SQL Injection

Multiple attempts over the past several days trying to hack my wordpress site using sql injection. blah blah blah blah blah blah blah blah...

Mar 28 01:11:57 sunrise suhosin[27665]: ALERT - ASCII-NUL chars not allowed within request variables - dropped variable \'controller\' (attacker \'193 .104.85.211\', file \'/var/www/WEBSITE/index.php\...

Greetings: This IP address contains a proxy that\'s being used to continuously sql inject attack our website. Appreciate looking into the situation. Thank you....

We have had numerous attempts by this ip address 91.207.60.66 try to injection sql database be carefully with this, we recived the injection by one our websites forms...

Attempted to gain access to my website using sql injection was catch by Marco\'s interceptor ** Local File Inclusion [GET:controller] => ../../../robots.txt ** Local File Inclusion [REQUEST:contr...

<!DOCTYPE HTML PUBLIC \"-//W3C//DTD HTML 4.0 Transitional//EN\"> <HTML><HEAD> <META http-equiv=Content-Type content=\"text/html; charset=gb2312\"> <META ...

please check this ip id , this person try to login my yahoo account and want to change my password.please help me and trace this hacker ....

We have had numerous attempts by this ip address to gain acces to our database using SQL injection. I have tracked the ip address a far as I can but that\'s all I can do...

Yet another attack of some sort from \"hinet.net\". Their IP\'s are always doing something unsavory. I wish that their whole infrastructure would just burn up!!!!...

UDP from 61.235.46.146 to local port 1434. Denied: Intrusion.Win.MSSQL.worm.Helkern. on 12/03/2012 08:50:39 UDP from 61.235.46.146 to local port 1434. Denied: Intrusion.Win.MSSQL.worm.Helkern. on 09...

This IP injected a Mailer script into my WP theme code and send over 2000 spam emails from my server. Was detected and cleaned, but not before the damage was done. Logs available. Please blacklist....

UDP from 61.235.46.146 to local port 1434: Intrusion.Win.MSSQL.worm.Helkern its been a month. UDP from 178.158.206.19 to local port 1434 Denied: Intrusion.Win.MSSQL.worm.Helkern 2/26/2012 5:14:30 P...

Intrusion.Win.MSSQL.worm.Helkern UDP from 61.235.46 .146 on 2012-02-11 at 17:36:59 again on 2012-02-15 at 23:08:03 again on 2012-02-21 at 21:30:53 again on 2012-03-05 at 15:28:12 Is there a pattern ...

Numerous submissions across several websites, multiple times per day attempting SQL injection on any form on the site. Recognized attack after bogus tags appeared on end of multiple postings. The foll...

Comes around several times a day, keeps posting data to pages that don\'t even have form fields. tried injection attacks, fortunately didn\'t succed. Is there any way to ban him?...

Attack from 190.120.236.65 to all my server IPs 70.59.222.x, every time I take down my servers and restage them the start attacking me after a few days....

11:04:45 PM Block IN TCP 60.173.10.236 6000 86.127.74.46 1433 SYN Blocked by the Attack Detecton component IP Address: 60.173.10.236 IP Address Country: China (CN) IP Address Region: 01 Anhui IP Add...

Comes around several times a day, keeps posting data to pages that don\'t even have form fields. tried injection attacks, fortunately didn\'t succed. I hope he burns in hell...

IP Address: 124.14.10.67 IP Address Country: China (CN) IP Address Region: 23 Shanghai IP Address City: Shanghai IP Postal Code IP Address Area Code 0 IP Metro Code 0 IP Address Latitude: 31.004999...

The IP address 69.94.137.92 in USA has attempted 3 hacks of an oscommerce website today. They have tried SQL injection trying to break through administrators access. We have blocked through htaccess...

Keeps trying SQL injection attacks. All attacks are from the same IP, over 200 attacks on a single day. o o o o o o o ...

They were attempts to find database administration tools like phpmyadmin. From log: 222.73.115.47 - - [28/Feb/2012:00:02:01 -0300] \"GET /phpmyadmin/index.php 222.73.115.47 - - [28/Feb/2012:00:...

They hacked in and installed a completly diffirent version of SQLexpress and changed my sa password, which was strong. They only got to some old sql .mdf files but i dont see how they could have insta...

9:09:12 PM Block IN TCP 180.61.12.71 53055 86.127.74.46 1433 SYN Blocked by the Attack Detecton component 9:09:06 PM Block IN TCP 180.61.12.71 53055 86.127.74.46 1433 SYN Blocked by the Attack Detecto...

7:34:14 PM Block IN TCP 119.98.0.195 63003 86.127.74.46 1433 SYN Blocked by the Attack Detecton component IP Address: 119.98.0.195 IP Address Country: China (CN) IP Address Region: 12 Hubei IP Addre...

Lots of errors coming through with SQL injection attacks showing up in logs. All errors from this same IP address. 250 errors in under 10 minutes...

The user is trying to hack our companies billing system by injecting SQL and PHP codes by raising tickets with injection codes,etc. The IP matches the one which is reported....

get them ,get them ,these guys tried my poor african computer all for nothing . i havent done them anything .Its being traced to a computer somewhere in China,Beijing....

UDP from 61.235.46.146 to local port 1434 Denied: Intrusion.Win.MSSQL.worm.Helkern 2/21/2012 3:06:34 AM UDP from 61.235.46.146 to local port 1434 Denied: Intrusion.Win.MSSQL.worm.Helkern 2/21/2012 3:...

UDP from 31.220.243.166 to local port 1434 Denied: Intrusion.Win.MSSQL.worm.Helkern 2/21/2012 4:14:58 PM UDP from 31.220.243.166 to local port 1434 Denied: Intrusion.Win.MSSQL.worm.Helkern 2/21/2012 ...

UDP from 218.75.49.242 to local port 1434 Denied: Intrusion.Win.MSSQL.worm.Helkern 2/20/2012 2:24:51 AM UDP from 218.75.49.242 to local port 1434 Denied: Intrusion.Win.MSSQL.worm.Helkern 2/20/2012 2:...

UDP from 202.56.192.195 to local port 1434 Denied: Intrusion.Win.MSSQL.worm.Helkern 2/20/2012 9:33:28 PM UDP from 202.56.192.195 to local port 1434 Denied: Intrusion.Win.MSSQL.worm.Helkern 2/20/2012...

union queries are being injected by this ip, block this ip address and remove it from the www. its creating havok. This is a very legitimate request....

SQL inject attack? username=admin password=asdfghjkl;\' ----------------- Date: 16:31:34 2012-02-22 User: IP: 208.115.247.250 Page: /crm/live/pages/share/login_check.php SQL inject attack? username=...

IP Address: 113.28.112.41 IP Address Country: Hong Kong (HK) IP Address Region: IP Address City: IP Postal Code IP Address Area Code 0 IP Metro Code 0 IP Address Latitude: 22.25 IP Address Longit...

Guys this guy is so abusive ! It is trying to hack my 3 three sites and also spamming ! Some one please stop this or I\'ll need to contact the police !...

Spybot worm injection on port 1434 from this chinese asshole......all they want to do is to spy others and broke computers and servers all over Globe IP Address: 218.75.49.242 IP Address Country: Ch...

IP Address: 213.64.48.129 IP Address Country: Sweden (SE) IP Address Region: 28 Vastra Gotaland IP Address City: Lidk�ping IP Postal Code IP Address Area Code 0 IP Metro Code 0...

IP Address: 217.64.98.68 IP Address Country: Mali (ML) IP Address Region: 01 Bamako IP Address City: Bamako IP Postal Code IP Address Area Code 0 IP Metro Code 0 IP Address Latitude: 12.6499996185 ...

Is trying to do sql injections on the company database. The date was Wednesday 2/15/2012 at 5:26 pm. There is a record of 20 times he tried. ...

Multiple hits from this ip. Signature Name: MSSQL Resolution Service Stack Overflow Attacker: 61.235.46.146:2041 ==> Victim x.x.x.x:1434 Signature ID: 4703 Sub-Signature ID: 0 Please consult t...

Someone from this IP has repeatly tried to attack my wordpress site, i get the error message emailed through to me: This may be a \"Wordpress- Specific SQL Injection Attack.\"...

Attempted attack on wordpress site. Attempted SQL Injection attack on wordpress site. Attempted SQL Injection attack on wordpress site. Attempted SQL Injection attack on wordpress site. Attempted SQL ...

Multiple attack payloads from this IP. All traffic observed from this IP is malicious. Primary attack type is SQL injection but other recon type attacks have also been observed....

the comment I have send to you just before!Anything changed since now! I do please you, install for your health computer KYS 2012, even if its a trial antivirus, it works very fine too.At the first at...

Attempting to post information to our website, sql injection, cross site scripting. Owner is listed as being in Ukraine. Submits invalid characters into our forms processing pages generating over 100 ...

many IP addresses from china are being blocked from my firewall. this is slowing down my system. attack: MS SQL server. for nothing, no value!...

Registered multiple SQL Injection attacks from IP, went through weblogs and found to be using user-agent: HTTP/1.0 Mozilla/4.0+(compatible;+Synapse). blocked user agent and ip address from server...

Since month I get attacked: UDP from 61.235.46.146 on local port 1434 Intrusion.Win.MSSQL.worm.Helkern Kaspersky does block it, but it is annoying and part of a long time of internetstalking through s...

Since month I get attacked: UDP from 61.235.46.146 on local port 1434 Intrusion.Win.MSSQL.worm.Helkern Kaspersky does block it, but it is annoying and part of a long time of internetstalking through s...

several attempts to inject sql into wordpress site I own. The message below is from the firewall plugin Offending IP: 193.105.240.173 [ Get IP location ] Offending Parameter: log = wp_admin ...

log_date log_msg src_ip src_port dst_ip dst_port log_description ----------------------- -------------------------- --------------- -------- -------...

218.75.49.242, 61.235.46.146 sending WIN.MSSQL.worm.Helkern . I m using internet daily from my personal computer. i have notice that everyday from same IP location somebody is attacking on my computer...

This isn\'t the first time from this IP address Kaspersky has denied an network intrusion attack from this IP address. Message I get is Intrusion.Win.MSSQL.worm.Helkern UDP from 124.239.195.131 to lo...

IP Address: 222.189.238.114 IP Address Country: China (CN) IP Address Region: 22 Beijing IP Address City: Beijing IP Postal Code IP Address Area Code 0 IP Metro Code 0 IP Address Latitude: 39.92890...

This IP needs to be blacklisted immediately! The hackers are using it to exploit SQL injection vulnerability. Offending IP: 193.105.240.173 [ Get IP location ] Offending Parameter: log = wp_admi...

Network attack by intrusion win.MSSQL.worm.Helkern the metioned ip address is being used to attack the network Network attack by intrusion win.MSSQL.worm.Helkern the metioned ip address is being used ...

The attack have been identified by Kaspersky Internet security Intrusion.WIN.MSSQL.worm.Helkern this report generated by kaspersky internet security v 2012..... ____________________________________...

Logs from Sourcefire appliance. Times are GMT+0 2012-01-24 19:26:01 IPS-PT / sdc1pe00ssf01 tcp 173.0.5.188:1489 -> 172.17.1.125:80 SQL union select - possible sql injection attempt - GET parameter...

I want to report abuse from this ip address it try to use sql injection to log in our portal gjuhashqipe.com please disable this ip address thank you...

Malicious hacking activity, maybe, maybe not? Tried on numerous occasions to SQL inject database on numerous sites I am managing, seems IP address is from Ukraine....

** Local File Inclusion [GET:view] => /../../../../../../../../../../proc/self/environ ** Local File Inclusion [REQUEST:view] => /../../../../../../../../../../proc/self/environ **PAGE / SERV...

** Local File Inclusion [GET:start] => ../../../../../../../../../../proc/self/environ ** Local File Inclusion [REQUEST:start] => ../../../../../../../../../../proc/self/environ **PAGE / SERVER...

2012/01/22 04:44:16 ب.ظ Detected: Intrusion.Win.MSSQL.worm.Helkern UDP from 61.235.46.146 to local port 1434 Absent i have received a report about this ip attacking my s...

This IP address is attempting to hack several sites that I manage using SQL injection methods. This IP address is attempting to hack several sites that I manage using SQL injection methods. ...

** Local File Inclusion [GET:controller] => ../../../../../../../../../../../../../../../../../../../../../../../..//proc/self/environ 00 ** Local File Inclusion [REQUEST:controller] => ../../.....

i receive more than 500 emails .I think thant they try to make sql injection.When i wanted to trace ip location is in morroco in north africa...

The attack have been identified by Kaspersky Internet security Intrusion.WIN.MSSQL.worm.Helkern this report generated by kaspersky internet security v 2012 please do accept and inspect the ip. Thank...

** Local File Inclusion [GET:view] => /../../../../../../../../../../proc/self/environ ** Local File Inclusion [REQUEST:view] => /../../../../../../../../../../proc/self/environ **PAGE / SERV...

** Local File Inclusion [GET:view] => ../../../../../../../../../../proc/self/environ ** Local File Inclusion [REQUEST:view] => ../../../../../../../../../../proc/self/environ **PAGE / SERVER I...

fgfd yt yrr trytry tyty tytry tyty tyty rtytr trty tryty yuytu yuy ry y5y5 yyytr tryrtyfgfd yt yrr trytry tyty tytry tyty tyty rtytr trty tryty yuytu yuy ry y5y5 yyytr tryrty tryty y trytytry trytry...

