PDA

View Full Version : Mystery guests



Rdb811
-11th August 2003, 22:19
There seems to be a large number of guests appearing on the forum - the number builds up - some kind of rogue browser / spider or just a bug ?

Gav
-12th August 2003, 07:09
I suspect they are lurkers. I know a couple of people who haven't signed [despite my urging!] up to the board but browser it regularly.

Rdb811
-12th August 2003, 12:01
Nearly 40 of them at 2:00 in the morning ?

Gav
-12th August 2003, 12:16
They might have been americans- who knows?

You should contact KingKenny who, as the webmaster, should be able to scrutinise the logs and give a definitive answer [should he wish].

wingnutLP
-26th August 2003, 20:01
Sadly Kenny is "resting" in Bali for a month!!

I will see if I can check the log but I suspect that they may be some kind of web crawler. Google and the other engined strip keywords from sites once in a while...

Moose
-29th August 2003, 00:08
We had a very similar thing happen over on once of our websites in July, turned out it was some kind of hackers challenge to take down as many sites as possible. Tho to be honest they might just be people who have surfed in from the LP site. Might be worth checking their country of origin and where they linked in from. Assuming you use something like Webstat to track traffic.

Rdb811
-29th August 2003, 00:43
See my earlier post - it was about 2:00 in the morning when usually there's only me on the forum which aroused my suspicsions.


It took me over a hour and a half to get home this evening.

Moose
-29th August 2003, 01:34
Ooooh I love messing with email address spiders. Create a page that generates random emails addresses then have a link at the bottom linking back to the page, they spider kinda has a meltdown :)

Neo
-18th April 2004, 17:06
most likely its search engine crawlers. My own traffic has a lot of them. The logs will say for certain tho.

Also check things like Bugtraq regularly and make sure you've got the latest version of vBulletin.

uk_45
-18th April 2004, 17:24
We know that we havn't it goes to version 3 now. but i dont think any one minds

Neo
-18th April 2004, 17:34
yeah but I'm not talking in terms of features, I mean in terms of security holes/exploits.

Neo
-18th April 2004, 22:24
Fasthosts is running apache 1.3.27 - if I remember correctly this has exploits in certain circumstances.

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2003-0542

Update: actually, looking at that exploit in more detail, it looks like a local exploit, rather than one that can be exploited remotely.

If it is someone scanning, could be what they're looking for. Also dunno about php version, but I think 4.3.0 or 4.3.1 had serious holes (dunno what fasthosts is running)