Quick heads up: IP BAN 202.44.37.30

Quick heads up: IP BAN 202.44.37.30

gan Randy Obert -
Number of replies: 2

This Moodle site is actively attempting to hack into servers, we have logs of attempts on 2 of our servers and have banned them from access to all. Whether they (the site owners are aware or not) is not relative, they either working as a proxy or are themselves actively running hack scripts...

202.44.37.30 

http://www.cpre.kmitnb.ac.th/lms/ 

 

Cyfartaledd sgoriau: -
In reply to Randy Obert

Re: Quick heads up: IP BAN 202.44.37.30

gan Dan Marsden -
Llun o Core developers Llun o Particularly helpful Moodlers Llun o Peer reviewers Llun o Plugin developers Llun o Plugins guardians Llun o Testers Llun o Translators
Hi Randy,

Moodle has a Security Center here:
http://security.moodle.org

If you get a chance, please post details regarding your findings there, so the security team can review the attempts to ensure no new vulnerabilities have been found!

thanks!

gwenu

Dan
Cyfartaledd sgoriau: -
In reply to Randy Obert

Re: Quick heads up: IP BAN 202.44.37.30

gan Martin Dougiamas -
Llun o Core developers Llun o Documentation writers Llun o Moodle HQ Llun o Particularly helpful Moodlers Llun o Plugin developers Llun o Testers
The *Moodle* site is doing no such thing. The *server* is.

It's very unlikely Moodle is involved. There could be 500 sites on that machine with 2000 web applications and 100 operating system exploits.

Have you tried contacting the owners of the server? It is a University so they would probably be very interested to see your evidence and fix their machine.
Cyfartaledd sgoriau: -