoAAFq7rpYAAAAU"]
Time: Wed Mar 4 17:42:54 2015 -0500
IP: 198.20.67.254 (US/United States/koala.filekoala.com)
Failures: 5 (mod_security)
Interval: 300 seconds
Blocked: Yes
Log entries:
[Wed Mar 04 17:42:48 2015] [error] [client 198.20.67.254] ModSecurity: Access denied with redirection to http://www.sim-outhouse.com/ using status 302 (phase 2). Operator EQ matched 0 at REQUEST_HEADERS. [file "/usr/local/apache/conf/modsec_vendor_configs/OWASP/rules/REQUEST-20-PROTOCOL-ENFORCEMENT.conf"] [line "317"] [id "960009"] [rev "1"] [msg "Request Missing a User Agent Header"] [severity "NOTICE"] [ver "OWASP_CRS/3.0.0"] [maturity "9"] [accuracy "9"] [tag "Host: www.sim-outhouse.com"] [tag "OWASP_CRS/PROTOCOL_VIOLATION/MISSING_HEADER_UA"] [tag "WASCTC/WASC-21"] [tag "OWASP_TOP_10/A7"] [tag "PCI/6.5.10"] [hostname "www.sim-outhouse.com"] [uri "/sohforums/archive/index.php/t-74671.html"] [unique_id "VPeKaEjpTOoAAFq7rpIAAAAU"]
[Wed Mar 04 17:42:48 2015] [error] [client 198.20.67.254] ModSecurity: Access denied with redirection to http://www.sim-outhouse.com/ using status 302 (phase 2). Operator EQ matched 0 at REQUEST_HEADERS. [file "/usr/local/apache/conf/modsec_vendor_configs/OWASP/rules/REQUEST-20-PROTOCOL-ENFORCEMENT.conf"] [line "317"] [id "960009"] [rev "1"] [msg "Request Missing a User Agent Header"] [severity "NOTICE"] [ver "OWASP_CRS/3.0.0"] [maturity "9"] [accuracy "9"] [tag "Host: www.sim-outhouse.com"] [tag "OWASP_CRS/PROTOCOL_VIOLATION/MISSING_HEADER_UA"] [tag "WASCTC/WASC-21"] [tag "OWASP_TOP_10/A7"] [tag "PCI/6.5.10"] [hostname "www.sim-outhouse.com"] [uri "/"] [unique_id "VPeKaEjpTOoAAFq7rpMAAAAU"]
[Wed Mar 04 17:42:48 2015] [error] [client 198.20.67.254] ModSecurity: Access denied with redirection to http://www.sim-outhouse.com/ using status 302 (phase 2). Operator EQ matched 0 at REQUEST_HEADERS. [file "/usr/local/apache/conf/modsec_vendor_configs/OWASP/rules/REQUEST-20-PROTOCOL-ENFORCEMENT.conf"] [line "317"] [id "960009"] [rev "1"] [msg "Request Missing a User Agent Header"] [severity "NOTICE"] [ver "OWASP_CRS/3.0.0"] [maturity "9"] [accuracy "9"] [tag "Host: www.sim-outhouse.com"] [tag "OWASP_CRS/PROTOCOL_VIOLATION/MISSING_HEADER_UA"] [tag "WASCTC/WASC-21"] [tag "OWASP_TOP_10/A7"] [tag "PCI/6.5.10"] [hostname "www.sim-outhouse.com"] [uri "/"] [unique_id "VPeKaEjpTOoAAFq7rpQAAAAU"]
[Wed Mar 04 17:42:48 2015] [error] [client 198.20.67.254] ModSecurity: Access denied with redirection to http://www.sim-outhouse.com/ using status 302 (phase 2). Operator EQ matched 0 at REQUEST_HEADERS. [file "/usr/local/apache/conf/modsec_vendor_configs/OWASP/rules/REQUEST-20-PROTOCOL-ENFORCEMENT.conf"] [line "317"] [id "960009"] [rev "1"] [msg "Request Missing a User Agent Header"] [severity "NOTICE"] [ver "OWASP_CRS/3.0.0"] [maturity "9"] [accuracy "9"] [tag "Host: www.sim-outhouse.com"] [tag "OWASP_CRS/PROTOCOL_VIOLATION/MISSING_HEADER_UA"] [tag "WASCTC/WASC-21"] [tag "OWASP_TOP_10/A7"] [tag "PCI/6.5.10"] [hostname "www.sim-outhouse.com"] [uri "/"] [unique_id "VPeKaEjpTOoAAFq7rpUAAAAU"]
