security – Journal of PlanetMike

WP-Login.php Attempts for May 16, 2013

Michael Clark — Fri, 17 May 2013 15:55:28 +0000

I logged over 3,000 attempts to login to my WordPress sites on May 16th. Luckily, they were mostly immediately blocked, added to my firewall. The list of 1,501 different attacking IP addresses can be found here. 7b1d91231a87fb75e0054e886a0dea57

So far today (Friday the 17th) I have logged over 1,800 attempts to log into my sites via wp-login.php.

198.136.50.162 06/Dec/2019:01:58:47

Copyright © 2019 Journal of PlanetMike. This Feed is for personal non-commercial use only. If you are not reading this material at http://www.planetmike.com/ or in your news aggregator, the site you are looking at is guilty of copyright infringement. Please contact copyright@planetmike.com so we can take legal action immediately.

WP-Login.php Attempts for May 15, 2013

Michael Clark — Thu, 16 May 2013 11:11:46 +0000

Yesterday I logged over 2,200 attempts to login to my WordPress sites. Luckily, they were mostly immediately blocked, added to my firewall. The list of 1,473 different attacking IP addresses can be found here. 7b1d91231a87fb75e0054e886a0dea57

So far today (Thursday the 16th) I have logged over 1,000 attempts to log into my sites via wp-login.php.

WP-Login.php Attempts for May 14, 2013

Michael Clark — Wed, 15 May 2013 13:10:32 +0000

Yesterday I logged over 4,500 attempts to login to my WordPress sites. Luckily, they were mostly immediately blocked, added to my firewall. The list of 3,340 different attacking IP addresses can be found here. 7b1d91231a87fb75e0054e886a0dea57

So far today (Wednesday the 15th) I have logged over 800 attempts to log into my sites via wp-login.php.

WP-Login.php Attempts for May 13, 2013

Michael Clark — Tue, 14 May 2013 18:40:25 +0000

Yesterday I logged over 7,000 attempts to login to my WordPress sites. Luckily, they were mostly immediately blocked, added to my firewall. The list of 4,033 different attacking IP addresses can be found here. The attack started at 2:50 in the afternoon on Monday the 13th. Sunday I received only six attempts, so classifying this as an attack is definitely appropriate. 7b1d91231a87fb75e0054e886a0dea57

So far today (Tuesday the 14th) I have logged over 2,800 attempts to log into my sites via wp-login.php. And that number has increased by 25 in the time it’s taken me to type these few sentences.

TimThumb.php Vulnerability Scans

Michael Clark — Fri, 09 Sep 2011 15:06:13 +0000

Earlier today one of my web sites was scanned for the timthumb.php script. timthumb is a web application that allows for the site to gather and resize images. The script is included in a lot of WordPress themes, such as the list of 332 themes listed at the bottom of this post. If you are using one of these themes, upgrade it, and confirm that timthumb has been upgraded to address its security problems. 7b1d91231a87fb75e0054e886a0dea57

Besides getting the newest version of timthumb, something else you should do is change the name of the directory that your theme is in. This called security by obscurity. Yes, it’s lame in that the directory name itself is visible to the public, but you will make a it a bit more difficult for attackers to scan your system.

Also make sure that you’ve removed any themes or plugins from your site that you aren’t actively using. (Keep twentyten and twentyeleven, the default WordPress themes though).

Over the past month, these IP addresses have scanned my sites for vulnerable timthumb scripts. Block them! Either via a “Deny from ” command in your .htaccess, or via iptables or your firewall.

