Hi all, I was looking through my server logs a couple of days ago and noticed that I my blog (redchocolate.ca) was the victim of a short attack against my login page (/accounts/login).
It wasn't very successful, as all the requests were GET requests, but there were 40 hits over 5 minutes. The attack was from 13/Mar/2006:16:06:53 to 13/Mar/2006:16:11:42 (times UTC). The request IP address was 66.17.15.154, which resolves to: 66-17-15-154.security.lightspeedsystems.com Apparently these folks are in the internet security industry. I wonder why they were so interested in that page. The browser signature suggest IE6: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; .NET CLR 1.1.4322; .NET CLR 2.0.50215 Maybe they were hacked ;) Paul _______________________________________________ Typo-list mailing list Typo-list@rubyforge.org http://rubyforge.org/mailman/listinfo/typo-list
