abqdan: (Default)
[personal profile] abqdan
Once again I had to spend hours blocking a distributed hack attack. This one originated from three locations - Canada, Russia, and China. While I think two might have been bots controlled from elsewhere, the Russian attack was at least in part conducted by a human.

The general purpose of the regular attacks against websites I maintain seems to be to install malware and/or to install porn directories, which users are then directed to from other hacked sites. The problem has grown tremendously in the past few years.

In addition to this particular attack, last week the ISP I use was hit with a DDOS attack, and a brute-force attack against all WordPress sites hosted on their servers.

The continued and frequent attacks mean I can spend less of my time on actual site maintenance; I can only imagine the hours consumed in total by owners of small websites.

But the really disturbing thing is the number of hacked computers that are now controlled remotely by botnets, which are responsible for these attacks; and the number of sites that are maintained by people who can't tell an SQL injection attack from their armpit. In many ways, the tools that have enabled just about anyone to create a web presence are responsible for the growth of these attack vectors - there are so many sites out there with trivial attempts at security that they are sitting ducks for these concerted efforts launched by criminal networks.

I recently read an article that highlighted a particular town in Russia. Twenty years ago, it was a small farming community; it is now home to thousands of programmers, all hired to come up with new ways to hack websites. And apparently, this is either not illegal there, or the authorities have no way (or maybe interest) in shutting down this activity.

I wonder how much longer small sites can exist; even major corporations are unable to keep ahead of all the attacks on their infrastructure. A single owner has no hope of maintaining sufficient security to beat off every access attempt.

Color me disillusioned.
From:
Anonymous( )Anonymous This account has disabled anonymous posting.
OpenID( )OpenID You can comment on this post while signed in with an account from many other sites, once you have confirmed your email address. Sign in using OpenID.
User
Account name:
Password:
If you don't have an account you can create one now.
Subject:
HTML doesn't work in the subject.

Message:

 
Notice: This account is set to log the IP addresses of everyone who comments.
Links will be displayed as unclickable URLs to help prevent spam.

Profile

abqdan: (Default)
abqdan

March 2014

S M T W T F S
      1
2345678
91011121314 15
16171819202122
23242526272829
3031     

Most Popular Tags

  • ! - 1 use
  • i - 1 use
  • n - 1 use

Style Credit

Expand Cut Tags

No cut tags
Page generated Jul. 25th, 2017 08:32 pm
Powered by Dreamwidth Studios