Knock It Off, Amazon!

OK, you mean Amazon turkeys, I'm on to you!

I suddently noticed a lot of access denied messages in my error logs. Some one or some thing has been trying to edit my blog posts... luckily I keep my security patches up to date.

Anyway, I recorded the IP addresses, and used ARIS WHOIS to trace back their IP addresses, and guess what? Its Amazon.com.

Hookay...

I don't know if its a sysadmin who was mad that I posted info on security holes at Amazon.com (which they fixed nicely)... a hacker who is disguising their IP address... or a misconfigured web spider. It could be a taunt, an accident, or malice.

In any event, I'll be contacting them and my ISP in the morning. I hope I can schmooze a free book out of this...

FYI, here's the list of IP addresses in my logs... draw your own conclusions.

216.182.228.186
216.182.230.226
216.182.233.20
216.182.233.23
216.182.233.30
216.182.233.48
216.182.233.58
216.182.236.185
216.182.236.187
216.182.236.224
216.182.236.224
216.182.236.233
216.182.236.241
216.182.236.249
216.182.236.254
216.182.236.54
216.182.236.61
216.182.236.65
216.182.236.99
216.182.237.154
216.182.237.17
216.182.237.203
216.182.237.212
216.182.237.252
216.182.237.86

comments

MidPhase Came Through!

This site is hosted on a shared server by MidPhase.com, so I only have limited access to tools that would let me perform network security countermeasures...

Thankfully, Aleksandr the Ukrainian sysadmin at MidPhase was really on the ball, and showed me what IP-blocking tools they had. MidPhase is awesome, and I strongly recommend them. Their network has never been down... although they sometimes back up my database when I'm least expecting it!

My apologies to South Africa, but I had to block a good chunk of your country until Amazon squashes this nefarious hacker. In pennance I promise to visit the Dolphin Coast and Zulu Kingdom in 2007. Seriously! I bought The Rough Guide To South Africa last week. What are the odds???

Needless to say, this is the second security hole I helped Amazon track down in four months. And what did I get? No money. Not even snaps!

If I have to thwart one more Amazon hacker before I visit South Africa, I swear they should be obligated to throw me a bone! How about some books from my wish list?

Or how about a Wii? I'm totally flexible.

it appears to be working...

The countermeasures appear to have thwarted the beast...

I haven't had an attack get through in 2 hours. That South African hacker knew a thing or two... Seriously! Total snaps for bypassing the first few layers. How the heck did he crack Amazon.com??? Fortunately, I happened to be awake at 2AM on a Friday morning, and had tenacious allies in Kiev... so luck was against him.

Recent comments