Description: There was an unsuccessful attempt to login into the backend section of your website using an unknown username. Date of event: 19.01.2012 09:58:45 User IP: 94.236.93.234 script kiddies go...

IP 109.149.141.0 attempting scan and PHP and SQL injection attack against our servers in address range 193.195.133.* No harm done as it appears to be script kiddie but reporting in case more serious. ...

2012/01/17 10:29:21 ب.ظ Detected: Intrusion.Win.MSSQL.worm.Helkern UDP from 124.239.195.131 to local port 1434 Absent i was attacked by this IP and rejected it with KIS 2...

Same as the 78.175.43.65 Maybe same user, using proxy, don\'t know. Tries to hack into my joomla site by injecting sql code, already reported him to his provider....

The above ip made multiple tries to inject my joomla website MySQL db and hack it I have records from my anti hack joomla extension if needed...

UDP from 124.239.195.131 to local port 1434 Denied: Intrusion.Win.MSSQL.worm.Helkern 1/13/2012 11:30:50 PM This was the report from my Kaspersky Internet Security. When I traced the IP it showed IP ...

Attempted SQL injection on my site. As others have noted, a HUGE number of hacking attempts from PA area, all are coming from the same ISP. Attempts number in the hundreds, would probably be thousands...

Attempted SQL injection on my site. As others have noted, a HUGE number of hacking attempts from PA area, all are coming from the same ISP. Attempts number in the hundreds, would probably be thousands...

Attempted SQL injection on my site. As others have noted, a HUGE number of hacking attempts from PA area, all are coming from the same ISP. Attempts number in the hundreds, would probably be thousands...

Attempted SQL injection on my site. As others have noted, a HUGE number of hacking attempts from PA area, all are coming from the same ISP. Attempts number in the hundreds, would probably be thousands...

Attempted SQL injection on my site. As others have noted, a HUGE number of hacking attempts from PA area, all are coming from the same ISP. Attempts number in the hundreds, would probably be thousands...

Attempted SQL injection on my site. As others have noted, a HUGE number of hacking attempts from PA area, all are coming from the same ISP. Attempts number in the hundreds, would probably be thousands...

Attempted SQL injection on my site. As others have noted, a HUGE number of hacking attempts from PA area, all are coming from the same ISP. Attempts number in the hundreds, would probably be thousands...

Attempted SQL injection on my site. As others have noted, a HUGE number of hacking attempts from PA area, all are coming from the same ISP. Attempts number in the hundreds, would probably be thousands...

Attempted SQL injection on my site. As others have noted, a HUGE number of hacking attempts from PA area, all are coming from the same ISP. Attempts number in the hundreds, would probably be thousands...

Attempted SQL injection on my site. As others have noted, a HUGE number of hacking attempts from PA area, all are coming from the same ISP. Attempts number in the hundreds, would probably be thousands...

Attempted SQL injection on my site. As others have noted, a HUGE number of hacking attempts from PA area, all are coming from the same ISP. Attempts number in the hundreds, would probably be thousands...

Attempted SQL injection on my site. As others have noted, a HUGE number of hacking attempts from PA area, all are coming from the same ISP. Attempts number in the hundreds, would probably be thousands...

Attempted SQL injection on my site. As others have noted, a HUGE number of hacking attempts from PA area, all are coming from the same ISP. Attempts number in the hundreds, would probably be thousands...

Attempted SQL injection on my site. As others have noted, a HUGE number of hacking attempts from PA area, all are coming from the same ISP. Attempts number in the hundreds, would probably be thousands...

Attempted SQL injection on my site. As others have noted, a HUGE number of hacking attempts from PA area, all are coming from the same ISP. Attempts number in the hundreds, would probably be thousands...

Attempted SQL injection on my site. As others have noted, a HUGE number of hacking attempts from PA area, all are coming from the same ISP. Attempts number in the hundreds, would probably be thousands...

Attempted SQL injection on my site. As others have noted, a HUGE number of hacking attempts from PA area, all are coming from the same ISP. Attempts number in the hundreds, would probably be thousands...

Attempted SQL injection on my site. As others have noted, a HUGE number of hacking attempts from PA area, all are coming from the same ISP. Attempts number in the hundreds, would probably be thousands...

Attempted SQL injection on my site. As others have noted, a HUGE number of hacking attempts from PA area, all are coming from the same ISP. Attempts number in the hundreds, would probably be thousands...

Attempted SQL injection on my site. As others have noted, a HUGE number of hacking attempts from PA area, all are coming from the same ISP. Attempts number in the hundreds, would probably be thousands...

Attempted SQL injection on my site. As others have noted, a HUGE number of hacking attempts from PA area, all are coming from the same ISP. Attempts number in the hundreds, would probably be thousands...

Attempted SQL injection on my site. As others have noted, a HUGE number of hacking attempts from PA area, all are coming from the same ISP. Attempts number in the hundreds, would probably be thousands...

Attempted SQL injection on my site. As others have noted, a HUGE number of hacking attempts from PA area, all are coming from the same ISP. Attempts number in the hundreds, would probably be thousands...

Attempted SQL injection on my site. As others have noted, a HUGE number of hacking attempts from PA area, all are coming from the same ISP. Attempts number in the hundreds, would probably be thousands...

As others have posted, I\'ve begun to block entire ranges of IP addresses from Burstnet. Attempts are in the hundreds, if not thousands. Save yourself some headache, edit your .htaccess file to bloc...

As others have posted, I\'ve begun to block entire ranges of IP addresses from Burstnet. Attempts are in the hundreds, if not thousands. Save yourself some headache, edit your .htaccess file to bloc...

Yet another from Burstnet, attempts in the hundreds from Scranton PA, would be in the thousands if I\'d not resorted to blocking entire IP ranges from Burstnet. Save yourself some headache, edit your...

Attempted SQL injection on my site. As others have noted, a HUGE number of hacking attempts from PA area, all are Burstnet. Attempts number in the hundreds, would probably be thousands had I not resor...

Attempted SQL injection on my site. As others have noted, a HUGE number of hacking attempts from PA area, all are Burstnet. Attempts number in the hundreds, would probably be thousands had I not resor...

Attempted SQL injection on my site. As others have noted, a HUGE number of hacking attempts from PA area, all are Burstnet. Attempts number in the hundreds, would probably be thousands had I not resor...

Attempted SQL injection on my site. As others have noted, a HUGE number of hacking attempts from PA area, all are Burstnet. Attempts number in the hundreds, would probably be thousands had I not resor...

Attempted SQL injection on my site. As others have noted, a HUGE number of hacking attempts from PA area, all are Burstnet. Attempts number in the hundreds, would probably be thousands had I not resor...

So many hacking attempts from Scranton PA through Burstnet. This one was an attempt at SQL injection. It appears there are a group of hackers in PA going after Joomla sites....

Attacks from HostNOC servers - SQL injections - Joomla there has been a massive hacking spree originating from multiple HostNOC IP ranges, specifically targeting vulnerable Joomla extensions. protec...

if we all block this server\'s entire IP range - they are effectively wiped off the internet Attacks from HostNOC servers - SQL injections - Joomla there has been a massive hacking spree originatin...

Attacks from HostNOC servers - SQL injections - Joomla there has been a massive hacking spree originating from multiple HostNOC IP ranges, specifically targeting vulnerable Joomla extensions. protec...

Attacks from HostNOC servers - SQL injections there has been a massive hacking spree originating from multiple HostNOC IP ranges, specifically targeting vulnerable Joomla extensions. protect your si...

Attacks from HostNOC servers - SQL injections there has been a massive hacking spree originating from multiple HostNOC IP ranges, specifically targeting vulnerable Joomla extensions. protect your si...

Attacks from HostNOC servers - SQL injections there has been a massive hacking spree originating from multiple HostNOC IP ranges, specifically targeting vulnerable Joomla extensions. protect your si...

Attacks from HostNOC servers - SQL injections there has been a massive hacking spree originating from multiple HostNOC IP ranges, specifically targeting vulnerable Joomla extensions. protect your si...

Attacks from HostNOC servers - SQL injections there has been a massive hacking spree originating from multiple HostNOC IP ranges, specifically targeting vulnerable Joomla extensions. protect your si...

Attacks from HostNOC servers - SQL injections there has been a massive hacking spree originating from multiple HostNOC IP ranges, specifically targeting vulnerable Joomla extensions. protect your si...

Attacks from HostNOC servers - SQL injections there has been a massive hacking spree originating from multiple HostNOC IP ranges, specifically targeting vulnerable Joomla extensions. protect your s...

Attacks from HostNOC servers - SQL injections there has been a massive hacking spree originating from multiple HostNOC IP ranges, specifically targeting vulnerable Joomla extensions. protect your si...

Attacks from HostNOC servers - SQL injections there has been a massive hacking spree originating from multiple HostNOC IP ranges, specifically targeting vulnerable Joomla extensions. protect your si...

Attempted SQL injection on my site. As others have noted, a HUGE number of hacking attempts from PA area, all are Burstnet. Attempts number in the hundreds, would probably be thousands had I not resor...

Attempted SQL injection on my site. As others have noted, a HUGE number of hacking attempts from PA area, all are Burstnet. Attempts number in the hundreds, would probably be thousands had I not resor...

In the last month I have had HUNDREDS of attempted SQL injection hacks and other attacks all from Scranton, PA IP addresses, most from Burstnet. There must be a group of hackers targeting specific tec...

over 500 attempts and counting.... ** Union Select [GET:styletype] => -1/**/uNiOn/**/sELeCt/**/1,0x33633273366962,3,4,5,6,7,8/**/fRoM/**/jos_users-- ** Table name in url [GET:styletype] => -1 ...

Yet another character making attempts at SQL injection, the total is in the hundreds and all from Scranton PA. If you\'re posting here, consider notifying the hacker\'s ISP so maybe they\'ll take act...

I have logged over 500 hacking attempts from the Scranton PA server in the last two weeks and it is only getting worse. have informed them but no reply....

Attempted SQL injection on my site. As others have noted, a HUGE number of hacking attempts from PA area, all are Burstnet. Attempts number in the hundreds, would probably be thousands had I not resor...

I have logged over 500 hacking attempts from the Scranton PA server in the last two weeks and it is only getting worse. have informed them but no reply....

Attempted SQL injection on my site. As others have noted, a HUGE number of hacking attempts from PA area, all are Burstnet. Attempts number in the hundreds, would probably be thousands had I not resor...

Another attempted SQL injection on my site - a HUGE number of hacking attempts from PA area, all are Burstnet. It\'s so bad I had to block the entire IP range 173.212 from my site. If someone attempt...

Attempted SQL injection on my site. As others have noted, a HUGE number of hacking attempts from PA area, all are Burstnet. Attempts number in the hundreds, would probably be thousands had I not resor...

Attempted SQL injection on my site. As others have noted, a HUGE number of hacking attempts from PA area, all are Burstnet. Attempts number in the hundreds, would probably be thousands had I not resor...

Attempted SQL injection on my site. As others have noted, a HUGE number of hacking attempts from PA area, all are Burstnet. Attempts number in the hundreds, would probably be thousands had I not resor...

Attempted SQL injection on my site. As others have noted, a HUGE number of hacking attempts from PA area, all are Burstnet. Attempts number in the hundreds, would probably be thousands had I not resor...

Attempted SQL injection on my site. As others have noted, a HUGE number of hacking attempts from PA area, all are Burstnet. Attempts number in the hundreds, would probably be thousands had I not resor...

This hacker has been quite busy trying over the last couple of weeks to get into several sites in Belgium. Isn\'t there a way to stop these criminal activities?...

This m*fucker has now been attacking several sites over the last couple of weeks trying to steel user information. Isn\'t there any way that this looser can be located and punished?...

Someone needs to start a class action suit against hostnoc.net for their failure to stop these abusive hackers. It\'s almost as though Scranton, Pennsylvania is a haven for hackers from around the wor...

The entire 96.9.169.XXX address block is attempting SQL injection attacks on joomla sites. This has been going on for months. I finally just locked out the entire 255 sub addresses. /index.php?opti...

** Union Select [GET:id] => -1/**/uNiOn/**/sEleCt/**/0x33633273366962,2,3,4,5/**/fRoM/**/jos_users-- ** Union Select [REQUEST:id] => -1/**/uNiOn/**/sEleCt/**/0x33633273366962,2,3,4,5/**/fRoM/**/...

96.9.169.202, 96.9.169.198, 96.9.169.224, 96.9.169.250..... looks like a server farm is hacked.... My firewall is catching and blocking them before they get to the servers. More of an annoyance than a...

** Union Select [GET:id] => -1/**/uNiOn/**/ALL/**/sEleCt/**/1,0x33633273366962,3,4/**/fRoM/**/jos_users-- ** Union Select [REQUEST:id] => -1/**/uNiOn/**/ALL/**/sEleCt/**/1,0x33633273366962,3,4/*...

several attacks from this IP - Attention on 5 January 2012 there was an attempt to break my website - Type of attack: SQL-Injection ...

** Union Select [GET:id] => 1/**/aNd/**/1=2/**/uNiOn/**/sEleCt/**/0,1,2,3,4,5,6,7,8,9,10,11,12,0x33633273366962,14,15,16,17,18,19,20,21,22,23,24,25,26,27,28,29,30,31,32,33,34,35/**/fRoM/**/jos_user...

