Quick heads up: IP BAN 202.44.37.30

Quick heads up: IP BAN 202.44.37.30

by Randy Obert -
Number of replies: 2

This Moodle site is actively attempting to hack into servers, we have logs of attempts on 2 of our servers and have banned them from access to all. Whether they (the site owners are aware or not) is not relative, they either working as a proxy or are themselves actively running hack scripts...

202.44.37.30 

http://www.cpre.kmitnb.ac.th/lms/ 

 

Average of ratings: -
In reply to Randy Obert

Re: Quick heads up: IP BAN 202.44.37.30

by Dan Marsden -
Immàgine de Core developers Immàgine de Particularly helpful Moodlers Immàgine de Peer reviewers Immàgine de Plugin developers Immàgine de Plugins guardians Immàgine de Testers Immàgine de Translators
Hi Randy,

Moodle has a Security Center here:
http://security.moodle.org

If you get a chance, please post details regarding your findings there, so the security team can review the attempts to ensure no new vulnerabilities have been found!

thanks!

smile

Dan
In reply to Randy Obert

Re: Quick heads up: IP BAN 202.44.37.30

by Martin Dougiamas -
Immàgine de Core developers Immàgine de Documentation writers Immàgine de Moodle HQ Immàgine de Particularly helpful Moodlers Immàgine de Plugin developers Immàgine de Testers
The *Moodle* site is doing no such thing. The *server* is.

It's very unlikely Moodle is involved. There could be 500 sites on that machine with 2000 web applications and 100 operating system exploits.

Have you tried contacting the owners of the server? It is a University so they would probably be very interested to see your evidence and fix their machine.