Skip to main content
1
187_2007
Participant
April 30, 2007
Question

Being hacked for SURE

  • April 30, 2007
  • 4 replies
  • 269 views
Hey everyone. i am getting a DB error and I know that my site, without a doubt, is trying to get hacked. Someone is simply trying to add an entry to my DB. The problem is, they are using a proxy server to chage their IP address at random, so I cannot just capture the IP address and ban it. So my question is, what suggestions do you have so I can stop this guy from trying to get into my DB? My code is protected so I'm not really worried about him getting in, I just want to prevent him from trying... I'm thinking there is nothing I can do. But at least I know my code is good 🙂
    This topic has been closed for replies.

    4 replies

    N
    Newsgroup_User
    Inspiring
    April 30, 2007
    > Hey everyone. i am getting a DB error and I know that my site, without a doubt,
    > is trying to get hacked.

    Why is it "without a doubt"? What's the evidence you have?


    > Someone is simply trying to add an entry to my DB. The

    How are they trying to do that?


    > problem is, they are using a proxy server to chage their IP address at random,
    > so I cannot just capture the IP address and ban it. So my question is, what

    But the proxy server will still have an externally-facing IP address, which
    is what you should receive as your CGI.remote_addr value. It doesn't
    matter what their IP address is behind that. What version of CF are you
    running?


    > suggestions do you have so I can stop this guy from trying to get into my DB?

    This is a network issue, not a CF issue. You'd be better off asking on a
    network forum than here.


    > My code is protected

    What do you mean by "[your] code is protected"? Is it your code or your
    data you're worried about (two different things; two different issues; two
    different solutions)?

    How do you know how well it's protected?


    > so I'm not really worried about him getting in, I just
    > want to prevent him from trying... I'm thinking there is nothing I can do.

    I think there IS. But you're barking up the wrong tree (for more than one
    reason) asking here.


    > But
    > at least I know my code is good :)

    From reading your post, and interpretting your understanding of "how things
    work", I'm not so sure of that, to be honest.

    Take a step back, and ignore your preconceptions about what is / is not
    possible, and how good you think your code is... how is your (perceived)
    problem manifesting itself?

    --
    Adam
    I
    insuractive
    Inspiring
    April 30, 2007
    If you are sure that you've locked down your code (query params, encrypting DB info that you send via URL, etc) your best bet may be to look beyond your CF server and look into picking up some intrusion detection / deflection software.
    A
    Anonymous
    April 30, 2007
    Please confirm that you are not sending any portion of a SQL statement in a URL.
    A
    Anonymous
    April 30, 2007
    Sounds like you're already using QueryParam and the like so that's good. I've had someone attempt to hack into a site I have. What I did was used a cfcatch/try block to capture the SQL/DB error, then used a redirect to send them to a not so work safe site. Of course you have to be sure it's a hacker causing that error or you may offend someone by mistake.
    Terms & ConditionsAccessibility statement
    Using the community Terms of use Privacy Cookie preferences Do not sell or share my personal information ad choicesAdChoices