** Union Select [GET:id] => -2/**/uNiOn/**/sEleCt/**/0x33633273366962/**/from/**/jos_users-- ** Union Select [REQUEST:id] => -2/**/uNiOn/**/sEleCt/**/0x33633273366962/**/from/**/jos_users-- **P...

** Union Select [GET:packageId] => -156/**/uNiOn/**/sEleCt/**/1,2,3,0x33633273366962,5,6,7,8,9,10,11,12,13,14,15,16,17/**/from/**/jos_users-- ** Union Select [REQUEST:packageId] => -156/**/uNiOn...

** Union Select [GET:gbid] => -1/**/uNiOn/**/sEleCt/**/1,2,3,4,5,6,7,8,9,0x33633273366962,10,11,12,13,14,15,16,17,18,19/**/from/**/jos_users-- ** Union Select [REQUEST:gbid] => -1/**/uNiOn/**/sE...

** Union Select [GET:id] => -666/**/uNiOn/**/sEleCt/**/1,2,0x33633273366962,4,5,6,7,8,9,10,11,12/**/from/**/jos_users-- ** Union Select [REQUEST:id] => -666/**/uNiOn/**/sEleCt/**/1,2,0x336332733...

** Union Select [GET:biobookid] => -5/**/uNiOn/**/all/**/sELeCt/**/1,2,3,0x33633273366962/**/fRoM/**/jos_users-- ** Table name in url [GET:biobookid] => -5 -- 1,2,3,0x33633273366962 fRoM jos_use...

** Union Select [GET:catid] => null/**/uNiOn/**/sEleCt/**/0x33633273366962,2/**/from/**/jos_users-- ** Table name in url [GET:catid] => null -- 0x33633273366962,2 from jos_users-- ** Union Selec...

** Union Select [GET:category] => -666/**/uNiOn/**/sEleCt/**/6,0x33633273366962,6,6,5,6,6,6,6,6,6,6,6,6/**/from/**/jos_users-- ** Table name in url [GET:category] => -666 -- 6,0x33633273366962,6...

** Union Select [GET:aid] => -2/**/uNiOn/**/all/**/sEleCt/**/1,2,3,0x33633273366962,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23,24,25,26,27,28,29/**/from/**/jos_users-- ** Table name in url...

** Union Select [GET:id] => null/**/uNiOn/**/sEleCt/**/1,2,3,4,0x33633273366962,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23,24,25,26,27,28,29,30,31,32,33,34,35,36,37,38,39,40,41,42,43,44,45,4...

Repeated attempts to attack site ** Union Select [GET:group_id] => -666/**/uNiOn/**/all/**/sEleCt/**/1,0x33633273366962,3,4,5,6,7,8,9,10,11,12,13,14,15/**/from/**/jos_users-- ** Table name in url ...

** Union Select [GET:proyecto] => -666/**/uNiOn/**/sEleCt/**/1,2,3,0x33633273366962,5,6,7,8,9,10,11/**/from/**/mos_users-- ** Union Select [REQUEST:proyecto] => -666/**/uNiOn/**/sEleCt/**/1,2,3,...

Probably a script kiddy is performing SQL injection attacks from this IP address. This is becoming very annoying. Can this IP address be banned? There are more people complaining regarding this IP....

hack attempt on our joomla site from 96.9.169.224, 96.9.169.206 and 96.9.169.240. *REMOTE_ADDR : 96.9.169.224 *HTTP_USER_AGENT : Mozilla/5.2 (Windows; U; Windows NT 5.2; en-EN) Gecko/20080919 Firefo...

from this IP, they try SQL injection. I complain about this to hosting, and seems I will forbiden all Ips from Pa, or even USA. More IPs recorded as source of attack: 66.197.172.242 ...

This is one of IPs from Scranton that try inject my SQL for weeks!! Does any authority in USA works anything on this matters?? More IPs recored for SQL injection: 96.9.149.70 96.9.149.86 96.9.169.240...

** Union Select [GET:catid] => null/**/uNiOn/**/sEleCt/**/0x33633273366962,2/**/from/**/jos_users-- ** Union Select [REQUEST:catid] => null/**/uNiOn/**/sEleCt/**/0x33633273366962,2/**/from/**/jo...

Don\'t know why these people can\'t be stopped. Same Scranton, PA area, same host -- hostnoc.net. Beyond ridiculous. ** Union Select [GET:id] => -999/**/uNiOn/**/all/**/sEleCt/**/0,0x33633273366...

In the last month I have had HUNDREDS of attempted SQL injection hacks and simultaneous server DDOS attacks from Scranton, PA IP addresses. Is there some sort of harmonic convergence of hackers there ...

This adress attempted to hack my site.. 64.191.13.162, I curse the one behind it. May Iao give you suffering. May Iao throw you in the darkness and swallow your soul. May pain become you and sickne...

This guy is trying to hack into my website using a known injection attack 64.191.13.150 - - [02/Jan/2012:22:08:51 -0700] \"GET /index.php?option=com_ksadvertiser&task=showcats&pid=null%2...

I just to submit complaint regarding the attack of this 64.191.13.146 ip address. it so annoying that this particular ip address keep on attacking my website. ...

Various IP\'s from domain 64.192.13. * attempting SQL injection on site. 64.191.13.156 64.191.13.146 64.191.13.162 Can\'t believe there is only one complaint about this? Can\'t believe I have to write...

this was blocked by my kaspersky internet security successfuly i would like to notify any one else if u download a update from windows this ip is trying to inject a virus or what ever it is worm think...

Sends to my computer on a daily basis - MS02-039_SQL_SERVER_RESOLUTION_EXPLOIT ........ .... .... .... ..... ..... ..... ..... ..... .... .... .... .... .... .... .... ......

this ip address was trying to attack with the help of worm.helkern (a sql worm as reported by kaspersky). I dont know properly what this is, but it was blocked by kaspersky pure antivirus, saying that...

What\'s up with Scranton and hostnoc.net? These have been going on for a month or so now. They got in once. Found the offending code and got rid of them. Now they are trying again. Can\'t they be stop...

** Union Select [GET:aid] => -1/**/uNiOn/**/sELeCt/**/0x33633273366962,0x33633273366962,0x33633273366962,0x33633273366962,0x33633273366962,0x33633273366962,0x33633273366962,0x33633273366962,0x33633...

** Union Select [GET:sid] => -1/**/uNiOn/**/sELeCt/**/0x33633273366962,0x33633273366962,0x33633273366962,0x33633273366962,0x33633273366962,0x33633273366962/**/fRoM/**/jos_users-- ** Table name in u...

Always from the same location: Scranton, PA. Needs to stop! ** Union Select [GET:id] => -1/**/uNiOn/**/sELeCt/**/1,0x33633273366962,3,4,5,6,7,8/**/fRoM/**/jos_users-- ** Union Select [REQUEST:id]...

Getting tired of this crap. Always IPs from the same place, Scanton, PA. Can\'t somebody stop this?? ** Union Select [GET:cid] => -1/**/uNiOn/**/sELeCt/**/0x33633273366962,0x33633273366962/**/fRo...

2011.12.09 - 5:44:27 :-: 173.212.197.54 : mail.wizzsolutions.com : option=com_rsgallery&page=inline&catid=-1%2F%2A%2A%2Funion%2F%2A%2A%2Fselect%2F%2A%2A%2F1%2C2%2C3%2C4%2C0x33633273366962%2C6...

12:41:51 AM Block IN TCP 86.126.205.31 2331 86.127.74.46 1433 SYN Blocked by IP Blocklist IP Address: 86.126.205.31 IP Address Country: Romania (RO) IP Address Region: 32 Satu Mare IP Address City: ...

massive sql injections like below originating from this ip to random eu websites. same sqli like other reported here. thanks see sample sql injection below offer_view&id=369752%2F%2A%2A%2Funion%2...

this ip was running around 30 to 40 what appear to be injections to our site at benefitsandwork.co.uk joomla based site, listed requests on the server were (some) /forum?catid=)%20or%20(\'1\'=\'1-- /f...

Multiple attempts at trying to access myphp files- multiple attempts utilizing various addresses of myphp/Admin-2.1.0 and other variations of that. Multiple attempts at trying to access myphp files- m...

91.121.5.211 27/Dec/2011:06:32:56 +0100 403 : Interdit Mozilla/5.0 (Windows NT 6.1; WOW6 /staticfiles/phpThumb/phpThumb.php?src=file.jpg&fltr[]=blur|9%20-quality%20%2075%20-interlace%20line%20fail...

asshole from China with his useless SQL ijections go fuck yourself rice eater boy2:11:05 PM Block IN TCP 112.101.64.141 6000 86.127.74.46 1433 SYN Blocked by the Attack Detecton componentIP Address: 1...

12/24/2011 10:42:56 PM Block IN TCP 184.107.157.130 43129 86.127.74.46 1433 SYN Blocked by the Attack Detecton component 12/24/2011 10:42:53 PM Block IN TCP 184.107.157.130 43129 86.127.74.46 1433 SYN...

1:09:06 PM Block IN TCP 86.126.135.138 60913 86.127.74.46 1433 SYN Blocked by the Attack Detecton component 12:44:17 PM Block IN TCP 86.126.135.138 62323 86.127.74.46 1433 SYN Blocked by the Attack De...

This address try to connect to my lokal port 1434. with sql interface. Why must i type 25 words?? Why must i type 25 words?? Why must i type 25 words?? ...

The following IP address have been attacking my site continuously for days: 66.197.227.185; 173.212.197.234; 184.82.79.120; I hope something can be done about it and very soon ...

Received hundreds of sql injection attacks from that IP They have been attacking all on my sites on an ongoing way from that IP address...

I have warning mail flooding my inbox with this idiot attempting to hack my site, would someone kindly advise as to the correct method of dealing with this continuous issue. IP keeps changing, but alw...

** Union Select [GET:catid] => 51/**/uNiOn/**/all/**/sELeCt/**/1,2,0x33633273366962,4,0x33633273366962,6,0x33633273366962/**/from/**/jos_users-- ** Table name in url [GET:catid] => 51 -- 1,2,0x3...

hackers here ** Union Select [GET:season] => -1/**/uNiOn/**/sELeCt/**/0x33633273366962,0x33633273366962,0x33633273366962,0x33633273366962,0x33633273366962,0x33633273366962,0x33633273366962,0x3363...

Hackers here: ** Union Select [GET:season] => -1/**/uNiOn/**/sELeCt/**/0x33633273366962,0x33633273366962,0x33633273366962,0x33633273366962,0x33633273366962,0x33633273366962,0x33633273366962,0x3363...

site slow from hacking attempts ** Union Select [GET:software_id] => -1/**/uNiOn/**/sELeCt/**/0x33633273366962/**/from/**/jos_users-- ** Table name in url [GET:software_id] => -1 -- 0x33633273...

this IP is slowing my server with too many sql injection attempts ** Union Select [GET:location_id] => -1/**/uNiOn/**/sELeCt/**/0x33633273366962,0x33633273366962,0x33633273366962,0x33633273366962...

This IP is attacking my sites so much it is slowing it down ** Union Select [GET:leagueID] => -1/**/uNiOn/**/sELeCt/**/0x33633273366962,0x33633273366962,0x33633273366962,0x33633273366962,0x3363327...

this hacker is slowing my server down... ** Union Select [GET:con] => -1/**/uNiOn/**/sELeCt/**/0x33633273366962,0x33633273366962,0x33633273366962,0x33633273366962,0x33633273366962,0x3363327336696...

This is getting annoying... ** Union Select [GET:id] => -1/**/uNiOn/**/sELeCt/**/0x33633273366962,0x33633273366962,0x33633273366962,0x33633273366962/**/from/**/jos_users-- ** Table name in url [G...

SQL Injection attempts - over 400 times!! ** Union Select [GET:location_id] => -1/**/uNiOn/**/sELeCt/**/0x33633273366962,0x33633273366962,0x33633273366962,0x33633273366962,0x33633273366962/**/fro...

This Ip is showing up a lot in my logs and with over 400 sql injection attempts in two days, it is slowing my server. ** Union Select [GET:location_id] => -1/**/uNiOn/**/sELeCt/**/0x336332733669...

This one from China spiked my server load up to 31 by simultaneously attempting to exploit something in my Joomla sites. I am so sick of these attacks from China I\'m nearly ready to block anything fr...

My server has been hit repeatedly by this and several other IP\'s all emanating out of Scranton, Pennsylvania. The others were from hostnoc.net but this one is a new one. I am starting to block whole ...

this IP really annoying.. it keeps hacking and hacking my website with sql injection!!! -null/**/UnioN/**/SelECt/**/1,0x33633273366962/**/from/**/jos_users-- to: -null/**//**/SelECt/**/1,0x336332733...

Block the IPs with .htaccess # Deny IPs Joomla SQL Injection Order Allow,Deny allow from all deny from 173.212.197.142 deny from 173.212.227.48 deny from 173.212.197.48 deny from 173.212.254.50 de...

Been attacked with sql injection for 10 days now. My site is www.pet-book.com and the attackes is changing IP,s PLEASE help me to stop him....

Been attacked with sql injection for 10 days now. My site is www.pet-book.com and the attackes is changing IP,s PLEASE help me to stop him....

Been attacked with sql injection for 10 days now. My site is www.pet-book.com and the attackes is changing IP,s PLEASE help me to stop him....