[Wed Mar 04 17:42:48 2015] [error] [client 198.20.67.254] ModSecurity: Access denied with redirection to http://www.sim-outhouse.com/ using status 302 (phase 2). Operator EQ matched 0 at REQUEST_HEADERS. [file "/usr/local/apache/conf/modsec_vendor_configs/OWASP/rules/REQUEST-20-PROTOCOL-ENFORCEMENT.conf"] [line "317"] [id "960009"] [rev "1"] [msg "Request Missing a User Agent Header"] [severity "NOTICE"] [ver "OWASP_CRS/3.0.0"] [maturity "9"] [accuracy "9"] [tag "Host: www.sim-outhouse.com"] [tag "OWASP_CRS/PROTOCOL_VIOLATION/MISSING_HEADER_UA"] [tag "WASCTC/WASC-21"] [tag "OWASP_TOP_10/A7"] [tag "PCI/6.5.10"] [hostname "www.sim-outhouse.com"] [uri "/"] [unique_id "VPeKaEjpTOoAAFq7rpYAAAAU"]
Look What I Have Become!
March 4th, 2015, 13:51
#5
SOH Administrator
this is fun catching flies
Time: Wed Mar 4 17:46:34 2015 -0500
IP: 54.144.41.13 (US/United States/ec2-54-144-41-13.compute-1.amazonaws.com)
Failures: 5 (mod_security)
Interval: 300 seconds
Blocked: Yes
Log entries:
[Wed Mar 04 17:46:29 2015] [error] [client 54.144.41.13] ModSecurity: Access denied with redirection to http://sim-outhouse.com/ using status 302 (phase 2). Match of "pm AppleWebKit Android" against "REQUEST_HEADERS:User-Agent" required. [file "/usr/local/apache/conf/modsec_vendor_configs/OWASP/rules/REQUEST-20-PROTOCOL-ENFORCEMENT.conf"] [line "299"] [id "960015"] [rev "3"] [msg "Request Missing an Accept Header"] [severity "NOTICE"] [ver "OWASP_CRS/3.0.0"] [maturity "9"] [accuracy "8"] [tag "Host: sim-outhouse.com"] [tag "OWASP_CRS/PROTOCOL_VIOLATION/MISSING_HEADER_ACCEPT"] [tag "WASCTC/WASC-21"] [tag "OWASP_TOP_10/A7"] [tag "PCI/6.5.10"] [hostname "sim-outhouse.com"] [uri "/robots.txt"] [unique_id "VPeLRUjpTOoAAF8c6fsAAAAR"]
[Wed Mar 04 17:46:29 2015] [error] [client 54.144.41.13] ModSecurity: Access denied with redirection to http://www.sim-outhouse.com/ using status 302 (phase 2). Match of "pm AppleWebKit Android" against "REQUEST_HEADERS:User-Agent" required. [file "/usr/local/apache/conf/modsec_vendor_configs/OWASP/rules/REQUEST-20-PROTOCOL-ENFORCEMENT.conf"] [line "299"] [id "960015"] [rev "3"] [msg "Request Missing an Accept Header"] [severity "NOTICE"] [ver "OWASP_CRS/3.0.0"] [maturity "9"] [accuracy "8"] [tag "Host: www.sim-outhouse.com"] [tag "OWASP_CRS/PROTOCOL_VIOLATION/MISSING_HEADER_ACCEPT"] [tag "WASCTC/WASC-21"] [tag "OWASP_TOP_10/A7"] [tag "PCI/6.5.10"] [hostname "www.sim-outhouse.com"] [uri "/sohforums/showthread.php"] [unique_id "VPeLRUjpTOoAAF8Z564AAAAM"]
