Welcome to WebmasterWorld Guest from 54.163.142.67

Forum Moderators: Ocean10000 & incrediBILL & keyplyr

Message Too Old, No Replies

Whatzup?

     
7:23 pm on Jan 6, 2001 (gmt 0)

Preferred Member

10+ Year Member

joined:Nov 25, 2000
posts:541
votes: 0


200.239.110.51

Can someone help with info on this?
This dude seems to know an awful lot about my directory structure..he request index/ of folder that noone knows about.

9:40 pm on Jan 6, 2001 (gmt 0)

Senior Member

WebmasterWorld Senior Member littleman is a WebmasterWorld Top Contributor of All Time 10+ Year Member

joined:June 17, 2000
posts:2924
votes: 0


Well, you probably did this already but here is the arin info:

RNP (Brazilian Research Network) (NETBLK-BRAZIL-BLK2)
Rua Pio XI, 1500
Sao Paulo, 05468-901
BR

I did a trace rout on the ip. Here are the last few hops:

11 ebt-P1-0-core03.rjo.embratel.net.br (200.255.197.98) 410.032 ms 410.016 ms 409.997 ms
12 ebt-A12-0-0-1-dist01.fla.embratel.net.br (200.255.153.45) 450.023 ms 450.033 ms 449.984 ms
13 pop-ce-rnp-S4-4-dist01.fla.embratel.net.br (200.253.191.226) 460.030 ms 439.998 ms 450.039 ms
14 canoa.pop-ce.rnp.br (200.129.0.74) 439.978 ms 439.994 ms 440.030 ms
15 200.239.110.94 (200.239.110.94) 589.996 ms 599.997 ms 580.029 ms
16 200.239.110.51 (200.239.110.51) 640.022 ms 589.994 ms 590.032 ms

So what is [rnp.br ]?
Check ou babelfish [babelfish.altavista.com].

10:55 pm on Jan 6, 2001 (gmt 0)

Preferred Member

10+ Year Member

joined:Nov 25, 2000
posts:541
votes: 0


Think someone found an open proxy?

He seems to know the names of my ip delivery folders...on two separate domains....only my isp would be able to see that right?

12:29 am on Jan 7, 2001 (gmt 0)

Senior Member

WebmasterWorld Senior Member littleman is a WebmasterWorld Top Contributor of All Time 10+ Year Member

joined:June 17, 2000
posts:2924
votes: 0


Could be, you could test it with the regular ports (80, 8080, 3128) and see what happens. Man, that sucks, if you are on a unix system you could restrict access to that folder and still get you cloak to work properly.
12:30 am on Jan 7, 2001 (gmt 0)

Preferred Member

10+ Year Member

joined:Nov 25, 2000
posts:541
votes: 0


How????

I'm all ears.....<frantic>

1:42 am on Jan 7, 2001 (gmt 0)

Senior Member

WebmasterWorld Senior Member littleman is a WebmasterWorld Top Contributor of All Time 10+ Year Member

joined:June 17, 2000
posts:2924
votes: 0


I think I posted a link for you the other day that got into password protecting files. But if you don't want to mess with that and your server has mod_rewrite you could put something like this in your .htaccess instead:

RewriteEngine on
RewriteBase /
RewriteRule ^$ get_the_hell_out_of_here.html
RewriteRule (.*) get_the_hell_out_of_here.html

What that will do is make everything in that folder default
get_the_hell_out_of_here.html

2:25 am on Jan 7, 2001 (gmt 0)

Preferred Member

10+ Year Member

joined:Nov 25, 2000
posts:541
votes: 0


Cain't say I understand....

Can I just chmod permissions on the folders somehow?

Added: The method you described looks really cool...any links to?

2:57 am on Jan 7, 2001 (gmt 0)

Senior Member

WebmasterWorld Senior Member littleman is a WebmasterWorld Top Contributor of All Time 10+ Year Member

joined:June 17, 2000
posts:2924
votes: 0


Let's see if I could ado a decent job describing how to do this. You said all your cloaked pages are in one folder, right? So what you would do is make a file with the above code and name it '.htaccess', make sure you put in the '.' in there at the beginning. After that place it in the folder with your cloaking pages. Then, just make your get_the_hell_out_of_here.html page and stick it at the root file for your domain - the base '/" level.

Chmod changes may work, but be careful to test things out. You may accidentally restrict your cloaking script.

3:10 am on Jan 7, 2001 (gmt 0)

Preferred Member

10+ Year Member

joined:Nov 25, 2000
posts:541
votes: 0


A mod rewrite function will work on all folders I .htacc?

So if'n sumbuddy types in the file name, even if its in there, they get a default page at root????

Marn

3:27 am on Jan 7, 2001 (gmt 0)

Inactive Member
Account Expired

 
 


Bone wrote: "Can someone help with info on this? This dude seems to know an awful lot about my directory structure..he request index/ of folder that noone knows about. "

What program/scripts would someone write to know hidden files and directories (ones which are not linked to the website or anywhere else for that matter?

I have always wondered HOW someone out there can get to hidden directories without stealing someone's password and FTPing into the site??

mousemoves

4:01 am on Jan 7, 2001 (gmt 0)

Inactive Member
Account Expired

 
 


get_the_hell_out_of_here.html

LOL!

Air

5:02 am on Jan 7, 2001 (gmt 0)

Senior Member

WebmasterWorld Senior Member 10+ Year Member

joined:Feb 10, 2000
posts:1253
votes: 0


BH,

Yeah that trick littleman suggests will make get_the_hell_out_of_here.html be served no matter what page is asked for. You'll want to place a new .htaccess in the cloaking directory so that it affects all directories below it and none of the directories above it.

