Search found 10 matches

by Php Freek
Tue Dec 01, 2009 5:24 am
Forum: PHP - Code
Topic: PHP code within XML – Hidden execution of code - please help
Replies: 1
Views: 101

PHP code within XML – Hidden execution of code - please help

Hi all, I am hosting an Ecommerce site and there are lots of users who use our XML files to get daily updates of the gadgets and devices. All the URLs are like http://www.example.com/test.xml I want to keep track of this xml files. When any xml file is called on internet, I want to update the view c...
by Php Freek
Wed Jul 22, 2009 2:50 am
Forum: PHP - Security
Topic: Brute Force SYN Attach – Thousands Of Request A Second
Replies: 20
Views: 9113

Re: Brute Force SYN Attach – Thousands Of Request A Second

Hi all, Scanned the server with rootkit antispyware, no infection found. Regarding the firewall, put on BFD firewall over APF, still requests are not getting down. Also IP table is getting full of new ips and it is keeping network and site slow. Please advice for next steps to improve the performace...
by Php Freek
Mon Jul 20, 2009 12:26 am
Forum: PHP - Security
Topic: Brute Force SYN Attach – Thousands Of Request A Second
Replies: 20
Views: 9113

Re: Brute Force SYN Attach – Thousands Of Request A Second

Hi,

Anyone has idea regarding the Firewall which drops request at entry point for specific URL request? Currently we have tried are IP and pattern based only to slow down the attack, however, they are being smarter and keep generating new bunch of IP address.

Sam
by Php Freek
Sat Jul 18, 2009 2:12 am
Forum: PHP - Security
Topic: Brute Force SYN Attach – Thousands Of Request A Second
Replies: 20
Views: 9113

Re: Brute Force SYN Attach – Thousands Of Request A Second

Hi,

Tried all the rules for IP tables. :banghead: Not working buddy.

Anything to check from hacking point of view or any virus or malware scanning?

Just few more directions to think off. As all these things we have and we are trying. ANY Suggestion on this???

Sam
by Php Freek
Fri Jul 17, 2009 6:18 am
Forum: PHP - Security
Topic: Brute Force SYN Attach – Thousands Of Request A Second
Replies: 20
Views: 9113

Re: Brute Force SYN Attach – Thousands Of Request A Second

Hi, Thank you very much for all the details for firewall and important links. I will work with my other linux admins for these solutions and will try to give you update on this. I am doubting that it may be console who sends these requests. Regarding the Referrers, I am pretty sure. Do you think it ...
by Php Freek
Thu Jul 16, 2009 9:57 am
Forum: PHP - Security
Topic: Brute Force SYN Attach – Thousands Of Request A Second
Replies: 20
Views: 9113

Re: Brute Force SYN Attach – Thousands Of Request A Second

Hi, Thanks for all the details and suggestions. I just had a long meeting with my technical team and following are the updates. 1) SYN cookies is already Enable but not making much difference. 2) I will provide the packet details soon for the request to give the extra idea for the attack. 3) Followi...
by Php Freek
Thu Jul 16, 2009 6:17 am
Forum: PHP - Security
Topic: Brute Force SYN Attach – Thousands Of Request A Second
Replies: 20
Views: 9113

Re: Brute Force SYN Attach – Thousands Of Request A Second

Hi, Thanks for the prompt responses. @VladSun Yes, we are having a real nightmare right now. I will read these links in detail in will see if anything is useful. Also I will pass it to my technical team for further details. Also, SYN packets are carrying the http request however we are not getting a...
by Php Freek
Wed Jul 15, 2009 2:04 am
Forum: PHP - Security
Topic: Brute Force SYN Attach – Thousands Of Request A Second
Replies: 20
Views: 9113

Brute Force SYN Attach – Thousands Of Request A Second

Hi All, For the last 6 months our site has been under severe brute force, syn flood attack . They keep bombarding a single URL of the server and it is xml file. They are not attacking any other URL. e.g. http://www.example.com/rss123/attackedfilename.xml We have removed the xml page from our site bu...
by Php Freek
Fri Feb 15, 2008 11:45 pm
Forum: PHP - Code
Topic: php mail() problem
Replies: 3
Views: 137

Re: php mail() problem

Hi , I removed only '\r' from the code and it started working like a dream. Now this is weired i think. Why \r was working perfactly in old server and in new dedicated server it was not working?? Is it php 4 and php 5 problem or is it server security problem? Please let me know for the reason as \r\...
by Php Freek
Fri Feb 15, 2008 6:29 am
Forum: PHP - Code
Topic: php mail() problem
Replies: 3
Views: 137

php mail() problem

Hi All, I am facing strange problem right now in my server. I have php 5 installed with all needed rpms in linux server. I am using the mail() with following code. $headers = "MIME-Version: 1.0\n"; $headers .= "Content-type: text/html; charset=iso-8859-1\r\n"; $headers .= "F...