We operate www.makemoneywithaccuauto.com. Today at 2:32pm received the following sql injected from 184.82.79.120. Please investigate this issue on our behalf. Thank you. USING KEY: option=com_jsjo...

This site is trying to use SQL injection to attack joomla websites, please close the IP down ASAP, they are hackers and need to be closed down...

Please close this IP down, ASAP they are hackers and need to closed down, why are they still up with so many complaints showing below...

JSecure mailed me: Currently Some User has try to access the administrator from following IP:66.197.227.185 USING KEY: option=com_jsjobs&task=edit&cid[]=-69%2F%2A%21uNiOn%2F%2A%2A%2FsElEcT%2F...

Had an attempt from this IP to use SQL injection to access my site. User at this IP address was apparently attempting to probe for information...

Had an attempt from this IP to use SQL injection to access my site. User at this IP address was apparently attempting to probe for information...

Had an attempt from this IP to use SQL injection to access my site. User at this IP address was apparently attempting to probe for information *REMOTE_ADDR : 69.162.119.162 ...

There were multiple attempts today logged with this notation in the log of two different Joomla sites of ours This is what was shown in the log: option=com_jsjobs&task=edit&cid[]=-69%2F%2A%2...

HACKERS FROM THIS AREA TRYING TO HACK MY PC WITHOUT SUCCESSIP Address: 86.126.111.218 IP Address Country: Romania (RO) IP Address Region: 39 Valcea IP Address City: Valcea IP Postal Code IP Address ...

trying to load not existing components from joomla backend. for example: index.php?option=com_crowdsource&view=design&cid=-3%2F%2A%2A%2FuNIOn%2F%2A%2A%2FsELECt%2F%2A%2A%2F1%2C2%2C3%2C4%2C5%2C...

** Union Select [GET:id] => -14/**/UnioN/**/SelECt/**/1,2,0x32,4/**/from/**/jos_users-- ** Table name in url [GET:id] => -14 -- 1,2,0x33,4 from jos_users-- ** Union Select [REQUEST:id] => -14...

Can\'t this be stopped? There should be a way to kill this ip. I shouldn\'t have to travel to china to do it myself. 12/11/2011 12:05:29 AM Detected: Intrusion.Win.MSSQL.worm.Helkern Absent UDP from...

My firewall just detected some fucktard from this IP trying to inject a SQL Worm this morning. Yesterday another IP from China tried to do the same thing....

got several tries with several ip\'s from hostnoc.net clients hacking with changed pattern for modules: com_sg com_garyscookbook com_jokes com_directory com_omnirealestate com_xfaq com_rapidrecipe co...

Jerry Dubois (jdubois@smusemulm.com) at this ip address tells me I\'ve been hacked then leaves a link for me to go to. No way willI click on that link. What\'s scary is he knows my name!...

** Union Select [GET:cat] => -1923/**/uNiOn/**/sElEcT/**/1,0x33633273366962,3,4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23,24,25,26,27,28,29,30,31,32,33,34,35,36,37/**/from/**/jos_users-- ...

nion Select [REQUEST:catid] => -1/**/uNiOn/**/sElEcT/**/0x33633273366962/**/from/**/jos_users-- ** Table name in url [REQUEST:catid] => -1 -- 0x33633273366962 from jos_users-- **PAGE / SERVER I...

** Union Select [GET:articleid] => -1/**/uNiOn/**/sElEcT/**/1,0x33633273366962,3,4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23,24,25,26,27,28,29,30,31/**/from/**/jos_users-- ** Table name i...

** Union Select [GET:catid] => 1/**/uNiOn/**/sElEcT/**/1,2,0x33633273366962,4,5,6,7,8,9,10,11/**/from/**/jos_users-- ** Table name in url [GET:catid] => 1 -- 1,2,0x33633273366962,4,5,6,7,8,9,10,...

** Union Select [GET:catid] => 1/**/uNiOn/**/sElEcT/**/1,2,0x33633273366962,4,5,6,7,8,9,10,11/**/from/**/jos_users-- ** Table name in url [GET:catid] => 1 -- 1,2,0x33633273366962,4,5,6,7,8,9,10,...

** Union Select [GET:testo] => -a%\\\'/**/UNION/**/SELECT/**/1,2,0x33633273366962,4,5,6,7,8,9/**/from/**/jos_users-- ** Table name in url [GET:testo] => -a%\\\' -- 1,2,0x33633273366962,4,5,6,7,8...

** Union Select [GET:catid] => null/**/union/**/select/**/1,2,3,4,5,0x33633273366962,7,8,9,10/**/from/**/jos_users-- ** Table name in url [GET:catid] => null -- 1,2,3,4,5,0x33633273366962,7,8,9,...

** Union Select [GET:testo] => -a%\\\'/**/UNION/**/SELECT/**/1,2,0x33633273366962,4,5,6,7,8,9/**/from/**/jos_users-- ** Table name in url [GET:testo] => -a%\\\' -- 1,2,0x33633273366962,4,5,6,7,8...

Hello, Attention on 8 December 2011 there was an attempt to break your website. jFireWall successfully blocked the hackers attack. Attack parameters: Type of attack: SQL-Injection Scanner IP adress:...

I have a joomla site atacked by this host, I alread Blocked, shame on that person! I dont understand how this stupid person lost time in that action, he must be prosecuded at full extension of law! *...

8:43:20 PM Block IN TCP 86.126.113.40 2823 86.127.74.46 1433 SYN Blocked by the Attack Detecton component IP Address: 86.126.113.40 IP Address Country: Romania (RO) IP Address Region: 39 Valcea IP Ad...

Intrusion.Win.MSSQL.worm.Helkern used muliply times many times a day. Intrusion.Win.MSSQL.worm.Helkern used muliply times many times a day. Intrusion.Win.MSSQL.worm.Helkern used muliply times many tim...

** Union Select [GET:c] => -1/**/union/**/select/**/1,0x33633273366962,3,4,5/**/from/**/jos_users-- ** Table name in url [GET:c] => -1 -- 1,0x33633273366962,3,4,5 from jos_users-- ** Union Selec...

** Union Select [GET:id] => -1/**/union/**/select/**/0,0,0x33633273366962,0,0,0,0,0,0,0,0,0,0/**/from/**/jos_users-- ** Table name in url [GET:id] => -1 -- 0,0,0x33633273366962,0,0,0,0,0,0,0,0,0...

Multiple attacks all refering to: MS-SQL Worm propagation attempt 124.239.195.131 12/09/11 12:46:07 Seems that this is happening to more people than just me, so far my Firewall is keeping up...

Receiving all the last days from thisip, hostnoc and similar many attacks to my joomla website... About 10 atacks every hour... Hope to stop sometime.. Thanks to Marco\'s interceptor warning for jo...

In this post mention the hostname \"cybersyn.tuonda.es\", the domain \"tuonda.es\" is mine. \"cybersyn.tuonda.es\" is a old VPS that we have for backup in Burst.net, no...

Attempting to access mysql and database on a website that isn\'t even utilizing either-this went on for over 20 min. ip search also indicates this ip is connected to a spammer. These folks need to get...

Multiples ataques de inyección SQL a partir de direcciónes de un servidor ubicada en Estados Unidos creo que están intentando hackear las páginas ...

Multiple SQL injection attacks from three IP blocks. 66.197.128.0 / 17 173.212.192.0 / 24 96.9.128.0 / 18 All have abuse@hostnoc.net as the abuse email, they wont do a thing. Start on 12/6/11...

My joomla site has been tried to hack from this IP. The same internet provider tried on several attacks to hack into my site... I have successfully prevented it for the time being....

Switching around IP\'s but all lead back to Scranton, PA and hostnoc and burstnet. Have reported them to the host but they haven\'t bothered to answer. ** Union Select [GET:pageid] => -9999999/**...

Contacted abuse department and no response. This is ridiculous! This ip range and a couple of others all tied to hostnoc and burstnet are wreaking havoc with these attempts. ** Union Select [GET:ca...

Repeated attempts at SQL injection from this IP range as well as others. All lead back to Scranton, PA and hotnoc.net. ** Union Select [GET:id] => -1/**/union/**/select/**/0,0x33633273366962,0,0,...

From this IP range as well as another, all out of Scranton, PA. ** Union Select [GET:id] => -99999/**/union/**/select/**/0,1,0x33633273366962,0,0,0,0,0,0,0,0,0,0,0x33633273366962/**/from/**/mos_u...

Repeated attempts of SQL Injection on Joomla site. Numerous IP\'s used. This is just one... ** Union Select [GET:job_id] => -9999/**/union/**/all/**/select/**/0x33633273366962,2,3,4,5,6,7,8,9,0,1...

Multiple Hack attempts from this and similar IPs all originating from Burst Net on several sites I maintain. At least 4 sites are under constant attack every half hour at 15 minutes after and 45 minu...

Mi dominio esta siendo atacada reiteradamente desde hace dos dias ydurante todas las horas del día por una serie de IP que Yo he identificado Desde las siguientes direcciiones de IP173.21...

my domain is being attacked from this IP (and others). Most are of the same hosting provider. \"Marco\'s interceptor warning\" of Joomla Please stop this. The \"IP\" source: 6...

This IP and many others from the same hosting provider (Burst.net) did a lot of SQL injection these last days on my joomla sites. Time looser....

** Union Select [GET:id] => -999999/**/union/**/select/**/0,0,0x33633273366962,1,2,3,0,0,0,0,0,1,1,1,1,1,1,4,5,6,0x33633273366962/**/from/**/jos_users-- ** Table name in url [GET:id] => -999999 ...

attempts out of Scranton, PA. Please investigate! Getting tired of this! Can someone please investigate? Has happened from all the IP\'s listed below in the last 24 hours. IPs included: 96.9.173.40...

attempts out of Scranton, PA. Please investigate! Getting tired of this! Can someone please investigate? Has happened from all the IP\'s listed below in the last 24 hours. IPs included: 96.9.173.40...

Tons of attempts out of Scranton, PA. Please investigate! Getting tired of this! Can someone please investigate? Has happened from all the IP\'s listed below in the last 24 hours. IPs included: 96....

Very nasty attempts out of Scranton, PA. Please investigate! Getting tired of this! Can someone please investigate? Has happened from all the IP\'s listed below in the last 24 hours. IPs included: ...

Very nasty attempts out of Scranton, PA. Please investigate! Getting tired of this! Can someone please investigate? Has happened from all the IP\'s listed below in the last 24 hours. IPs included: ...

Very nasty attempts out of Scranton, PA. Please investigate! Getting tired of this! Can someone please investigate? Has happened from all the IP\'s listed below in the last 24 hours. IPs included: ...

Very nasty attempts out of Scranton, PA. Please investigate! Getting tired of this! Can someone please investigate? Has happened from all the IP\'s listed below in the last 24 hours. IPs included: ...

Very nasty attempts out of Scranton, PA. Please investigate! Getting tired of this! Can someone please investigate? Has happened from all the IP\'s listed below in the last 24 hours. IPs included: ...

Very nasty attempts out of Scranton, PA. Please investigate! Getting tired of this! Can someone please investigate? Has happened from all the IP\'s listed below in the last 24 hours. IPs included: ...

There are several SQL Injections IP \'s and all come from the place of \"Scranton Pennsylvania United States\". They scan joomla components in my page....

** Union Select [GET:extid] => 0\'/**/union/**/select/**/0,0x33633273366962,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0/**/from/**/jos_users/**/order/**/by/**/\'b ** Union Select [REQUEST:extid] ...

** Union Select [GET:cat_id] => -9999999/**/union/**/select/**/0,1,2,0x33633273366962,0x33633273366962,0,0,0,0,0,0,0,0,0,0,0,1,1,1,1,2,2,2/**/from/**/jos_users-- ** Union Select [REQUEST:cat_id] =&...

he try hack my site but now have the redirect from other site that is fuckyou.com ** Union Select [GET:id] => -9999999/**/union/**/select/**/0,1,2,3,4,5,6,7,8,0x33633273366962/**/from/**/jos_users...

** Union Select [GET:id] => -1/**/union/**/select/**/0,1,2,0x33633273366962,0x33633273366962,5,6/**/from/**/jos_users-- ** Table name in url [GET:id] => -1 -- 0,1,2,0x33633273366962,0x3363327336...

** Union Select [GET:id] => -99999/**/union/**/select/**/0,0,0x33633273366962,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0x33633273366962/**/from/**/mos_users-- ** Union Select [REQUEST:id] => -99999/**/...

** Union Select [GET:catid] => -1/**/union/**/select/**/1,2,3,4,0x33633273366962,6,7,8,9,10,11/**/from/**/jos_users-- ** Table name in url [GET:catid] => -1 -- 1,2,3,4,0x33633273366962,6,7,8,9,1...

option=com_fantasytournament&Itemid=&func=managersByManager&managerID=-63%2F%2A%2A%2Funion%2F%2A%2A%2Fselect%2F%2A%2A%2F0x33633273366962%2C2%2C3%2F%2A%2A%2Ffrom%2F%2A%2A%2Fjos_users-- inu...