[Wed Mar 04 17:46:29 2015] [error] [client 54.144.41.13] ModSecurity: Access denied with redirection to http://sim-outhouse.com/ using status 302 (phase 2). Match of "pm AppleWebKit Android" against "REQUEST_HEADERS:User-Agent" required. [file "/usr/local/apache/conf/modsec_vendor_configs/OWASP/rules/REQUEST-20-PROTOCOL-ENFORCEMENT.conf"] [line "299"] [id "960015"] [rev "3"] [msg "Request Missing an Accept Header"] [severity "NOTICE"] [ver "OWASP_CRS/3.0.0"] [maturity "9"] [accuracy "8"] [tag "Host: sim-outhouse.com"] [tag "OWASP_CRS/PROTOCOL_VIOLATION/MISSING_HEADER_ACCEPT"] [tag "WASCTC/WASC-21"] [tag "OWASP_TOP_10/A7"] [tag "PCI/6.5.10"] [hostname "sim-outhouse.com"] [uri "/"] [unique_id "VPeLRUjpTOoAAF8c6fwAAAAR"]
[Wed Mar 04 17:46:29 2015] [error] [client 54.144.41.13] ModSecurity: Access denied with redirection to http://www.sim-outhouse.com/ using status 302 (phase 2). Match of "pm AppleWebKit Android" against "REQUEST_HEADERS:User-Agent" required. [file "/usr/local/apache/conf/modsec_vendor_configs/OWASP/rules/REQUEST-20-PROTOCOL-ENFORCEMENT.conf"] [line "299"] [id "960015"] [rev "3"] [msg "Request Missing an Accept Header"] [severity "NOTICE"] [ver "OWASP_CRS/3.0.0"] [maturity "9"] [accuracy "8"] [tag "Host: www.sim-outhouse.com"] [tag "OWASP_CRS/PROTOCOL_VIOLATION/MISSING_HEADER_ACCEPT"] [tag "WASCTC/WASC-21"] [tag "OWASP_TOP_10/A7"] [tag "PCI/6.5.10"] [hostname "www.sim-outhouse.com"] [uri "/"] [unique_id "VPeLRUjpTOoAAF8Z568AAAAM"]
[Wed Mar 04 17:46:29 2015] [error] [client 54.144.41.13] ModSecurity: Access denied with redirection to http://www.sim-outhouse.com/ using status 302 (phase 2). Match of "pm AppleWebKit Android" against "REQUEST_HEADERS:User-Agent" required. [file "/usr/local/apache/conf/modsec_vendor_configs/OWASP/rules/REQUEST-20-PROTOCOL-ENFORCEMENT.conf"] [line "299"] [id "960015"] [rev "3"] [msg "Request Missing an Accept Header"] [severity "NOTICE"] [ver "OWASP_CRS/3.0.0"] [maturity "9"] [accuracy "8"] [tag "Host: www.sim-outhouse.com"] [tag "OWASP_CRS/PROTOCOL_VIOLATION/MISSING_HEADER_ACCEPT"] [tag "WASCTC/WASC-21"] [tag "OWASP_TOP_10/A7"] [tag "PCI/6.5.10"] [hostname "www.sim-outhouse.com"] [uri "/robots.txt"] [unique_id "VPeLRUjpTOoAAGGv96AAAAAJ"]
Look What I Have Become!
March 4th, 2015, 15:23
#6
SOH Administrator
they just dont give up, must be from titan
the code is so far out that i have to show a screen shot only
Look What I Have Become!
Members who have read this thread: 1
Posting Permissions
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts
Forum Rules
Bookmarks