Quick heads up: IP BAN 202.44.37.30

Quick heads up: IP BAN 202.44.37.30

by Randy Obert -
Number of replies: 2

This Moodle site is actively attempting to hack into servers, we have logs of attempts on 2 of our servers and have banned them from access to all. Whether they (the site owners are aware or not) is not relative, they either working as a proxy or are themselves actively running hack scripts...

202.44.37.30 

http://www.cpre.kmitnb.ac.th/lms/ 

 

Average of ratings: -
In reply to Randy Obert

Re: Quick heads up: IP BAN 202.44.37.30

by Dan Marsden -
Picture of Core developers Picture of Particularly helpful Moodlers Picture of Peer reviewers Picture of Plugin developers Picture of Plugins guardians Picture of Testers Picture of Translators
Hi Randy,

Moodle has a Security Center here:
http://security.moodle.org

If you get a chance, please post details regarding your findings there, so the security team can review the attempts to ensure no new vulnerabilities have been found!

thanks!

smile

Dan
Average of ratings: -
In reply to Randy Obert

Re: Quick heads up: IP BAN 202.44.37.30

by Martin Dougiamas -
Picture of Core developers Picture of Documentation writers Picture of Moodle HQ Picture of Particularly helpful Moodlers Picture of Plugin developers Picture of Testers
The *Moodle* site is doing no such thing. The *server* is.

It's very unlikely Moodle is involved. There could be 500 sites on that machine with 2000 web applications and 100 operating system exploits.

Have you tried contacting the owners of the server? It is a University so they would probably be very interested to see your evidence and fix their machine.
Average of ratings: -