Serious they sent me a warning stating that tey have detected IRC traffic.... and that I should scan my systems since.... IRC is a good indicator of malicious software....
Are they crazy?!?
on 07/06/2012 – Made popular on 07/06/2012
I have a glassfish server running some webservice and I noticed that there is an abnormal traffic from japan (150.70.x.x) in my iptables log file and I dont have any user in this country .
Until now this IPs didn't succed to connect to my webservice .
Project honeypot detected this IPs as malicious so I want to dig more and understand what this hacker is trying to do .
I've got a new client whose site looks like it has been hacked. It's running Drupal and I have run Hacked on it to verify that the file structure hasn't changed. I can add the Paranoia module, but it's a bit late.
Unfortunately, the site was developed with a lot of PHP code inserted directly into nodes, so a lot of custom code is sitting in the database. It's all run through eval().
I've only found generic descriptions that have sensors capture network traffic and analyzes the content of the individual packets for malicious traffic. What I want to know is specifically what kind of information is logged from the network traffic and packets and how the system would know it is malicious. Any tips/guidance would be greatly appreciated! Thanks!!
Can you survive the crazy dash without a crash? Let the best drivers win!!
Presenting Crazy Highway Dash the best traffic racing game, ever!!
Race your way through the crazy traffic on the busy highway across the country.
Collect coins while racing, dodge the traffic and unlock more amazing vehicles....