You might want to log all the submitted POST data for a few days in
case the spam spider comes around again. Add something like this to
the start of your script:
$fp=fopen('/tmp/'.time().'-'.uniqid().'-'.$_SERVER['REMOTE_ADDR'],'w');
fputs($fp,print_r($_REQUEST,TRUE));
fclose($fp);
~Rolan
On Nov 7, 2007 7:17 AM, <[EMAIL PROTECTED]> wrote:
> Hello David,
>
> Thanks for the tips. I was able to correlate the timestamp of the error
> message and the bad guys IP address. The are using a POST to do the
> injection.
>
> --
> Best regards,
> mikesz mailto:[EMAIL PROTECTED]
>
> _______________________________________________
>
> New York PHP Community Talk Mailing List
> http://lists.nyphp.org/mailman/listinfo/talk
>
> NYPHPCon 2006 Presentations Online
> http://www.nyphpcon.com
>
> Show Your Participation in New York PHP
> http://www.nyphp.org/show_participation.php
>
_______________________________________________
New York PHP Community Talk Mailing List
http://lists.nyphp.org/mailman/listinfo/talk
NYPHPCon 2006 Presentations Online
http://www.nyphpcon.com
Show Your Participation in New York PHP
http://www.nyphp.org/show_participation.php