Similar tactics of the 173.212 folks new ip\'s same hosting company-who is pretty much worthless! Also trying SQL injections- hosting company hostnoc and burstnet both same company...

option=com_datsogallery&func=detail&id=%27%2F%2A%2A%2Funion%2F%2A%2A%2Fselect%2F%2A%2A%2F1%2C2%2C3%2C4%2C0x33633273366962%2C6%2C7%2C8%2C9%2C0%2C1%2C2%2C3%2C4%2C5%2F%2A%2A%2Ffrom%2F%2A%2A%2Fjos...

We have received several recent attempts from same ISP http://www. .com/tl/index2.php?option=com_prayercenter&task=view_request&id=-1/**/union/**/select/**/0,0,0x33633273366962,0,0,0,...

** Union Select [GET:id] => -1/**/union/**/select/**/0,0x33633273366962,0,0,0,0,0/**/from/**/jos_users-- ** Table name in url [GET:id] => -1 -- 0,0x33633273366962,0,0,0,0,0 from jos_users-- ** U...

** Union Select [GET:iid] => -3333/**/union/**/select/**/0,1,2,3,0x33633273366962/**/from/**/jos_users-- ** Table name in url [GET:iid] => -3333 -- 0,1,2,3,0x33633273366962 from jos_users-- ** U...

Repeated attacks from multiple IPs from this ISP. SQL injection attempts. ** Union Select [GET:listid] => 9999999/**/union/**/select/**/0,0x33633273366962/**/from/**/mos_users-- ** Union Select [RE...

Have been receiving continual SQL Injection attacks from IP\'s associated with Burst.net hosting company for the last several days. We have reported to their abuse department but have received no repl...

from this ip, and 96.9.173.48 and some more. I Get errors like this from my site. /index.php?option=com_listoffreeads&AdId=-1%2F%2A%2A%2Funion%2F%2A%2A%2Fselect%2F%2A%2A%2F0%2C0x33633273366962%2...

I wish to formally lay a complaint of repeated SQL injection attacks against our business website. IP addresses responsible for the attacks on the various days, occurring during the month of December ...

This guy has been attacking my site for days. The IP always starts with 173.212. These attacks seem well organized, perhaps we can get the ISP to shut the ass down...

** Union Select [GET:PostID] => -9999\\\'/**/union/**/select/**/1,0x33633273366962,3,4,5,6,7/**/from/**/jos_users-- ** Union Select [REQUEST:PostID] => -9999\\\'/**/union/**/select/**/1,0x336332...

I am currently getting attacks from this ip trying to hack our site. ** Union Select [GET:sP] => -1/**/union/**/select/**/1,2,0x33633273366962,4,5,6,7,8,9,10,11,12,13,14,15,16,17/**/from/**/mos_use...

here is the dump of the attempted attack: ** Union Select [GET:id] => -9999999/**/union/**/select/**/0,0,0,1,2,3,0,0,0,0,0,1,1,1,1,1,1,1,1,1,0,0,0x33633273366962/**/from/**/jos_users-- ** Union Se...

Attempting many SQL-Injection Attack to my Website. I had more than 30 attempts during the last 48 hours from this and closely related adresses. ** Union Select [GET:tid] => 1/**/union/**/select/**...

IP Addresses included: 173.212.197.42 173.212.195.136 173.212.195.174 173.212.197.48 173.212.254.6 173.212.195.150 173.212.213.36 173.212.254.44 173.212.195.182 173.212.254.10 173.212.254.12 173.212...

** Union Select [GET:c] => -1/**/union/**/select/**/1,0x33633273366962,3,4,5/**/from/**/jos_users-- ** Union Select [REQUEST:c] => -1/**/union/**/select/**/1,0x33633273366962,3,4,5/**/from/**/jo...

** Union Select [GET:id] => -1/**/union/**/select/**/1,0x33633273366962,3/**/from/**/jos_users-- ** Union Select [REQUEST:id] => -1/**/union/**/select/**/1,0x33633273366962,3/**/from/**/jos_user...

** Union Select [GET:catid] => -2/**/union/**/select/**/0x33633273366962,0x33633273366962,0x33633273366962/**/from/**/jos_users-- ** Union Select [REQUEST:catid] => -2/**/union/**/select/**/0x33...

** Union Select [GET:catid] => -1/**/union/**/select/**/0x33633273366962,2,3/**/from/**/jos_users-- ** Union Select [REQUEST:catid] => -1/**/union/**/select/**/0x33633273366962,2,3/**/from/**/jo...

** Union Select [GET:did] => 9999999999999/**/union/**/select/**/0,0,0x33633273366962,4,5,6,7,8,9,0,0,4,5,0,7,0,9,0,0,0,0,0,0,0/**/from/**/jos_users-- ** Union Select [REQUEST:did] => 9999999999...

** Union Select [GET:idFiliale] => -5/**/union/**/select/**/1,0x33633273366962,3,4,0x33633273366962,6,7,8,9,10,11/**/from/**/jos_users-- ** Union Select [REQUEST:idFiliale] => -5/**/union/**/sel...

Many attacks in the last 24 hours, all from Pennsylvania and this and close to this IP address. Have logs to prove. ** Union Select [GET:aid] => -9988/**/union/**/select/**/0x33633273366962,0,0x3...

Have had over 20 attempts in the last 24 hours from this and other closely related IP addresses. I have the logs to prove it as well. Very much misbehaving. ** Union Select [GET:surano] => -1/**...

These bloody idiots are trying to hack my sites continually!!! ** Union Select [GET:fid] => -1/**/union/**/select/**/0x33633273366962/**/from/**/jos_users-- ** Union Select [REQUEST:fid] => -1/...

*REMOTE_ADDR : 66.197.227.184 *HTTP_USER_AGENT : Mozilla/5.2 (Windows; U; Windows NT 5.2; en-EN) Gecko/20080919 Firefox/3.5.6 *REQUEST_METHOD : GET *QUERY_STRING : option=com_ownbiblio&view=cat...

** Union Select [GET:sid] => -1/**/union/**/select/**/0x33633273366962,1,2,0x33633273366962,4,5,6,7,8,0x33633273366962,0x33633273366962,11/**/from/**/jos_users-- ** Table name in url [GET:sid] =&gt...

** Union Select [GET:categoryId] => -1/**/union/**/select/**/1,2,3,0x33633273366962,5,6,7,8,9,10,11,12/**/from/**/mos_users-- ** Union Select [REQUEST:categoryId] => -1/**/union/**/select/**/1,2...

** Union Select [GET:id] => 369752/**/union/**/select/**/1,0x33633273366962,3,4,5,6,7,8,9,1,1,2,3,4,5,6,7,8,9,0,1,2,3,4,5/**/from/**/jos_users-- ** Table name in url [GET:id] => 369752 -- 1,0x33...

I\'ve been receiving repeated attacks from a list of IP\'s (all related to same ISP) - blocked them and now am getting attacks from this IP. Located in the same town apparently!...

** Union Select [GET:user_id] => -9999999/**/union/**/select/**/0x33633273366962/**/from/**/jos_users-- ** Union Select [REQUEST:user_id] => -9999999/**/union/**/select/**/0x33633273366962/**/fr...

*REMOTE_ADDR : 173.212.195.136 *HTTP_USER_AGENT : Mozilla/5.2 (Windows; U; Windows NT 5.2; en-EN) Gecko/20080919 Firefox/3.5.6 *REQUEST_METHOD : GET *QUERY_STRING : option=com_volunteer&task=j...

i have forwarded their host many of the attacks. I hope they take action soon. IP Address : 173.212.197.10 IP Address : 173.212.254.10 IP Address : 173.212.195.150 IP Address : 173.212.197.42 IP Addre...

I am reporting about multiple attacks which were stopped by my KIS 2011. It was intrusion.win.mssql.worm.helkern. KIS says that it was from 61.178.59.219 thats really annoying...

Another list of the hackers IPs. 173.212.213.38 173.212.213.36 173.212.213.30 173.212.213.20 173.212.195.182 173.212.254.44 173.212.254.6 173.212.195.142 173.212.197.48 173.212.195.136 173....

I have already reported the attacks to the their ISP abuse, if you are experiencing attacks from the same IP addresses below, please email: abuse@hostnoc.net and nic@hostnot.net to report it. These a...

I have already reported the attacks to the their ISP abuse, if you are experiencing attacks from the same IP addresses below, please email: abuse@hostnoc.net and nic@hostnot.net to report it. These a...

I have already reported the attacks to the their ISP abuse, if you are experiencing attacks from the same IP addresses below, please email: abuse@hostnoc.net and nic@hostnot.net to report it. These a...

I have already reported the attacks to the their ISP abuse, if you are experiencing attacks from the same IP addresses below, please email: abuse@hostnoc.net and nic@hostnot.net to report it. These a...

I have already reported the attacks to the their ISP abuse, if you are experiencing attacks from the same IP addresses below, please email: abuse@hostnoc.net and nic@hostnot.net to report it. These a...

I have already reported the attacks to the their ISP abuse, if you are experiencing attacks from the same IP addresses below, please email: abuse@hostnoc.net and nic@hostnot.net to report it. These a...

I have already reported the attacks to the their ISP abuse, if you are experiencing attacks from the same IP addresses below, please email: abuse@hostnoc.net and nic@hostnot.net to report it. These a...

I have already reported the attacks to the their ISP abuse, if you are experiencing attacks from the same IP addresses below, please email: abuse@hostnoc.net and nic@hostnot.net to report it. These a...

I have already reported the attacks to the their ISP abuse, if you are experiencing attacks from the same IP addresses below, please email: abuse@hostnoc.net and nic@hostnot.net to report it. These a...

I have already reported the attacks to the their ISP abuse, if you are experiencing attacks from the same IP addresses below, please email: abuse@hostnoc.net and nic@hostnot.net to report it. These a...

I have already reported the attacks to the their ISP abuse, if you are experiencing attacks from the same IP addresses below, please email: abuse@hostnoc.net and nic@hostnot.net to report it. These a...

I have already reported the attacks to the their ISP abuse, if you are experiencing attacks from the same IP addresses below, please email: abuse@hostnoc.net and nic@hostnot.net to report it. These a...

** Union Select [GET:tagid] => -1)/**/union/**/select/**/1,2,3,4,5,6,7,8,9,10,0x33633273366962,12,13,14,15,16,17,18/**/from/**/jos_users-- ** Union Select [REQUEST:tagid] => -1)/**/union/**/sele...

I have already reported the attacks to the their ISP abuse, if you are experiencing attacks from the same IP addresses below, please email: abuse@hostnoc.net and nic@hostnot.net to report it. These a...

I have already reported the attacks to the their ISP abuse, if you are experiencing attacks from the same IP addresses below, please email: abuse@hostnoc.net and nic@hostnot.net to report it. These a...

I have already reported the attacks to the their ISP abuse, if you are experiencing attacks from the same IP addresses below, please email: abuse@hostnoc.net and nic@hostnot.net to report it. These a...

I have already reported the attacks to the their ISP abuse, if you are experiencing attacks from the same IP addresses below, please email: abuse@hostnoc.net and nic@hostnot.net to report it. These a...

Multiple attacks from IP range 173.21.* looking for vulnerability in various joomla 3rd party components ** Union Select [GET:motor] => -1/**/union/**/select/**/1,2,0x33633273366962,4,5,6,7,8,9,10...

Same like bellow. I think they dont have anything better to do, just to try. Hopefully it will stop :) Attack parameters: Type of attack: SQL-Injection Scanner IP adress: 173.212.213.30 ...

Looks like automated scans for known vulnerabilities in 3rd party joomla components. 20 attempted attacks in the last 24 hours against one of our domians. Got the whole adress range blocked now in our...

** Union Select [GET:id] => -999999/**/union/**/select/**/0,0,0x33633273366962,1,2,3,0,0,0,0,0,1,1,1,1,1,1,4,5,6,0x33633273366962/**/from/**/jos_users-- ** Table name in url [GET:id] => -999999 ...

** Union Select [GET:id] => 7/**/union/**/all/**/select/**/0x33633273366962,2,3,4,5,6/**/from/**/jos_users-- ** Table name in url [GET:id] => 7 -- 0x33633273366962,2,3,4,5,6 from jos_users-- ** ...

This ip has attempted multiple sql injections over the past 2 days. Here is a dump of the effort: ** Union Select [GET:category_id] => -1\\\'/**/union/**/select/**/1,2,3,4,0x33633273366962,5,044,07...

I\'m a student who runs this website - eslib.ischool.syr.edu - and have been getting HAMMERED all day by IPs in this range. I keep adding them to my cPanel IP Deny but the attacks keep coming....

This range of sites from 173.212.195 have been attacking my joomla site all day, all of the are now in my blacklist. Other ranges include 173.212.197 173.212.254 ...

** Union Select [GET:catid] => -999/**/union/**/select/**/2,2,3,0x33633273366962,5/**/from/**/mos_users-- ** Union Select [REQUEST:catid] => -999/**/union/**/select/**/2,2,3,0x33633273366962,5/*...

** Union Select [GET:listid] => 9999999/**/union/**/select/**/0,0x33633273366962/**/from/**/mos_users-- ** Union Select [REQUEST:listid] => 9999999/**/union/**/select/**/0,0x33633273366962/**/fr...

** Union Select [GET:id] => -1/**/union/**/select/**/0,0x33633273366962,0,0,0,0,0/**/from/**/jos_users-- ** Union Select [REQUEST:id] => -1/**/union/**/select/**/0,0x33633273366962,0,0,0,0,0/**/...

De last day about 20 reports from de website steengoedbeheer.com of witch I am webmaster. Attention on 7 December 2011 there was an attempt to break your website. jFireWall successfully blocked the h...

