[wp-hackers] Zombies aimed at WordPress [s]

John Ha [c] mailing-lists at netspace.net.au
Thu Oct 13 15:02:06 GMT 2005


yes, a solution at the server level would be better, but more tedious to
maintain. in the end it's what's best for your situation i suppose.

john ha
----- Original Message ----- 
From: "Roy Schestowitz" <r at schestowitz.com>
To: <wp-hackers at lists.automattic.com>
Sent: Friday, October 14, 2005 12:56 AM
Subject: Re: [wp-hackers] Zombies aimed at WordPress


> _____/ On Thu 13 Oct 2005 14:24:18 BST, [Jason Bainbridge] wrote : \_____
>
> > On 10/13/05, Roy Schestowitz <r at schestowitz.com> wrote:
> >> ...
> >> * Bad Behaviour - needs access to server (pointed out here)
> >
> > Uhm no it doesn't and hence why several times you've been recommended
> > to install it:
> >
> > http://www.ioerror.us/software/bad-behavior/in...
> >
> > Well unless you call FTP'ng the plugin files "Access to the server"
> > but if you don't have FTP well no comment...
>
>
> Oh, sorry...! My misinterpretation. The only glaring pitfall is that it
covers
> WordPress only, which probably occupies around 10% of my site's content.
There
> is indeed an advantage to using a single, uniformal CMS across the entire
site
> as opposed to a diversity. It decreases the amount of work associated with
> critical updates and it saves some learning curve, complements integration
and
> so forth. Then again, what would you do when features "in the wild" do not
> overlap sufficiently? For example, image galleries using WordPress, Wiki
> intergation with/encapsulation in WordPress, Forums and blog software...
>
>
> _____/ On Thu 13 Oct 2005 15:19:30 BST, [John Ha [c]] wrote : \_____
>
> > 3rd time lucky? haha...bad-behaviour does not need server access. it's a
> > plugin. drop in and activate, then forget. so if u have access to your
admin
> > pages you can use bad-behaviour. (i view logs using phpadmin - althought
> > bb-stats can be used to see stats generated from this plugin)
> >
> > john ha
>
> This might serve as a temporary solution. If the attacker moves to
> other pages,
> I will be exposed again. A solution at Apache (or equiv.) level seems
> better in
> the long run.
>
>
> _____/ On Thu 13 Oct 2005 15:16:18 BST, [Jason A. Trommetter] wrote :
\_____
>
> > I've been very happy with Referrer Karma from
> > http://unknowngenius.com/blog/
> >
> > It catches thousands of referrer spam hits per day and I suppose it's
> > blocking zombies also? It integrates very easily into WordPress and
> > cooperates nicely with Spam Karma.
>
> Will it not be hard to tell what it does 'behind the scenes'? I mean,
> apart from
> reviewing the code, there need to be some good summaries. Spaminator, for
> example, was terrible as it killed some genuine comments and it only
logged
> using individual E-mails. Looking at each E-mail in turn was impractical,
> laborious and error-prone. When you compose your own rules and keep them
> simple, it is easier to know what is going on. Thus, you are bound to
> feel more
> relieved with the plug-in/s enabled. There were other such plug-ins which
were
> problematic. CAPTCHA plug-ins, for instance, caused me (Well... commenters
> rather) a lot of trouble.
>
> The little I have done seems to have led to same cessation in the number
of
> attacks. It's based on a very short time period though, so I can't get
> my hopes
> up, yet.
>
> The following was published 3 hours ago:
>
> http://www.pcpro.co.uk/news/78589/uk-as-zombie-nation-in-doubt.html
>
> Roy
> -- 
> Roy S. Schestowitz      | "Black holes are where God is divided by zero"
> http://Schestowitz.com  |    SuSE Linux    |     PGP-Key: 74572E8E
>   3:30pm  up 49 days  3:44,  4 users,  load average: 0.66, 0.64, 0.55
>       http://iuron.com - next generation of search paradigms
>
> _______________________________________________
> wp-hackers mailing list
> wp-hackers at lists.automattic.com
> http://lists.automattic.com/mailman/listinfo/wp-hackers
>



-- 
------------------------ [ SECURITY NOTICE ]
------------------------
To: wp-hackers at lists.automattic.com.
For your security, mailing-lists at netspace.net.au
digitally signed this message on 13 October 2005 at 15:03:16 UTC.
Verify this digital signature at http://www.ciphire.com/verify.
------------------- [ CIPHIRE DIGITAL SIGNATURE ]
-------------------
Q2lwaGlyZSBTaWcuAjh3cC1oYWNrZXJzQGxpc3RzLmF1dG9tYXR0aWMuY29tAG1haWxpb
mctbGlzdHNAbmV0c3BhY2UubmV0LmF1AGVtYWlsIGJvZHkARQwAAHwAfAAAAAEAAAA0d0
5DRQwAAAoCAAIAAgACACAe5TcBbmIU6owNe1xZd/iId1LWxoic0s8JYnXeBrMqZgEAoH7
uzw9IZPyJ563ZYHUtH1HUo9KSbjEaKJV3swG1Unpyla1QUjf4lgijYxM9ovH82UTg4P7s
i3+ENYRIGwHOuqwdWZumU2lnRW5k
--------------------- [ END DIGITAL SIGNATURE ]
---------------------



More information about the wp-hackers mailing list