46.4.114.111: 111.114.4.46.in-addr.arpa domain name pointer static.111.114.4.46.clients.your-server.de.
88.198.51.36: 36.51.198.88.in-addr.arpa domain name pointer static.88-198-51-36.clients.your-server.de.
89.149.202.94: 94.202.149.89.in-addr.arpa domain name pointer mail.allgatas.com.
91.224.160.182: 182.160.224.91.in-addr.arpa domain name pointer hosted-by.bergdorf-group.com.
108.200.252.19: 19.252.200.108.in-addr.arpa domain name pointer 108-200-252-19.lightspeed.stlsmo.sbcglobal.net.
176.9.18.121: 121.18.9.176.in-addr.arpa domain name pointer static.121.18.9.176.clients.your-server.de.
178.162.181.97: Host 97.181.162.178.in-addr.arpa. not found: 3(NXDOMAIN) (IP assigned to Leaseweb Germany GmbH)
188.138.113.14: 14.113.138.188.in-addr.arpa domain name pointer zebra814.server4you.net.
188.229.89.14: Host 14.89.229.188.in-addr.arpa. not found: 3(NXDOMAIN) (IP assigned to Netserv Consult SRL, Bucharest, Romania)
188.72.230.134: Host 134.230.72.188.in-addr.arpa. not found: 3(NXDOMAIN) (IP assigned to Leaseweb Germany GmbH)
216.246.79.192: 192.79.246.216.in-addr.arpa domain name pointer class192.techniland.net.

List of resources that were scanned:

http://example.com/wp-content/themes/TheStyle/timthumb.php
http://example.com/wp-content/themes/nool/timthumb.php
http://example.com/wp-content/themes/PersonalPress/timthumb.php
http://example.com/wp-content/themes/SimplePress/timthumb.php
http://example.com/wp-content/themes/DeepFocus/timthumb.php
http://example.com/wp-content/themes/DelicateNews/timthumb.php
http://example.com/wp-content/themes/Bold/timthumb.php
http://example.com/wp-content/themes/eStore/timthumb.php
http://example.com/wp-content/themes/TheProfessional/timthumb.php
http://example.com/wp-content/themes/OnTheGo/timthumb.php
http://example.com/wp-content/themes/AskIt/timthumb.php
http://example.com/wp-content/themes/Nova/timthumb.php
http://example.com/wp-content/themes/eNews/timthumb.php
http://example.com/wp-content/themes/eVid/timthumb.php
http://example.com/wp-content/themes/TheCorporation/timthumb.php
http://example.com/wp-content/themes/Minimal/timthumb.php
http://example.com/wp-content/themes/Polished/timthumb.php
http://example.com/wp-content/themes/MyResume/timthumb.php
http://example.com/wp-content/themes/TheSource/timthumb.php
http://example.com/wp-content/themes/StudioBlue/timthumb.php
http://example.com/wp-content/themes/Wooden/timthumb.php
http://example.com/wp-content/themes/WhosWho/timthumb.php
http://example.com/wp-content/themes/Quadro/timthumb.php
http://example.com/wp-content/themes/Glow/timthumb.php
http://example.com/wp-content/themes/Modest/timthumb.php
http://example.com/wp-content/themes/Aggregate/timthumb.php
http://example.com/wp-content/themes/ArtSee/timthumb.php
http://example.com/wp-content/themes/versatile/timthumb.php
http://example.com/wp-content/themes/omni-shop/timthumb.php
http://example.com/wp-content/themes/manifesto/scripts/timthumb.php
http://example.com/wp-content/themes/arthem-mod/scripts/timthumb.php
http://example.com/wp-content/themes/echoes/timthumb.php
http://example.com/wp-content/themes/Bold4/timthumb.php
http://example.com/wp-content/themes/primely-theme/scripts/timthumb.php
http://example.com/wp-content/themes/zenkoreviewRD/scripts/timthumb.php
http://example.com/wp-content/themes/ElegantEstate/timthumb.php
http://example.com/wp-content/themes/PersonalPress2/timthumb.php
http://example.com/wp-content/themes/mypage/scripts/timthumb.php
http://example.com/wp-content/themes/magazinum/scripts/timthumb.php
http://example.com/wp-content/themes/pbv_multi/scripts/timthumb.php
http://example.com/wp-content/themes/photofeature/scripts/timthumb.php
http://example.com/wp-content/themes/ColdStone/timthumb.php
http://example.com/wp-content/themes/HMDeepFocus/timthumb.php
http://example.com/wp-content/themes/EarthlyTouch/timthumb.php
http://example.com/wp-content/themes/Boutique/timthumb.php
http://example.com/wp-content/themes/ePhoto/timthumb.php
http://example.com/wp-content/themes/PureType/timthumb.php
http://example.com/wp-content/themes/13Floor/timthumb.php
http://example.com/wp-content/themes/BusinessCard/timthumb.php
http://example.com/wp-content/themes/CherryTruffle/timthumb.php
http://example.com/wp-content/themes/Cion/timthumb.php
http://example.com/wp-content/themes/DailyNotes/timthumb.php
http://example.com/wp-content/themes/eGallery/timthumb.php
http://example.com/wp-content/themes/eGamer/timthumb.php
http://example.com/wp-content/themes/GrungeMag/timthumb.php
http://example.com/wp-content/themes/Influx/timthumb.php
http://example.com/wp-content/themes/LightBright/timthumb.php
http://example.com/wp-content/themes/LightSource/timthumb.php
http://example.com/wp-content/themes/Magnificent/timthumb.php
http://example.com/wp-content/themes/Memoir/timthumb.php
http://example.com/wp-content/themes/AskIt_v1.6/AskIt/timthumb.php
http://example.com/wp-content/themes/TidalForce/timthumb.php
http://example.com/wp-content/themes/Atlantis/timthumb.php
http://example.com/wp-content/themes/DelicateNewsYellow/timthumb.php
http://example.com/wp-content/themes/themorningafter/timthumb.php
http://example.com/wp-content/themes/arthemia-premium/scripts/timthumb.php
http://example.com/wp-content/themes/arthemia/scripts/timthumb.php
http://example.com/wp-content/themes/arthemia-premium-park/scripts/timthumb.php
http://example.com/wp-content/themes/linepress/timthumb.php
http://example.com/wp-content/themes/wedding/timthumb.php
http://example.com/wp-content/themes/graduate/timthumb.php
http://example.com/wp-content/themes/wp-newspaper/timthumb.php
http://example.com/wp-content/themes/advanced-newspaper/timthumb.php
