[TriLUG] so you think you've been rooted...

David McDowell turnpike420 at gmail.com
Wed Mar 11 10:48:35 EDT 2009


Robots.txt can help some with that search engine business, but I refer
back to my orig comments :)

On 3/11/09, Barry Gaskins <barry.gaskins at gmail.com> wrote:
>    Well I don't think the bots have feelings or anything but many of
> them do start with a list of compters to scan instead of randomly
> picking IP addresses to scan.
>
>    In this example of looking for roundcube servers to scan the bot
> could do a google search for
> welcome roundcube webmail username password
> That will get you a list of servers running roundcube to try to break
> into.  And since google will sort your list by popularity, the more
> popular sites are more likely to get broken into...
>
>
>    - Barry Gaskins
>
>
>
> On Wed, Mar 11, 2009 at 9:48 AM, David McDowell <turnpike420 at gmail.com>
> wrote:
>> I was curious if anyone knew if a bot had feelings or discriminated
>> from one site to the next? If you are out there, you should be
>> prepared. You can't expexct to wave your Jedi hand and say "you don't
>> really see us b/c we are small and insignificant"
>>
>>
>> On 3/11/09, Jarod Watkins <jarod at jxxtech.net> wrote:
>>> On Tue, 10 Mar 2009 17:13:07 -0400, Alan Porter <porter at trilug.org>
>>> wrote:
>>>>> Ouch, and to think I was going to install roundcube on my server this
>>>>> summer.
>>>>
>>>> I have roundcube on my personal server, but I hide it behind HTTP
>>>> authentication.  That means I can get to it when I need to, but it
>>>> is not open to Joe Random H4X0r to probe.
>>>>
>>>> Add a couple of lines to your apache config file, and continue to
>>>> use it.
>>>>
>>>> Alan
>>>
>>> I also run roundcube, however only on https. So far no script kiddies
>>> have
>>> tried to attack it. I believe most of their tools do not have tls support
>>> compiled in, so very few scan on https. Or maybe its just because I am so
>>> small no one cares.
>>> --
>>> TriLUG mailing list        :
>>> http://www.trilug.org/mailman/listinfo/trilug
>>> TriLUG FAQ  : http://www.trilug.org/wiki/Frequently_Asked_Questions
>>>
>>
>> --
>> Sent from my mobile device
>> --
>> TriLUG mailing list        : http://www.trilug.org/mailman/listinfo/trilug
>> TriLUG FAQ  : http://www.trilug.org/wiki/Frequently_Asked_Questions
>>
> --
> TriLUG mailing list        : http://www.trilug.org/mailman/listinfo/trilug
> TriLUG FAQ  : http://www.trilug.org/wiki/Frequently_Asked_Questions
>

-- 
Sent from my mobile device



More information about the TriLUG mailing list