This IP and its range keeps trying to SQL Inject and port scan for 3 days now. Needs to be investigated as soon as possible....

8:25:07 PM Block IN TCP 82.137.8.95 18752 86.127.74.46 1433 SYN Blocked by the Attack Detecton component IP Address: 82.137.8.95 IP Address Country: Romania (RO) IP Address Region: 36 Timis IP Addre...

4 SQl Injection attempts from this IP and 6 more from two others: 172.212.213.20 and 173.212.213.30... all happened within twenty four hrs of each other....

Repeated SQL Injection Attempts over a 24 hr period 12/6-12/7. At least 2 attempts from this IP and another 8 from 173.212.213.20 and 173.212.213.38....

Repeated SQL Injection Attempts over a 24 hr period 12/6-12/7. At least 4 attempts from this IP and another 6 from 173.212.213.30 and 173.212.213.38....

Not sure what category to submit this in, however, this attack alerted by Kaspersky Labs is being given daily, repeated times a day. Thank you for investigating this attack. It is detected to be comin...

Hi, we\'re Unlead the hosting provider of protecsrl.it website. Few minutes ago the webmaster of webdesignatz.com has putted his link on the top menu of our client, fortnually our servers are protecte...

IP Address: 86.127.149.11 IP Address Country: Romania (RO) IP Address Region: 38 Vaslui IP Address City: Vaslui IP Postal Code IP Address Area Code 0 IP Metro Code 0 IP Address Latitude: 46.63330078...

219.148.155.62 - - [01/Dec/2011:19:42:14 +0100] \"GET //phpmyadmin/ HTTP/1.1\" 200 9708 \"-\" \"Made by ZmEu @ WhiteHat Team - www.whitehat.ro\" 219.148.155.62 - - [01/De...

This IP is bad, try to make SGL Injection to my opera. detected by my antivirus Program. I shall revenge this.....or swear that the person who do this, go to hell...

I\'ve been witnessing many SQL injections as well as, in-addr.arpa or ARP attacks, (man in the middle), this is only one of many address\'s fully identified doing this....

He tried to intrude.......but firewall blocked... I\'m Kaspersky 2012 Internet Security user.... \"Detected: Intrusion.Win.MSSQL.worm.Helkern UDP from 219.148.1.91 to local port 1434\" Is th...

Another douchebag hacker from some part of the world that no one cares about is trying to hack webpages. WordPress Firewall has detected and blocked a potential attack! Warning: URL may contain dange...

Another douchebag hacker from some part of the world that no one cares about is trying to hack webpages. WordPress Firewall has detected and blocked a potential attack! Warning: URL may contain dange...

WordPress Firewall has detected and blocked a potential attack! Warning: URL may contain dangerous content! Offending IP: 89.229.59.245 [ Get IP location ] There seems to be a lot of these going aro...

WordPress Firewall has detected and blocked a potential attack! Warning: URL may contain dangerous content! Offending IP: 109.157.85.220 [ Get IP location ] Got that message today about 50 times. H...

Got this today.in my email - have a few others as well. Warning: URL may contain dangerous content! Offending IP: 108.88.132.214 This may be a \"WordPress-Specific SQL Injection Attack ...

SLAMMER WORM ATTACK ON PORT 1433 FROM THIS ASSHOLE FROM VASLUI IP Address: 86.127.131.32 IP Address Country: Romania (RO) IP Address Region: 38 Vaslui IP Address City: Vaslui IP Postal Code IP Addre...

Here is a sample : GET /showthread.php?t=97163+AND+1=2-- HTTP/1.1 Accept-Encoding: identity Host: forums.namcobandaigames.eu Connection: close User-Agent: Python-urllib/2.5 We have received this atta...

The IP address is trying to inject malicious SQL code in the web site www.igepn.edu.ec since November 17th, 2011 on a continuos basis. ...

I have complained to the ISP twice before and it has not seemed to do anything further - will be reporting them to the police....

My system is been attacked by one Chinese ip UDP from 219.148.1.91 to local port 1434 ,several times on 14-11-2011 , My Kaspersky Internet Security 2012 denied the intrusion ,Which is network attack b...

Ja ja nein ja ja ja ja ja ja aj ja. Ajajaj aj keo smi dnri sksoen djdks oh ma mein dein unser ...

Trying to hack webpage that uses wordpress. Maybe some new security hole in wordpress. TimThumb Remote Code Execution Vulnerability Exploit attempt. He had many attempts so far. ...

Signature Name: MSSQL Resolution Service Stack Overflow Attacker: 70.85.140.250:2619 ==> Victim xxx.xxx.xxx.xxx:1434 Signature ID: 4703 Sub-Signature ID: 0 Please consult the Cisco Security ...

This IP address is trying to access my SQL Server constantly. I never allow it, nevertheless it keep connecting to my SQL. This is really annoying....

This IP tried to enter files on servers like \"/wp-login.php\" .. my SQL gave an error had to repair .. BANED IP ip has tryed 3 times in last hour ...

I´ve received two intrusions attempts (at 08h01min and at 20h15min) from IP 212.104.84.94. My antivirus has blocked the attack and have indentified as \"Intrusion.Win.MSSQL.worm.Helk...

this ip adres try to hack our SQL Server in the Netherlands without our permissions and he try to do that this day (10/29/2011) about 10:00 until now...

This IP has visited my site for a few months now. 32 Visits to my site in United States, electrical firm. This IP is hacking and probing ports on my server and attempting to hack. This IP is posting o...

Keep on getting SEP reports of attempted attacks from this IP address. Not sure what else to write, strange requirement. More words to make the min 25....

10/27/2011 13:24:59.592 Alert Intrusion Prevention IPS Prevention Alert: VIRUS SQL Slammer Activity, SID: 1870, Priority: Medium 70.85.140.250, 2619, X1, fa.8c.5546.static.theplanet.com xxx.xx.x.xx, 1...

188.143.232.204 we found intrusion attempts each hour in apache logs They use fake email to post in our formulaire in other page We suggeste block all request from this IP ...

ert Intrusion Prevention IPS Prevention Alert: VIRUS SQL Slammer Activity, SID: 1870, Priority: Medium 219.148.1.91, 1800, X1 xxx.xx.x.xx, 1434, Xx ert Intrusion Prevention IPS Prevention Alert: VIRU...

0/23/2011 17:38:54.704 Alert Intrusion Prevention IPS Prevention Alert: VIRUS SQL Slammer Activity, SID: 1870, Priority: Medium 70.85.140.250, 2619, X1, fa.8c.5546.static.theplanet.com xxx.xx.x.xx, 14...

Date: 23.10.2011 Time: 23:34:38 GMT+4 Detected: Intrusion.Win.MSSQL.worm.Helkern Absent UDP from 219.148.1.91 to local port 1434 said my Kaspersky just now. First time occured, I never had been attac...

IPS Prevention Alert: VIRUS SQL Slammer Activity, SID: 1870, Priority: Medium 70.85.140.250, 2619, X1, fa.8c.5546.static.theplanet.com IPS Prevention Alert: VIRUS SQL Slammer Activity, SID: 1870, Pri...

Tried to submit an invalid query to the site outyourbackdoor.com using a know but closed mysql vulnerability. We are now tracking and reporting all complaints [GATEWAY_INTERFACE] => CGI/1.1 [...

10/19/2011 18:19:28.704 Alert Intrusion Prevention IPS Prevention Alert: VIRUS SQL Slammer Activity, SID: 1870, Priority: Medium 61.235.46.146, 3340, Xx xxx.xx.x.xx, 1434, Xx That is all.... Yep yep y...

10/19/2011 22:25:52.448 Alert Intrusion Prevention IPS Prevention Alert: VIRUS SQL Slammer Activity, SID: 1870, Priority: Medium 70.85.140.250, 2619, Xx, fa.8c.5546.static.theplanet.com xxx.xx.x.xx, 1...

Tried SQL injections via get on comment form. Tried to upload 2 images and 1 pdf files. There are numerous other complaints about this ip from lots of other sites. ...

Tried sql injections via get and also sql injections on admin form. There are numerous other complaints about this ip from lots of other sites. ...

Alert Intrusion Prevention IPS Prevention Alert: VIRUS SQL Slammer Activity, SID: 1870, Priority: Medium 219.148.1.91, 2733, X1 ***.**.*.**, 1434, X* Alert Intrusion Prevention IPS Prevention Alert:...

09/28/2011 17:23:53.688 Alert Intrusion Prevention IPS Prevention Alert: VIRUS SQL Slammer Activity, SID: 1870, Priority: Medium 219.148.1.91, 2733, X1 ***.**.*.**, 1434, X3 attack 7 Times... yep yep...

we are a government agency and we are getting SQL injection attacks from this ip address. There are about 100 attacks per minute. Thank you....

09/26/2011 20:29:00.880 Alert Intrusion Prevention IPS Prevention Alert: VIRUS SQL Slammer Activity, SID: 1870, Priority: Medium 219.148.1.91, 2733, X1 ***.**.*.**, 1434, X 09/26/2011 20:29:00.880 Ale...

<?php /** * This program is under GNU GPL license. * * You can contact the author of this program at <ffmandu13@hotmail.com/>. */ //Defined regexps (you can add your own ones). define(...

IPS Prevention Alert: VIRUS SQL Slammer Activity, SID: 1870, Priority: Medium Alert Intrusion Prevention 1305, X1 1434, 4 COUNTS OF THIS ALERT WO0OO ... always something ...

This IP - 61.235.46.146 was trying to hack my computer via Instruction.Win.MSSQL.worm.Helkern. as it showed in my kaspersky warning message. Please help me and look into this very strictly....

02:40:16.080 Alert Intrusion Prevention IPS Prevention Alert: VIRUS SQL Slammer Activity, SID: 1870, Priority: Medium 219.148.1.91, 2733, X1 ***.**.*.**, 1434, X3 Attack count one time .. Priority: Me...

Repeated Sql Injection Attacks from IP 193.105.240.173 Repeated Sql Injection Attacks from IP 193.105.240.173 Repeated Sql Injection Attacks from IP 193.105.240.173 Repeated Sql Injection Attac...

22.09.2011 18:19:05 Обнаружено: Intrusion.Win.MSSQL.worm.Helkern UDP от 94.188.21...

/wp-content/plugins/1-flash-gallery/upload.php?action=uploadify&fileext=php $_FILE = index.bak.php This may be a \"Executable File Upload Attack.\" IP attempt to exploit wordpress inst...

This IP has tried to hack 5 different wordpress sites that I run. The hack attempts are continuing on. Please keep an eye on this IP and block it from your hosts...

This IP and several on the strong of 180.76.5.* have SQL injected my website at the above address. I cannot figure out how to stop it...

hhhhhhhhhhhd wef wef we fwe fwe fewd fdwe fgergergwe weffwsvdsgdf gdergrg wergegegerger ge sdfsfsd ds edg e gr grt ghrth grthgrt rtrt r rth rtdr svasdfwegghtgwsfqwdfwegwewe wgwe gwg wg we ggw ew ge w...

These clowns has been trying to hack my site. If they keep it up, I\'ll be forced to beat some Latvian ass into a thick red paste....

someone from this IP has been trying to hack into my site for a week now. Classified as a \"WordPress-Specific SQL Injection Attack.\" by WP firewall. ...

IP 193.105.240.173 has tried several times to gain access my Wordpress website using SQL Injection. It was classified as \"WordPress-Specific SQL Injection Attack.\" Please do something abou...

Had over a dozen email alerts today of a WordPress-Specific SQL Injection Attack attempts made from this IP to the wp-login for almost all of my Wordpress sites today. Wordpress Firewall blocked them ...

For the last two days we\'ve been receiving repeated SQL injection attacks from this IP address directed at our various Wordpress sites. A quick Google search reveals that this IP is a repeat offender...

This IP 193.105.240.173 tried to hack our site overturnseries.com today. Please do something cause a lot of people are complaining. Our site is a sci-fi web series. We do not have any anti-anybody co...

This IP along with the others below, using multiple different names and addressses like \"the five street new york, ny\" slammed my order form over 400 times with nonsense. 222.186.26.208 2...

9/03/2011 18:09:51.192 Alert Intrusion Prevention IPS Prevention Alert: VIRUS SQL Slammer Activity, SID: 1870, Priority: Medium 212.104.86.94, 3661, X1 *** *** *** , 1434, X3 9/03/2011 18:09:51.192 A...

Kaspersky just picked this up under network attacks. The IP was successfully blocked, but it\'s still a little worrying since I\'ve NEVER had this kind of attack before....

30.08.2011 07:31:17 Gefunden Intrusion.Win.MSSQL.worm.Helkern Netzwerkpaket UDP von 190.215.93.163 auf lokalen Port 1434 Nicht vorhanden 30.08.2011 07:31:17 Gefunden Intrusion.Win.MSSQL.worm.H...

one more time......Found Network attack Intrusion.Win.MSSQL.worm.Helkern 222.32.89.5 Found Network attack Intrusion.Win.MSSQL.worm.Helkern 222.32.89.5 Found Network attack Intrusion.Win.MSSQL.worm.H...