http://example.com/wp-content/themes/journey/timthumb.php
http://example.com/wp-content/themes/newspro/timthumb.php
http://example.com/wp-content/themes/transcript/timthumb.php
http://example.com/wp-content/themes/showfolio/timthumb.php
http://example.com/wp-content/themes/quickstart/timthumb.php
http://example.com/wp-content/themes/Restorante/timthumb.php
http://example.com/wp-content/themes/snapwire/timthumb.php
http://example.com/wp-content/themes/aqua-blue/includes/timthumb.php
http://example.com/wp-content/themes/swatch/functions/thumb.php
http://example.com/wp-content/themes/announcement/functions/thumb.php
http://example.com/wp-content/themes/empire/functions/thumb.php
http://example.com/wp-content/themes/supportpress/functions/thumb.php
http://example.com/wp-content/themes/editorial/functions/thumb.php
http://example.com/wp-content/themes/statua/functions/thumb.php
http://example.com/wp-content/themes/briefed/functions/thumb.php
http://example.com/wp-content/themes/faultpress/functions/thumb.php
http://example.com/wp-content/themes/kaboodle/functions/thumb.php
http://example.com/wp-content/themes/savinggrace/functions/thumb.php
http://example.com/wp-content/themes/premiere/functions/thumb.php
http://example.com/wp-content/themes/simplicity/functions/thumb.php
http://example.com/wp-content/themes/deliciousmagazine/functions/thumb.php
http://example.com/wp-content/themes/canvas-buddypress/functions/thumb.php
http://example.com/wp-content/themes/bookclub/functions/thumb.php
http://example.com/wp-content/themes/boldnews/functions/thumb.php
http://example.com/wp-content/themes/placeholder/functions/thumb.php
http://example.com/wp-content/themes/biznizz/functions/thumb.php
http://example.com/wp-content/themes/auld/functions/thumb.php
http://example.com/wp-content/themes/listings/functions/thumb.php
http://example.com/wp-content/themes/elefolio/functions/thumb.php
http://example.com/wp-content/themes/chapters/functions/thumb.php
http://example.com/wp-content/themes/continuum/functions/thumb.php
http://example.com/wp-content/themes/diner/functions/thumb.php
http://example.com/wp-content/themes/skeptical/functions/thumb.php
http://example.com/wp-content/themes/caffeinated/functions/thumb.php
http://example.com/wp-content/themes/crisp/functions/thumb.php
http://example.com/wp-content/themes/sealight/functions/thumb.php
http://example.com/wp-content/themes/unite/functions/thumb.php
http://example.com/wp-content/themes/estate/functions/thumb.php
http://example.com/wp-content/themes/tma/functions/thumb.php
http://example.com/wp-content/themes/coda/functions/thumb.php
http://example.com/wp-content/themes/inspire/functions/thumb.php
http://example.com/wp-content/themes/apz/functions/thumb.php
http://example.com/wp-content/themes/spectrum/functions/thumb.php
http://example.com/wp-content/themes/diarise/functions/thumb.php
http://example.com/wp-content/themes/boast/functions/thumb.php
http://example.com/wp-content/themes/retreat/functions/thumb.php
http://example.com/wp-content/themes/cityguide/functions/thumb.php
http://example.com/wp-content/themes/cinch/functions/thumb.php
http://example.com/wp-content/themes/slanted/functions/thumb.php
http://example.com/wp-content/themes/canvas/functions/thumb.php
http://example.com/wp-content/themes/postcard/functions/thumb.php
http://example.com/wp-content/themes/delegate/functions/thumb.php
http://example.com/wp-content/themes/mystream/functions/thumb.php
http://example.com/wp-content/themes/optimize/functions/thumb.php
http://example.com/wp-content/themes/backstage/functions/thumb.php
http://example.com/wp-content/themes/sophisticatedfolio/functions/thumb.php
http://example.com/wp-content/themes/bueno/functions/thumb.php
http://example.com/wp-content/themes/digitalfarm/functions/thumb.php
http://example.com/wp-content/themes/headlines/functions/thumb.php
http://example.com/wp-content/themes/f0101/functions/thumb.php
http://example.com/wp-content/themes/royalle/functions/thumb.php
http://example.com/wp-content/themes/exposure/functions/thumb.php
http://example.com/wp-content/themes/rockstar/functions/thumb.php
http://example.com/wp-content/themes/dailyedition/functions/thumb.php
http://example.com/wp-content/themes/object/functions/thumb.php
http://example.com/wp-content/themes/antisocial/functions/thumb.php
http://example.com/wp-content/themes/coffeebreak/functions/thumb.php
http://example.com/wp-content/themes/mortar/functions/thumb.php