5:36 am on Jan 7, 2001 (gmt 0)

Preferred Member

10+ Year Member

joined:Nov 25, 2000
posts:541
votes: 0


Thats sounds like precisely wut I been lurking fer.

I needs to read sum more to grasp wut I gotta do here.

Let me understand here...
if I place .ht in folder named IPFire then all the subs inside will be covered from a browser trying to reach them but when the script sends a spider to one of the subfolders in IPFire it doesnt interfere?

7:34 am on Jan 7, 2001 (gmt 0)

Senior Member

WebmasterWorld Senior Member littleman is a WebmasterWorld Top Contributor of All Time 10+ Year Member

joined:June 17, 2000
posts:2924
votes: 0


>if I place .ht in folder named IPFire then all the subs inside will be covered from a browser trying to reach them but when the script sends a spider >to one of the subfolders in IPFire it doesnt interfere?

The cloaking script doesn't send the spider to the IPFire folder, but rather retrieves your html out of that folder for the spider. It is a subtle but very important difference.

7:51 am on Jan 7, 2001 (gmt 0)

Senior Member

WebmasterWorld Senior Member littleman is a WebmasterWorld Top Contributor of All Time 10+ Year Member

joined:June 17, 2000
posts:2924
votes: 0


Marn, I'm not a cracker so this isn't my aria of expertise. But I've ran across a couple of examples. One thing that happens is that people are sloppy with their site layout and leave behind a couple of trails. Like for instance they will have images being called from files that contain other documents and sub folders but do not have an index page. Another thing that is very common is when people install programs or cgi scripts without diverging from the standard file layout and names.

When I was just starting to mess around with some cgi scripts I was playing with a shopping cart script and I did a random search for the standard name of the file that is suppose to hold the orders and credit card information for that script. I was amazed at how many unprotected files were out there. One little search in altavista and I was able to view a few hundred CC numbers. Good thing I am not a thief.

5:37 pm on Jan 7, 2001 (gmt 0)

Preferred Member

10+ Year Member

joined:Nov 25, 2000
posts:541
votes: 0


I tried your suggestion and it seems to work...it just sits there doesnt go to default page...but doesnt show the requested page either.

Man I wish I knew Linux better. If somebody wrote a book on basic webmaster server management I would be first in line to buy it.

I believe my situation has to be an inside job....nobody could figure some of the names I use and I always rename the directories ridiculous names...nothing common. This person knew not only one but two of them and specific file names within...but they were one directory short of being there and the .htaccess fix yall gave me last week redirected them to root. Apache Guardian told me so.

I think someones using a proxy in .br to hide their tracks but I sure would like to know how they know what they know.

6:53 pm on Jan 7, 2001 (gmt 0)

Senior Member

WebmasterWorld Senior Member littleman is a WebmasterWorld Top Contributor of All Time 10+ Year Member

joined:June 17, 2000
posts:2924
votes: 0


>I tried your suggestion and it seems to work...it just sits there doesnt go to default page...but doesnt show the requested page either.

Hmm, probably there is something wrong with your path to get_the_hell_out_of_here.html. Oh well, at least it fixed your problem.

>Man I wish I knew Linux better. If somebody wrote a book on basic webmaster server management I would be first in line to buy it.

I know what you mean, I haven't been messing with linux all that long either. To people who have been using *nix systems for years this stuff is second nature, but the learning cure is steep. One thing I did that has helped me a lot is to have a linux os computer at home. This way I can mess with things and do experimenting without jacking up my web servers.

>inside job
That is kind of scary.

12:10 am on Jan 8, 2001 (gmt 0)

Preferred Member

10+ Year Member

joined:Nov 25, 2000
posts:541
votes: 0


>Scary

How else could someone know the EXACT folder names...I assure you they aren't common.

>Path
Would that have to be an absolute path on the server or just a relative path???

Air

5:11 am on Jan 8, 2001 (gmt 0)

Senior Member

WebmasterWorld Senior Member 10+ Year Member

joined:Feb 10, 2000
posts:1253
votes: 0


BH,
That's a relative path ...
6:03 am on Jan 8, 2001 (gmt 0)

Preferred Member

10+ Year Member

joined:Nov 25, 2000
posts:541
votes: 0


Thanks Air,
I can now protect a directory so good I can't get in to turn it off.

han solo

3:48 pm on Jan 8, 2001 (gmt 0)

Inactive Member
Account Expired

 
 


Re: the linux thing...I'm just learning, too.

And I know that dummies books aren't favored in some corners of the cosmos, but if you pick up administering linux for dummies, that should do the trick.

It gives a lot of stuff, and doesn't bother with too much of explanation, at least, in the technical sense. Then after that you could pick up a regular book, and have plenty of background to understand the arcane stuff they are bound to get into.

Only reason I spoke up is I, too, am learning linux. Must fight the evil empire every way I can...

Cheers,
Han Solo

5:28 pm on Jan 8, 2001 (gmt 0)

Preferred Member

10+ Year Member

joined:Nov 25, 2000
posts:541
votes: 0


Thanks Han Solo,

May the Force be with us in our quest for stability.

I have lots of dummy books ( you can see a few of them on my desk in the profile shot).

Sometimes you just get fried on looking thru all that stuff for the one little thing you just wanna get done.

That's why I like this here forum.

Say hi to the Princess for me.

11:11 pm on Jan 8, 2001 (gmt 0)

Senior Member

WebmasterWorld Senior Member mivox is a WebmasterWorld Top Contributor of All Time 10+ Year Member

joined:Dec 6, 2000
posts:3928
votes: 0


Turn off world read access to the folder... (chmod command)

A browser will still be able to access specific pages when they ask for a specific page title, but wouldn't be able to view the list of files in the directory.