09/02/2011 07:43:46.048 Alert Intrusion Prevention IPS Prevention Alert: VIRUS SQL Slammer Activity, SID: 1870, Priority: Medium 222.32.89.5, 4506, X1 *****.2.*-*, 1434, 09/02/2011 07:43:46.048 Alert ...

incearca sa-mi injecteze virusi in computer o sa pun Politia pe urmele acestu cacat cu ochiIP Address: 86.127.172.66 IP Address Country: Romania (RO) IP Address Region: 12 Caras-Severin IP Address C...

08/29/2011 18:09:52.592 Alert Intrusion Prevention IPS Prevention Alert: VIRUS SQL Slammer Activity, SID: 1870, Priority: Medium 183.167.196.226, 2670, X1 1434, ... 1434, lert Intrusion Prevention IPS...

Intrusion.Win.MSSQL.Worm.Helkern Intrusion.Win.MSSQL.Worm.HelkerIntrusion.Win.MSSQL.Worm.Helkern Intrusion.Win.MSSQL.Worm.HelkerIntrusion.Win.MSSQL.Worm.Helkern Intrusion.Win.MSSQL.Worm.HelkerIntrusio...

Intrusion Prevention IPS Prevention Alert: VIRUS SQL Slammer Activity, SID: 1870, Priority: Medium 61.235.97.52, 61473, X Intrusion Prevention IPS Prevention Alert: VIRUS SQL Slammer Activity, SID: 1...

Hello, I´ve logged some tries from this IP to inject SQL at: www.maktour.com.br, adding these strings to some (get) parameters: /**/And/**/(SELECT/**/1)=1 /**/And/**/(SELECT/**/2)=2 B...

Probleme hack sql injection sur le serveur 68.168.116.6 cela dure depuis un bon moment harcèlement de client utilisation de compte admin non permit Pour toute otre info contacter moi die...

193.105.240.173 has made repeated attempts to hack my wordpress blog. Please investigate them. I\'ve banned the ip, but you can see there is an ongoing problem....

I have had 5 attempts from this IP address to hack via wp-login a simple music band related blog in the UK. Fortunately I have wordpress firewall installed & the attempts have been blocked....

SQL injection attack. PERMANENTLY!!! Attack parameters: Type of attack: SQL-Injection Scanner IP adress: 84.22.62.204 National IP network of ARTMOTION.Net Located in Kosova (SERBIA) Kujtim Hajredini ...

http://integralblinds.com/webalizer/36/jewelry-supplies.html jewelry supplies, =-PP, http://51xbox.com/archiver/159/slime-recipes.html slime recipes, 807027, http://computersalesaldergrove.com/webal...

http://computerservicealdergrove.com/modlogan/29/world-poker-tour.html world poker tour, %-DD, http://onedebt.com/facefiles/777/car-quest.html car quest, %-P, http://barabbotsford.com/cp/272/kid-roc...

http://chilkoriver.com/modlogan/59/math-homework-answers.html math homework answers, zvl, http://yemendirect.com/English/844/gadwin-print-screen.html gadwin print screen, 340986, http://rajendrapras...

http://energywercs.org/images/690/index.html kijiji peterborough, iknnk, http://internetbusinessblogs.info/cp/75/dark-circles-under-eyes.html dark circles under eyes, 8-]]], http://morrison3d.com/Sc...

http://leicesterdigitalmedia.com/images/06/access-dane.html access dane, 2283, http://cnmanufacture.com/webalizer/274/mexican-rice.html mexican rice, 869353, http://computersalesmission.com/_notes/2...

http://overlanderhotel.com/scripts/97/muscatine-journal.html muscatine journal, oerr, http://ozarkwoodcarver.com/wp-admin/671/adobe-reader-repair.html adobe reader repair, 8023, http://polymers-mero...

http://ultrapurenoleadvalves.com/css/80/gay-personals.html gay personals, tob, http://officex6.com/wp-includes/594/anilos-movies.html anilos movies, =-[[, http://integral-blinds.com/webalizer/600/fe...

http://solardid.com/solar-product/501/xxxl-animal-costumes.html xxxl animal costumes, 733, http://zoha.com/index_files/28/female-sock-fetishes.html female sock fetishes, 085493, http://patelinfraene...

http://thewhole9online.com/shoe/004/teen-girl-costume-ideas.html teen girl costume ideas, 5955, http://leschenaultcc.com/oldadmin/541/xxxxxxxxx-dynamic-lights.html xxxxxxxxx dynamic lights, 955, htt...

http://justproducts.biz/flash/06/oral-sex-porn.html oral sex porn, 2680, http://innovativeliftsolutions.com/webalizer/61/nuns-having-sex-porn-xxx.html nuns having sex porn xxx, qdc, http://ufrsports...

this ip continually attacking in my system. Thanks to kspersky that it save my system.. Chinese assholes ...

the code wrote in the address bar is: 1991+update+cartHeader+set+companyName=REPLACE(cast(companyName+as+varchar(8000)),cast(char(60)%2Bchar(47)%2Bchar(116)%2Bchar(105)%2Bchar(116)%2Bchar(108)%2Bchar...

GET /phpMyAdmin-2.8.2/scripts/setup.php HTTP/1.1 /sqlmanager/scripts/setup.php HTTP/1.1 /webadmin/scripts/setup.php HTTP/1.1 /phpMyAdmin-2.8.0.3/scripts/setup.php HTTP/1.1 /phpMyAdmin-2.8.0.4/scri...

Details:- HTTP Suspicious Domain Request SQL Injection Attacking Computer: 125.46.73.250, 80 Attacker URL: js.users.51.la/3446609.ja Source Address: 125.46.73.250 Traffic Description: TCP, ww...

16.09.2010 19:53:21 Found: Intrusion.Win.MSSQL.worm.Helkern UDP von 219.149.194.245 at lokal Port 1434...

I want to hook this worm with a chopstick!...

This prick keeps trying to break in every few days or so......

port scanning...

Tried to inject at p 1434...

Payload file on this site http:// js.users.51.la / 4115989 . script Infected DB with all SQL VARCHAR FIELDS UPDATE WITH ABOVE URL...

Payload file on this site...

attempted intrusion.win.mssql.worm.hellkern UDP to local port 1434...

Caught by Cisco router firewall on UDP and TCP ports...

Consistently attacks. Blocked by Symantec Antivirus. Details simply listed as Incoming....

2010-08-17 01:52:21 Upptäckt: Intrusion.Win.MSSQL.worm.Helkern Okänt program UDP från 219.150.223.253 till lokal port 1434 still trying its seems...

2010-08-17 01:52:21 Upptäckt: Intrusion.Win.MSSQL.worm.Helkern Okänt program UDP från 219.150.223.253 till lokal port 1434 still trying its seems...

2010-08-17 01:52:21 Upptäckt: Intrusion.Win.MSSQL.worm.Helkern Okänt program UDP från 219.150.223.253 till lokal port 1434 still trtying its seems...

Date: 08/14 03:38:07 Name: SQL version overflow attempt Priority: 1 Type: Attempted Administrator Privilege Gain IP info: 118.213.78.20:1547 -> ***.***.***.***:1434...

Enters same listings into database with different email addresses ending with such characters like &#826, ? , $,% etc. This results into database being blocked when queries are made....

MS SQL Stack BO 67.170.33.143 aug 2 2010 6:47PM ...

Desde esta direccion Sí realizo Una intrusión Win.MSSQLworm.Heldern , Que Me hizó formatear mi computador , El PROTOCOLO / Servicio es UDP en puerto local 1434 A Las 12 47 El Día de Hoy ....

This will not work because I'm using a secure version of wordpress, but his sql injection attempts just piss me off because they've been going on for the past 2 hours....

SQL version overflow attempt UDP SQL version overflow attempt Attempted Administrator Privilege Gain 122.225.100.154:3411->88.116.105.150:1434 07/19-15:48:19 CET...

SQL version overflow attempt...

Attempted SQL script injection....

who is this bastard with his worms and should inject his worms in his ass :P~~~~...

211.139.255.29 <-- this is the ip address and this chinese person is solely rotten to its core. he only has to destruct the pc hack the admin passwords, steal credit cards and moch more. this guy shud...

61.128.110.96 ...

28.06.2010 14:03:27 Gefunden: Intrusion.Win.MSSQL.worm.Helkern UDP von 86.105.220.79 auf lokalen Port 1434 Nicht vorhanden...

6/19/2010 Detected: Intrusion.Win.MSSQL.worm.Helkern Absent UDP from 61.128.110.96 to local port 1434...

Attempting to Dos/DDos attack on MSSQL...

Intrusion.Win.MSSQL.worm.Helkern UDP desde 60.161.78.155 al puerto local 1434...

dEcLaRe%20@s%20vArChAr(8000)%20sEt%20@s=0x6445634C615265204074207641724368417228323535292C406320764172436841722832353529206445634C615265207441624C655F637572736F5220635572536F5220466F522073456C45635420...

This from the IIS logs: 2010-06-07 13:02:51 W3SVC3820959 xxxx aa.bb.cc.dd GET /Page.aspx ID=103';dEcLaRe%20@s%20vArChAr(8000)%20sEt% 20@s=0x6445634C615265204074207641724368417228323535292C406320...

6/3/2010 10:07:35 AM UDP from 218.30.22.82 to local port 1434 Detected: Intrusion.Win.MSSQL.worm.Helkern ...

5/27/2010 7:45:04 AM UDP from 122.225.100.154 to local port 1434 Detected: Intrusion.Win.MSSQL.worm.Helkern ...

5/27/2010 10:42:17 AM UDP from 221.130.140.18 to local port 1434 Detected: Intrusion.Win.MSSQL.worm.Helkern ...

5/27/2010 8:57:51 PM UDP from 67.241.88.147 to local port 1434 Detected: Intrusion.Win.MSSQL.worm.Helkern ...

5/31/2010 10:52:03 AM UDP from 61.233.103.25 to local port 1434 Detected: Intrusion.Win.MSSQL.worm.Helkern...

6/1/2010 8:24:27 AM UDP from 122.225.100.154 to local port 1434 Detected: Intrusion.Win.MSSQL.worm.Helkern...

6/2/2010 7:46:27 AM UDP from 219.149.194.245 to local port 1434 Detected: Intrusion.Win.MSSQL.worm.Helkern...

6/2/2010 7:46:27 AM UDP from 219.149.194.245 to local port 1434 Detected: Intrusion.Win.MSSQL.worm.Helkern...

[ spam net handler ] Socket UDP (bind) 0.0.0.0:57885 -> 0.0.0.0:1434 DialogueFactory mssql Dialogue Factory creates dialogues for the MS02-061 flaw removing Dialogue MSSQLDialogue as Dialogue retur...

/config.inc.php?p=phpinfo() seems like discussed in CVE-2009-1151. Sorry i don't speak fluent english and computer skill very low. ...

26.5.2010. 22:19:27 UDP from 221.130.140.18 to local port 1434 Absent...

Attacker traced to Buenos Aires, Argentina. Attacker\'s computer was spoofed....

Attacker traced to Buenos Aires, Argentina. Attacker\'s computer was spoofed....

i keep getting alerts from my kaspersky anti virus about some type of intrusion from the ip address 211.143.230.140...

2010/05/25 23:08:11 PM Detected: Intrusion.Win.MSSQL.worm.Helkern Absent UDP from 61.128.110.96 to local port 1434...

23/05/2010 21:48:10 Network Attack Blocker Detected: Intrusion.Win.MSSQL.worm.Helkern Absent UDP from 60.161.78.155 to local port 1434 ...

Another oldie char(8000) attack: paged=45'%20And%20char(124)%2b(Select%20Cast(Count(1)%20as%20varchar(8000))%2Bchar(124)%20From%20[sysobjects]%20Where%201=1)>0%20and%20''=' Within 2 seconds, th...

Another oldie char(8000) attack: cat=4&paged=41\'%20And%20char(124)%2b(Select%20Cast(Count(1)%20as%20varchar(8000))%2Bchar(124)%20From%20[sysobjects]%20Where%201=1)>0%20and%20\'\'=\' Within 2 se...

Another oldie char(8000) attack: amp;paged=41&cat=4\'%20And%20char(124)%2b(Select%20Cast(Count(1)%20as%20varchar(8000))%2Bchar(124)%20From%20[sysobjects]%20Where%201=1)>0%20and%20\'\'=\' Within...

Attempt to inject on p 1434...

stupid hacker. don't you have anything better to do? Like go hang yourself or something?...

Try SQL Injection Attack to Wordpress....

WORM ATTACK FROM THIS IP AND SEVERAL FROM INFECTED CHINA.......

My kaspersky detected this suspicious intrusion attempt from IP 218.30.22.82 Recently my email id got compromised, and I have recieving a lot of spam and phishing related email. He is constantly on a...

block by kaspersky...

==29000000============================== Request: 109.98.9.51 80.154.35.144 - - [10/May/2010:17:04:46 +0300] \\\"GET /phpmyadmin/sql.php?db=mysql&sql_query= HTTP/1.0\\\" 404 453 \\\"-\\\" \\\"-\\\" -...

Our security systems reports the 1st of May 2010 multiple attacks type SQL Injection from IP 115.49.49.48 to our web site. All attacks was performed on port 80. From 19:20:13 CEST with the first str...

Yet another attempt on 1434...

I am constantly getting Helkern notifications from this IP. Is there any way to ban this IP from attacking me?...

Attempted to load Helkern worm across port 1434...

Watch out for this IP that appears to come from Vancouver in Canada is bad news, try to block it...compromised as a new index.php file was downloaded and used to inject malware onto the site from th...

