cyveillance attack on our servers

From: Campbell Murray (electronichacker@googlemail.com)
Date: Wed Oct 11 2006 - 04:55:46 EDT


Group, your thoughts and experience please.

 We have recently been subject to a series of scans originating from
the IP address 65.222.176.125. A lookup on Arin reveals the owners as
cyveillance and further investigation via Google indicates that we are
not alone as victims of hacking attacks from this organisation:
please read http://cyveillance.linuxgod.net/

Logs that we have collected from our webservers show not just site
crawling [which we have no problem with] but attempts to uncover
hidden directories, cross site scripting and SQL injection against
known and possible page targets on our main AND satellite websites.
The pattern of the scans is similar to that of the Syhunt assessment
tool and we are assuming either this or a similar tool has been used
on our URLs.

Has anybody else experienced similar problems with this organisation?

Kind Regards,

Campbell

------------------------------------------------------------------------
This List Sponsored by: Cenzic

Need to secure your web apps?
Cenzic Hailstorm finds vulnerabilities fast.
Click the link to buy it, try it or download Hailstorm for FREE.
http://www.cenzic.com/products_services/download_hailstorm.php?camp=701600000008bOW
------------------------------------------------------------------------



This archive was generated by hypermail 2.1.7 : Sat Apr 12 2008 - 10:57:10 EDT