having some little attack going on against one of my servers, a customer website was compromised (because the customer been too lazy to keep his Wordpress core and plugins up to date) and when cleaning the mess up I created a little PHP file with a URL redirect in it, and named it as the poopy shellscript they used (did not work anyway because I run apache with fcgi):
Code: Select all
http://www.zebraassetfinance.co.uk/wp-uti.php
since a couple of days there is a ridiculous dictionary attack against the mail service now, all the same IPs, seems the moron did an reverse IP lookup and now tries to log in over and over again to mail accounts of multiple hosted domains:
and now the lulzy part:
the domains are not even using the attacked server for email service (none of my hosted sites do), so the chances there are
any accounts on it are rather slim....