Home  News  NN Blogs Chat  Advertise  Search  Privacy

Author Posts: Jon McQ Dale Bryan Billy Lance Michael Jason
 
Meta-Blog

SEARCH QandO

Email:
Jon Henke
Bruce "McQ" McQuain
Dale Franks
Bryan Pick
Billy Hollis
Lance Paddock
MichaelW

BLOGROLL QandO
 
 
Recent Posts
The Ayers Resurrection Tour
Special Friends Get Special Breaks
One Hour
The Hope and Change Express - stalled in the slow lane
Michael Steele New RNC Chairman
Things that make you go "hmmmm"...
Oh yeah, that "rule of law" thing ...
Putting Dollar Signs in Front Of The AGW Hoax
Moving toward a 60 vote majority?
Do As I Say ....
 
 
QandO Newsroom

Newsroom Home Page

US News

US National News
Politics
Business
Science
Technology
Health
Entertainment
Sports
Opinion/Editorial

International News

Top World New
Iraq News
Mideast Conflict

Blogging

Blogpulse Daily Highlights
Daypop Top 40 Links

Regional

Regional News

Publications

News Publications
 
FYI
Posted by: McQ on Sunday, May 25, 2008

 We've been under repeated attack the last two days by hackers who have been hitting us at server level.

Bear with us as we figure out how to keep it from happening, but if you see an absence of posts or find QandO unavailable short while, that's what happening. We're doing all we can to get back up and fight off the a-holes doing this.

DALE Adds:

What appear to be happening is that some hackers in China are hitting the SQL Server directly, and adding a javascript link to a malicious script.

I have attempted to defeat this by implementing some new stuff. We'll see how that works.
 
TrackBacks
Return to Main Blog Page
 
 

Previous Comments to this Post 

Comments
Time to block 202.*.*.*? I’d hate that, but sometimes you have to nuke the site from orbit because it’s the only way to be sure.
 
Written By: Billy Hollis
URL: http://
Hey, some of us read this site from China!
 
Written By: Harun
URL: http://
The bad guys will just use some poor schmucks captured machine.

Why is the SQL server even accessable from the internet? (Yeah, I’m used to large datacenters)
 
Written By: Ryan
URL: http://
Aha... this would explain the database driven script failures I’ve been getting when I post a comment.

FWIW, I wish you luck, here, guys.
 
Written By: Bithead
URL: http://bitsblog.florack.us
Out of curiosity, why is the SQL Server even exposed directly to the internet? Shouldn’t that be sitting completely isolated by the firewall, so that only the webserver is available from outside. (And only port 80 at that... and possibly an admin port.)
 
Written By: Tito
URL: http://
Out of curiosity, why is the SQL Server even exposed directly to the internet?
It isn’t. Only the web site has to be exposed to the internet.
 
Written By: Dale Franks
URL: http://www.qando.net

 
Add Your Comment
  NOTICE: While we don't wish to censor your thoughts, we do blacklist certain terms of profanity or obscenity. This is not to muzzle you, but to ensure that the blog remains work-safe for our readers. If you wish to use profanity, simply insert asterisks (*) where the vowels usually go. Your meaning will still be clear, but our readers will be able to view the blog without worrying that content monitoring will get them in trouble when reading it.
Comments for this entry are closed.
Name:
Email:
URL:
HTML Tools:
 Bold Italic Blockquote Hyperlink
Comment:
   
 
Vicious Capitalism

Divider

Buy Dale's Book!
Slackernomics by Dale Franks

Divider

Divider