http://example.com/wp-content/themes/bigeasy/functions/thumb.php
http://example.com/wp-content/themes/groovyphoto/functions/thumb.php
http://example.com/wp-content/themes/groovyblog/functions/thumb.php
http://example.com/wp-content/themes/mainstream/functions/thumb.php
http://example.com/wp-content/themes/featurepitch/functions/thumb.php
http://example.com/wp-content/themes/suitandtie/functions/thumb.php
http://example.com/wp-content/themes/thejournal/functions/thumb.php
http://example.com/wp-content/themes/myweblog/functions/thumb.php
http://example.com/wp-content/themes/aperture/functions/thumb.php
http://example.com/wp-content/themes/metamorphosis/functions/thumb.php
http://example.com/wp-content/themes/bloggingstream/functions/thumb.php
http://example.com/wp-content/themes/thestation/functions/thumb.php
http://example.com/wp-content/themes/groovyvideo/functions/thumb.php
http://example.com/wp-content/themes/productum/functions/thumb.php
http://example.com/wp-content/themes/newsport/functions/thumb.php
http://example.com/wp-content/themes/irresistible/functions/thumb.php
http://example.com/wp-content/themes/cushy/functions/thumb.php
http://example.com/wp-content/themes/wootube/functions/thumb.php
http://example.com/wp-content/themes/forewordthinking/functions/thumb.php
http://example.com/wp-content/themes/geometric/functions/thumb.php
http://example.com/wp-content/themes/abstract/functions/thumb.php
http://example.com/wp-content/themes/busybee/functions/thumb.php
http://example.com/wp-content/themes/blogtheme/functions/thumb.php
http://example.com/wp-content/themes/gothamnews/functions/thumb.php
http://example.com/wp-content/themes/thick/functions/thumb.php
http://example.com/wp-content/themes/typebased/functions/thumb.php
http://example.com/wp-content/themes/overeasy/functions/thumb.php
http://example.com/wp-content/themes/ambience/functions/thumb.php
http://example.com/wp-content/themes/snapshot/functions/thumb.php
http://example.com/wp-content/themes/openair/functions/thumb.php
http://example.com/wp-content/themes/freshfolio/functions/thumb.php
http://example.com/wp-content/themes/papercut/functions/thumb.php
http://example.com/wp-content/themes/proudfolio/functions/thumb.php
http://example.com/wp-content/themes/vibrantcms/functions/thumb.php
http://example.com/wp-content/themes/freshnews/functions/thumb.php
http://example.com/wp-content/themes/livewire/functions/thumb.php
http://example.com/wp-content/themes/gazette/functions/thumb.php
http://example.com/wp-content/themes/flashnews/functions/thumb.php
http://example.com/wp-content/themes/premiumnews/functions/thumb.php
http://example.com/wp-content/themes/newspress/functions/thumb.php
http://example.com/wp-content/themes/8q/scripts/timthumb.php
http://example.com/wp-content/themes/aerial/lib/timthumb.php
http://example.com/wp-content/themes/aesthete/timthumb.php
http://example.com/wp-content/themes/albizia/includes/timthumb.php
http://example.com/wp-content/themes/amphion-lite/script/timthumb.php
http://example.com/wp-content/themes/aranovo/scripts/timthumb.php
http://example.com/wp-content/themes/arras/library/timthumb.php
http://example.com/wp-content/themes/arras-theme/library/timthumb.php
http://example.com/wp-content/themes/arthemix-bronze/scripts/timthumb.php
http://example.com/wp-content/themes/artisan/includes/timthumb.php
http://example.com/wp-content/themes/arthemix-green/scripts/timthumb.php
http://example.com/wp-content/themes/a-simple-business-theme/scripts/timthumb.php
http://example.com/wp-content/themes/a-supercms/timthumb.php
http://example.com/wp-content/themes/aureola/scripts/timthumb.php
http://example.com/wp-content/themes/aurorae/timthumb.php
http://example.com/wp-content/themes/autofashion/thumb.php
http://example.com/wp-content/themes/automotive-blog-theme/Quick%20Cash%20Auto/timthumb.php
http://example.com/wp-content/themes/bikes/thumb.php
http://example.com/wp-content/themes/automotive-blog-theme/timthumb.php
http://example.com/wp-content/themes/black_eve/timthumb.php
http://example.com/wp-content/themes/blex/scripts/timthumb.php
http://example.com/wp-content/themes/bloggnorge-a1/scripts/timthumb.php
http://example.com/wp-content/themes/blogified/timthumb.php
http://example.com/wp-content/themes/blue-corporate-hyve-theme/timthumb.php
http://example.com/wp-content/themes/bluemag/library/timthumb.php
http://example.com/wp-content/themes/blue-news/scripts/timthumb.php
http://example.com/wp-content/themes/bombax/includes/timthumb.php
