Geekzone: technology news, blogs, forums
Guest
Welcome Guest.
You haven't logged in yet. If you don't have an account you can register now.


sleemanj

1474 posts

Uber Geek


#267883 16-Feb-2020 13:28
Send private message

I got an error notification from one of my sites this morning, looking into it was rather odd why that error would occur, and started doing some digging.

 

Some cursory log searching revealed that a returning customer had triggered this error when they were doing a bit of door-handle rattling.  Swapping numbers in the URL to things they didn't have permission to, and what looks like naive searching for SQL injection potential.

 

They were not successful and they certainly did nothing to hide who they were or what they were doing.

 

As I was writing up a report to pass onto the owner's of the site to judge the threat level for the purchase this user had made, I did some googling and the person is supposedly an employee of one of NZ's large telecommunications companies, and both this current order and one some time ago are from the same IP on that company's network (which has a rather dodgy sounding reverse dns), of course that doesn't mean they "did it from work" but it's not a great look.

 

Obviously this, and all my other sites are continuously under a barrage of attempts at exploit like everybody else and on the one hand they didn't do anything that the site shouldn't be able to fend off, but on the other hand this being a local and actual human trying their luck, and potentially associated with their employer, I dunno, it just kinda annoys me more than it perhaps should.  If nothing else it's wasted an hour of my Sunday investigating it.

 

How do others feel about this sort of thing?





---
James Sleeman
I sell lots of stuff for electronic enthusiasts...


Filter this topic showing only the reply marked as answer Create new topic
nathan
5695 posts

Uber Geek
Inactive user


  #2421808 16-Feb-2020 13:30
Send private message

Is it a billable hour?

 
 
 
 

Get easy to use, easy to install Norton antivirus protection against advanced online threats (affiliate link).
sleemanj

1474 posts

Uber Geek


  #2421813 16-Feb-2020 13:35
Send private message

nathan: Is it a billable hour?

 

Hah, no not really.

 

 

 

 





---
James Sleeman
I sell lots of stuff for electronic enthusiasts...


  #2421823 16-Feb-2020 14:13
Send private message

Make analogue contact. A note, delivered by courier, detailing his efforts will probably shock him into some form of respect. Keep a copy of the note & delivery schedule in case he ignores the warning - that one goes to his boss.

Taking the event out of the digital world can bring it home to beginners that they're not half as clever as they thought, & that they have a lot to lose. If you caught someone swapping price tags on physical goods in a bricks & mortar store, would you take action? I would. Same thing in a digital environment, he needs a slap.




Megabyte - so geek it megahertz



skewt
705 posts

Ultimate Geek


  #2421840 16-Feb-2020 15:27
Send private message

Its also possible they were just searching for vulnerabilities which they would have passed on to the site owner so I wouldn't jump to conclusions that they had bad intentions

 

 

 

 


sleemanj

1474 posts

Uber Geek


  #2421842 16-Feb-2020 15:45
Send private message

skewt:

 

Its also possible they were just searching for vulnerabilities which they would have passed on to the site owner so I wouldn't jump to conclusions that they had bad intentions

 

 

 

 

Certainly possible.  The leetspeak in their reverse DNS gives me pause for thought though.

 

Eh, I've passed my report to the site owner in their hands now, maybe I'll suggest they include a little "thank you" note for "testing" their website ;-)

 

 





---
James Sleeman
I sell lots of stuff for electronic enthusiasts...


Filter this topic showing only the reply marked as answer Create new topic





News and reviews »

Samsung Announces Galaxy AI
Posted 28-Nov-2023 14:48


Epson Launches EH-LS650 Ultra Short Throw Smart Streaming Laser Projector
Posted 28-Nov-2023 14:38


Fitbit Charge 6 Review 
Posted 27-Nov-2023 16:21


Cisco Launches New Research Highlighting Gap in Preparedness for AI
Posted 23-Nov-2023 15:50


Seagate Takes Block Storage System to New Heights Reaching 2.5 PB
Posted 23-Nov-2023 15:45


Seagate Nytro 4350 NVMe SSD Delivers Consistent Application Performance and High QoS to Data Centers
Posted 23-Nov-2023 15:38


Amazon Fire TV Stick 4k Max (2nd Generation) Review
Posted 14-Nov-2023 16:17


Over half of New Zealand adults surveyed concerned about AI shopping scams
Posted 3-Nov-2023 10:42


Super Mario Bros. Wonder Launches on Nintendo Switch
Posted 24-Oct-2023 10:56


Google Releases Nest WiFi Pro in New Zealand
Posted 24-Oct-2023 10:18


Amazon Introduces All-New Echo Pop in New Zealand
Posted 23-Oct-2023 19:49


HyperX Unveils Their First Webcam and Audio Mixer Plus
Posted 20-Oct-2023 11:47


Seagate Introduces Exos 24TB Hard Drives for Hyperscalers and Enterprise Data Centres
Posted 20-Oct-2023 11:43


Dyson Zone Noise-Cancelling Headphones Comes to New Zealand
Posted 20-Oct-2023 11:33


The OPPO Find N3 Launches Globally Available in New Zealand Mid-November
Posted 20-Oct-2023 11:06









Geekzone Live »

Try automatic live updates from Geekzone directly in your browser, without refreshing the page, with Geekzone Live now.



Are you subscribed to our RSS feed? You can download the latest headlines and summaries from our stories directly to your computer or smartphone by using a feed reader.







Norton for Gamers