Help Support my Blog!

Virgin Mobile USA
Glasses USA
Amazon
Newegg
VPN4ALL
Netflix
Hulu
CafePress

 

Subscribe to Paul’s Tech Talk Affiliate Marketing Blog

Subscribe to Paul’s Tech Talk Science Fiction Blog

Subscribe to Paul’s Tech Talk Scams Blog

  • Acer 11.6
    Acer 11.6" Laptop 2GB 16GB | C710-2856
    Acer

    Currently  in process review this Acer Chrome book and boy is it nice!

Navigation
Sponsors

Entries in Hacked (2)

Monday
Feb232009

Being a Bad BOT!

badbot1

I had the strangest thing happen today, Seemed a Bad Bot was Crawling my pages. I was getting at least 60 page views an hour from this bad Bot!! The individual IP's of this Bad Are:
65.208.151.112
65.208.151.113
65.208.151.114
65.208.151.115
65.208.151.116
65.208.151.117
65.208.151.118
65.208.151.119


[ad#ad2-right]After the first initial hour of this going on, I started wondering what this bot was doing.   I did some more research into this little bot.   I did find out it is owned by Kintiskton LLC.  (Twitter Search)

Anyways It bothers me that when you do a Google Search for this company, it comes back with no company.  Some people have already did there research and have come up with very little.

I dug even more and some are saying this might be Homeland Security, and I have my own thoughts on this.   I might be paranoid myself but if there is no company out there and the IP keeps coming back, I assume it is BAD mojo.  Some people worry that it is a hacker probing for vulnerabilities and that worried me.

I decided with the Help from Godaddy, to ban the lot of IPs.  I figure someone is trying to get information or trying something they shouldn't, I'll stop it myself.   If you have Wordpress and are also having problems with this ip, you can ban it by adding this to your HtAccess file:

order allow,deny
deny from 65.208.151.112
deny from 65.208.151.113
deny from 65.208.151.114
deny from 65.208.151.115
deny from 65.208.151.116
deny from 65.208.151.117
deny from 65.208.151.118
deny from 65.208.151.119
allow from all


This is how you block those ip in the HtAccess file. Thanks to Wordpress for showing me how.
Thursday
Nov062008

Fake Wordpress update 2.6.4 steals data!

[ad#ad2-left]
The hacked version of the file pluggable appears to be stealing the content of cookies on larger installations of WordPress. Sophos are now detecting this file as Troj/WPHack-A.


[Via Sopho's]

Apparently this little update is a rogue update.  According to Sopho's and Craig Murphy’s blog, it is said to steal your data and send it to another site.  This hacked version of Wordpress is coming from wordpresz.org so if you happen to stumble onto this fake update, just delete it and go on with your blogging.   Craig talked about how when he logged it this fake update popped up.  So sometimes it is safer to do some digging before you apply an update especially to your Operating system.  Thanks to Sopho's for telling people about this fake and dangerous problem.