http://example.com/wp-content/themes/breakingnewz/timthumb.php
http://example.com/wp-content/themes/brightsky/scripts/timthumb.php
http://example.com/wp-content/themes/brochure-melbourne/includes/timthumb.php
http://example.com/wp-content/themes/business-turnkey/assets/js/timthumb.php
http://example.com/wp-content/themes/calotropis/includes/timthumb.php
http://example.com/wp-content/themes/coffee-lite/thumb.php
http://example.com/wp-content/themes/comet/scripts/timthumb.php
http://example.com/wp-content/themes/conceditor-wp-strict/scripts/timthumb.php
http://example.com/wp-content/themes/constructor/layouts/thumb.php
http://example.com/wp-content/themes/constructor/libs/timthumb.php
http://example.com/wp-content/themes/constructor/timthumb.php
http://example.com/wp-content/themes/coverht-wp/scripts/timthumb.php
http://example.com/wp-content/themes/cover-wp/scripts/timthumb.php
http://example.com/wp-content/themes/dark-dream-media/timthumb.php
http://example.com/wp-content/themes/deep-blue/timthumb.php
http://example.com/wp-content/themes/delicate/thumb.php
http://example.com/wp-content/themes/diamond-ray/thumb.php
http://example.com/wp-content/themes/dieselclothings/thumb.php
http://example.com/wp-content/themes/digitalblue/thumb.php
http://example.com/wp-content/themes/dimenzion/timthumb.php
http://example.com/wp-content/themes/epione/script/timthumb.php
http://example.com/wp-content/themes/evr-green/scripts/timthumb.php
http://example.com/wp-content/themes/famous/megaframe/megapanel/inc/upload.php
http://example.com/wp-content/themes/famous/timthumb.php
http://example.com/wp-content/themes/fashion-style/thumb.php
http://example.com/wp-content/themes/featuring/timthumb.php
http://example.com/wp-content/themes/fliphoto/timthumb.php
http://example.com/wp-content/themes/flix/timthumb.php
http://example.com/wp-content/themes/fordreporter/scripts/thumb.php
http://example.com/wp-content/themes/freeside/thumb.php
http://example.com/wp-content/themes/fresh-blu/scripts/timthumb.php
http://example.com/wp-content/themes/go-green/modules/timthumb.php
http://example.com/wp-content/themes/granite-lite/scripts/timthumb.php
http://example.com/wp-content/themes/greydove/timthumb.php
http://example.com/wp-content/themes/greyzed/functions/efrog/lib/timthumb.php
http://example.com/wp-content/themes/gunungkidul/thumb.php
http://example.com/wp-content/themes/heartspotting-beta/thumb.php
http://example.com/wp-content/themes/heli-1-wordpress-theme/images/timthumb.php
http://example.com/wp-content/themes/ideatheme/timthumb.php
http://example.com/wp-content/themes/impressio/timthumb/timthumb.php
http://example.com/wp-content/themes/introvert/thumb.php
http://example.com/wp-content/themes/inuit-types/thumb.php
http://example.com/wp-content/themes/isotherm-news/thumb.php
http://example.com/wp-content/themes/iwana-v10/timthumb.php
http://example.com/wp-content/themes/jambo/thumb.php
http://example.com/wp-content/themes/jcblackone/thumb.php
http://example.com/wp-content/themes/kratalistic/thumb.php
http://example.com/wp-content/themes/life-style-free/thumb.php
http://example.com/wp-content/themes/likehacker/timthumb.php
http://example.com/wp-content/themes/litepress/scripts/timthumb.php
http://example.com/wp-content/themes/loganpress-premium-theme-1/thumb.php
http://example.com/wp-content/themes/magazine-basic/thumb.php
http://example.com/wp-content/themes/magup/timthumb.php
http://example.com/wp-content/themes/make-money-online-theme-1/scripts/timthumb.php
http://example.com/wp-content/themes/make-money-online-theme-2/scripts/timthumb.php
http://example.com/wp-content/themes/make-money-online-theme-3/scripts/timthumb.php
http://example.com/wp-content/themes/make-money-online-theme-4/scripts/timthumb.php
http://example.com/wp-content/themes/make-money-online-theme/scripts/timthumb.php
http://example.com/wp-content/themes/meintest/layouts/thumb.php
http://example.com/wp-content/themes/mobilephonecomparision/thumb.php
http://example.com/wp-content/themes/moi-magazine/timthumb.php
http://example.com/wp-content/themes/my-heli/images/timthumb.php
http://example.com/wp-content/themes/mymag/timthumb.php
http://example.com/wp-content/themes/mystique/extensions/auto-thumb/timthumb.php
http://example.com/wp-content/themes/nash/theme-assets/php/timthumb.php
http://example.com/wp-content/themes/neofresh/timthumb.php
http://example.com/wp-content/themes/neo_wdl/includes/extensions/thumb.php
http://example.com/wp-content/themes/new-green-natural-living-ngnl/scripts/timthumb.php
