| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <4.3.2.7.2.20041225184906.02c3be50@localhost>
From: jack.yan at jyanet.com (Jack Yan)
Subject: Suspect phpBB users
Dear Full-Disclosure members:
I am not a computer expert, just a regular Joe who hopes this information
may be useful to you.
We are running phpBB and last week, a DoS attack was launched against us.
We have since upgraded, but among our new users over the last few days
have been a Weber361, a Weber395, and a nderevyanko.
Googling the last user name, I've found 4,900 references?most with
guestbooks or forums?to which nderevyanko has signed up. He has been
preceded by a few Webers, and some Irenas, often citing that
killhim.boom.ru is their home page.
I have heard that there is a phpBB worm doing the rounds over the
holidays, and wonder if this is related in some way.
My hosting company recommended this list and I hope members, being far
better versed on these matters than me, can get word out.
Other than the frequency with which the Webers and nderevyanko have
signed up to thousands of sites over the last few days, I've no proof that
they are malicious?but since the DoS attack I am on alert.
I hope this information is useful and that this has been a post that's
considered on-topic.
Yours sincerely,
Jack Yan, LL B, BCA (Hons.), MCA <http://jackyan.com>
CEO, Jack Yan & Associates <http://jya.net/>
CEO, Lucire LLC <http://www.lucire.net>
Lucire, the global fashion magazine: <http://www.lucire.com>
Visit Beyond Branding, <http://www.beyond-branding.com>?in its second printing
----------
Powered by blists - more mailing lists