http://example.com/wp-content/themes/newspress/thumb.php
http://example.com/wp-content/themes/pearlie/scripts/timthumb.php
http://example.com/wp-content/themes/pico/scripts/timthumb.php
http://example.com/wp-content/themes/postage-sydney/includes/timthumb.php
http://example.com/wp-content/themes/premium-violet/thumb.php
http://example.com/wp-content/themes/probluezine/timthumb.php
http://example.com/wp-content/themes/pronto/cjl/pronto/uploadify/check.php
http://example.com/wp-content/themes/pronto/cjl/pronto/uploadify/uploadify.php
http://example.com/wp-content/themes/r755/thumb.php
http://example.com/wp-content/themes/regal/timthumb.php
http://example.com/wp-content/themes/shaan/timthumb.php
http://example.com/wp-content/themes/shadow-block/thumb.php
http://example.com/wp-content/themes/shadow/timthumb.php
http://example.com/wp-content/themes/simple-but-great/timthumb.php
http://example.com/wp-content/themes/simplenews_premium/scripts/timthumb.php
http://example.com/wp-content/themes/simple-red-theme/timthumb.php
http://example.com/wp-content/themes/simple-tabloid/thumb.php
http://example.com/wp-content/themes/simplewhite/timthumb.php
http://example.com/wp-content/themes/slidette/timThumb/timthumb.php
http://example.com/wp-content/themes/snowblind_colbert/thumb.php
http://example.com/wp-content/themes/snowblind/thumb.php
http://example.com/wp-content/themes/spotlight/timthumb.php
http://example.com/wp-content/themes/squeezepage/timthumb.php
http://example.com/wp-content/themes/standout/thumb.php
http://example.com/wp-content/themes/suffusion/timthumb.php
http://example.com/wp-content/themes/swift/includes/thumb.php
http://example.com/wp-content/themes/swift/includes/timthumb.php
http://example.com/wp-content/themes/swift/timthumb.php
http://example.com/wp-content/themes/techozoic-fluid/options/thumb.php
http://example.com/wp-content/themes/the_dark_os/tools/timthumb.php
http://example.com/wp-content/themes/themetiger-fashion/thumb.php
http://example.com/wp-content/themes/theory/thumb.php
http://example.com/wp-content/themes/the-theme/core/libs/thumbnails/thumb.php
http://example.com/wp-content/themes/thrillingtheme/thumb.php
http://example.com/wp-content/themes/tm-theme/js/timthumb.php
http://example.com/wp-content/themes/totallyred/scripts/timthumb.php
http://example.com/wp-content/themes/travelogue-theme/scripts/timthumb.php
http://example.com/wp-content/themes/true-blue-theme/timthumb.php
http://example.com/wp-content/themes/ttnews-theme/timthumb.php
http://example.com/wp-content/themes/typographywp/timthumb.php
http://example.com/wp-content/themes/ugly/timthumb.php
http://example.com/wp-content/themes/unity/timthumb.php
http://example.com/wp-content/themes/versitility/timthumb.php
http://example.com/wp-content/themes/vibefolio-teaser-10/scripts/timthumb.php
http://example.com/wp-content/themes/vina/thumb.php
http://example.com/wp-content/themes/whitemag/script/thumb.php
http://example.com/wp-content/themes/wpapi/thumb.php
http://example.com/wp-content/themes/wpbus-d4/includes/timthumb.php
http://example.com/wp-content/themes/wp-creativix/scripts/timthumb.php
http://example.com/wp-content/themes/wp-newsmagazine/scripts/timthumb.php
http://example.com/wp-content/themes/wp-perfect/js/timthumb.php
http://example.com/wp-content/themes/wp-premium-orange/timthumb.php
http://example.com/wp-content/themes/xiando-one/thumb.php
http://example.com/wp-content/themes/zcool-like/timthumb.php
http://example.com/wp-content/themes/zcool-like/uploadify.php
http://example.com/wp-content/themes/twittplus/scripts/timthumb.php

Tweaking My Server Security

Michael Clark — Fri, 16 Jul 2010 13:12:37 +0000

Over the past few weeks my web/email server has been attacked multiple times. So I’ve started hardening my defenses. Stay tuned as I will be documenting what I do and what I learn. Today I’ve been experimenting with iptables and the settings for my sshd (the server that allows me to connect to the web server “behind the scenes”). 7b1d91231a87fb75e0054e886a0dea57

Just this morning as I was tweaking things I “watched” someone in Russia try to guess passwords and account names. He was at 212.110.146.180 (u590.so-com.net) in case anyone is interested.

One of the biggest things I need to do is to re-train my customers to use a different program to upload files to their web sites. Right now I have them set to use FTP, but that needs to go away. SFTP looks like it will be the way to do things.