Watch out for this IP that appears to come from Vancouver in Canada is bad news, try to block it...compromised as a new index.php file was downloaded and used to inject malware onto the site from th...

Watch out for this IP that appears to come from Vancouver in Canada is bad news, try to block it...compromised as a new index.php file was downloaded and used to inject malware onto the site from th...

Tried to upload the helkern worm to my network via p 1434...

Tried to attack across port 1434...

Attack on port 1434...

My firewall tends to popup with this alerts. It happening from past dayz....

with \"Intrusion.WinMSSQL.worm.Helkern\"....

Attacked twice on p 1434...

Attempted to load the Helkern worm across p 1434...

Attempted to load via port 1434...

On March 30, 2010 at 12:08am PST my security sentry detected a series of 3 consecutive attempts to extract the ADMIN PW from a MySQL database. I'm using a Wordpress 2.9 installation (self-hosted on a ...

Port 1434 6 attempts in the last 24 hours...

port 1434 8 attempts to load lastnight...

Tried to inject via port 1434 again...

Slammer worm across p 1434...

Block this ip address dangerouse could cuase infection on pc...

Block this ip address dangerouse could cuase infection on pc...

3/16/2010 2:15:32 AM Detected: Intrusion.Win.MSSQL.worm.Helkern Absent UDP from 218.30.22.82 to local port 1434...

2 attempts across p 1434...

4 attempts lastnight to access port 1434...

Half dozen attempts over the past 2 days on port 1434...

2010-03-08 14:07:06 DoS MS-SQL Slammer Worm 218.30.22.82...

2010-03-08 14:07:06 DoS MS-SQL Slammer Worm 218.30.22.82...

The offender attempted to insert spammy text into a SQL database. \'john.young@ukonline.co.uk\' , \'alina\' , \'alina\' , \' , \' , \' , \' , \' , \' , \'1\' , \'MBVRHTCMRFd\' , \' prednisone 3...

Attempt to use the helkern MSQL worm across 1434 lastnight on 12 different attempts...

04.03.2010 13:59:00 Gefunden: Intrusion.Win.MSSQL.worm.Helkern UDP von 222.86.62.237 auf lokalen Port 1434 Nicht vorhanden...

04.03.2010 13:59:00 Gefunden: Intrusion.Win.MSSQL.worm.Helkern UDP von 222.86.62.237 auf lokalen Port 1434 Nicht vorhanden...

04.03.2010 13:59:00 Gefunden: Intrusion.Win.MSSQL.worm.Helkern UDP von 222.86.62.237 auf lokalen Port 1434 Nicht vorhanden ...

network attack.win.mssql.worm.helkern port 1434 ...

Tried to load Helkern SQL worm on p 1434...

Attempted to infect w/ Helkern Worm on p 1434...

28.02.2010 21:39:38 Gefunden: Intrusion.Win.MSSQL.worm.Helkern UDP von 219.153.62.89 auf lokalen Port 1434 Nicht vorhanden...

28.02.2010 21:39:38 Gefunden: Intrusion.Win.MSSQL.worm.Helkern UDP von 219.153.62.89 auf lokalen Port 1434 Nicht vorhanden ...

28.02.2010 20:57:02 Gefunden: Helkern UDP von 218.30.22.82 auf lokalen Port 1434 Nicht vorhanden...

28.02.2010 15:30:09 Gefunden: Intrusion.Win.MSSQL.worm.Helkern UDP von 222.179.5.106 auf lokalen Port 1434 Nicht vorhanden...

28.02.2010 15:30:09 Gefunden: Intrusion.Win.MSSQL.worm.Helkern UDP von 222.179.5.106 auf lokalen Port 1434 Nicht vorhanden...

27.02.2010 12:51:14 Gefunden: Intrusion.Win.MSSQL.worm.Helkern UDP von 219.149.53.239 auf lokalen Port 1434 Nicht vorhanden...

Tries to access database without permission...

26.02.2010 08:21:04 Gefunden: Intrusion.Win.MSSQL.worm.Helkern UDP von 122.225.100.154 auf lokalen Port 1434 Nicht vorhanden ...

9 attempts in the past 6 hours...

Several attempts last night across p 1434...

24.02.2010 08:25:59 Gefunden: Intrusion.Win.MSSQL.worm.Helkern UDP von 124.173.184.18 auf lokalen Port 1434 Nicht vorhanden...

Attempted Administrator Privilege Gain...

Attempts to access database using web publishing as a vector...

2/1/2010 8:12:16 PM Detected: Intrusion.Win.MSSQL.worm.Helkern UDP from 60.190.49.245 to local port 1434 i don't know specifically what kind of network attak it is but i am sure this is related to ...

Try it inject Query String: \"><script>alert(\'struts_sa_surl_xss.nasl\')</script>...

16.02.2010 01:32:06 Gefunden: Intrusion.Win.MSSQL.worm.Helkern UDP von 219.149.53.239 auf lokalen Port 1434 Nicht vorhanden...

16.02.2010 01:32:06 Gefunden: Intrusion.Win.MSSQL.worm.Helkern UDP von 219.149.53.239 auf lokalen Port 1434 Nicht vorhanden...

15.02.2010 11:24:31 Gefunden: Intrusion.Win.MSSQL.worm.Helkern UDP von 222.173.147.28 auf lokalen Port 1434 Nicht vorhanden...

15.02.2010 11:24:31 Gefunden: Intrusion.Win.MSSQL.worm.Helkern UDP von 222.173.147.28 auf lokalen Port 1434 Nicht vorhanden...

13.02.2010 18:45:18 Gefunden: Intrusion.Win.MSSQL.worm.Helkern UDP von 68.81.112.154 auf lokalen Port 1434 Nicht vorhanden...

13.02.2010 18:45:18 Gefunden: Intrusion.Win.MSSQL.worm.Helkern UDP von 68.81.112.154 auf lokalen Port 1434 Nicht vorhanden ...

2 Attempts to contact through 1434...

On 11/02/2010 0:59:09 my Kaspersky Detected: Intrusion.Win.MSSQL.worm.Helkern UDP from 19.149.53.239. ...

Again on 1434 4 tries in the past hour...

10.02.2010 18:31:49 Gefunden: Intrusion.Win.MSSQL.worm.Helkern UDP von 61.160.234.5 auf lokalen Port 1434 Nicht vorhanden...

Keep on keepin' on ...

GEO Location for 10.02.2010 00:18:40 Gefunden: Intrusion.Win.MSSQL.worm.Helkern UDP von 218.75.95.244 auf lokalen Port 1434 Nicht vorhanden ...

212.42.230.141 - \"GET /phpmyadmin//config/config.inc.php?d=echo%20%6D%65%72%67%65 HTTP/1.1\" \"Mozilla/4.0 Opera 7.01 [en]\"...

09.02.2010 07:58:21 Gefunden: Intrusion.Win.MSSQL.worm.Helkern UDP von 61.240.240.50 auf lokalen Port 1434 Nicht vorhanden ...

on port 1434...

Intrusion.Win.MSSQL.worm.Helkern...

08.02.2010 08:25:47 Gefunden: Intrusion.Win.MSSQL.worm.Helkern UDP von 219.149.53.239 auf lokalen Port 1434 Nicht vorhanden ...

05.02.2010 12:08:45 Gefunden: Intrusion.Win.MSSQL.worm.Helkern UDP von 41.205.158.135 auf lokalen Port 1434 Nicht vorhanden ...

04.02.2010 09:41:47 Gefunden: Intrusion.Win.MSSQL.worm.Helkern UDP von 172.191.102.17 auf lokalen Port 1434 Nicht vorhanden...

04.02.2010 09:41:47 Gefunden: Intrusion.Win.MSSQL.worm.Helkern UDP von 212.252.124.15 auf lokalen Port 1434 Nicht vorhanden...

04.02.2010 09:41:47 Gefunden: Intrusion.Win.MSSQL.worm.Helkern UDP von 212.252.124.15 auf lokalen Port 1434 Nicht vorhanden ...

218.23.37.51 60:190:49:245 two attacks for me same thing with me , some chinese from hefei.how to get rid of that basterd...is there anyway ?...

My Kaspersky Internet Security Suite reported an attack from 218.75.95.244 site in China to local port 1434. Attacks are repeated from time to time from this address belonging to Jinhua Telecom Co.ltd...

This guy has been attacking my computer and blocked by Kaspersky. ...

30.01.2010 16:00:43 Gefunden: Intrusion.Win.MSSQL.worm.Helkern UDP von 122.225.100.154 auf lokalen Port 1434 Nicht vorhanden...

30.01.2010 16:00:43 Gefunden: Intrusion.Win.MSSQL.worm.Helkern UDP von 122.225.100.154 auf lokalen Port 1434 Nicht vorhanden ...

Attack Time: 2:59:28 PM Attaker IP Address: 188.92.75.244 Injection Type: Post Variable More Details Information: Form Variables _Your_Name = rabHoolerag _Email = fsdvxbvcjhd1@gawab.com _Mail...

network attack Intrusion.win.MSSQL.worm.Helkern on port 1434...

network attack Intrusion.win.MSSQL.worm.Helkern on port 1434...

28.01.2010 12:09:36 Gefunden: Intrusion.Win.MSSQL.worm.Helkern UDP von 219.149.53.239 auf lokalen Port 1434 Nicht vorhanden...

28.01.2010 11:28:15 Gefunden: Intrusion.Win.MSSQL.worm.Helkern UDP von 60.191.131.138 auf lokalen Port 1434 Nicht vorhanden ...

28.01.2010 11:14:28 Gefunden: Intrusion.Win.MSSQL.worm.Helkern UDP von 122.225.100.154 auf lokalen Port 1434 Nicht vorhanden ...

Intrusion.Win.MSSQL.worm.Helkern 5 attempts in the past 4 hours...

2 computers keep being hit by fake antivirus.I use malwarebytes and it keeps blocking multiple chinese ips,roughly 40 different some in yamen some in europe,3 in africa.ive been hit 3 times in 6 month...

25 page hits in 2 minutes sql injecting attempt...

26.01.2010 11:32:49 Gefunden: Intrusion.Win.MSSQL.worm.Helkern UDP von 122.225.100.154 auf lokalen Port 1434 Nicht vorhanden ...

26.01.2010 08:26:06 Gefunden: Intrusion.Win.MSSQL.worm.Helkern UDP von 212.252.124.15 auf lokalen Port 1434 Nicht vorhanden ...

25.01.2010 11:24:11 Gefunden: Intrusion.Win.MSSQL.worm.Helkern UDP von 218.75.95.244 auf lokalen Port 1434 Nicht vorhanden...

25.01.2010 10:36:53 Gefunden: Intrusion.Win.MSSQL.worm.Helkern UDP von 61.152.188.110 auf lokalen Port 1434 Nicht vorhanden ...

Intrusion.Win.MSSQL.worm.Helkern Kaspersky reports network attack Intrusion.Win.MSSQL.worm.Helkern ip address: 219.149.53.239 ...

23.01.2010 21:31:28 Gefunden: Intrusion.Win.MSSQL.worm.Helkern UDP von 218.75.61.30 auf lokalen Port 1434 Nicht vorhanden ...

Looking for mysql, dbadmin, phpMyAdmin, mysql, db, config, pma, myadmin, intl, p. Time range from Jan 22 14:06:40 2010 to Jan 22 14:42:46 2010 EST....

22.01.2010 19:28:46 Gefunden: Intrusion.Win.MSSQL.worm.Helkern UDP von 219.149.53.239 auf lokalen Port 1434 Nicht vorhanden...

22.01.2010 12:44:18 Gefunden: Intrusion.Win.MSSQL.worm.Helkern UDP von 122.225.100.154 auf lokalen Port 1434 Nicht vorhanden ...

22.01.2010 10:46:22 Gefunden: Intrusion.Win.MSSQL.worm.Helkern UDP von 212.252.124.15 auf lokalen Port 1434 Nicht vorhanden ...

22.01.2010 10:17:24 Gefunden: Intrusion.Win.MSSQL.worm.Helkern UDP von 218.75.95.244 auf lokalen Port 1434 Nicht vorhanden ...

Attack detected. Intrusion.Win.MSSQL.worm.Helkern UDP local port 1434 212.252.124.15 it seem to be like a mobile phone. No any open ports can be found with. Nmap gives Device type: phon...

20.01.2010 09:43:48 Gefunden: Intrusion.Win.MSSQL.worm.Helkern Nicht vorhanden UDP von 218.23.37.51 auf lokalen Port 1434 ...

19.01.2010 11:24:41 Gefunden: Intrusion.Win.MSSQL.worm.Helkern UDP von 218.204.137.156 auf lokalen Port 1434 Nicht vorhanden ...

19.01.2010 09:01:24 Gefunden: Intrusion.Win.MSSQL.worm.Helkern UDP von 218.30.22.82 auf lokalen Port 1434 Nicht vorhanden...

Kaspersky blocked attempt from ip address 218.23.37.51 to inject Intrusion.Win.MSSQL.worm.Helkern through my port UDP 1434 ...

1/18/2010 7:55:29 PM Detected: Intrusion.Win.MSSQL.worm.Helkern Absent UDP from 218.75.95.244 to local port 1434 ...

Kaspersky blocked attempt from ip address 219.149.53.239 to inject Intrusion.Win.MSSQL.worm.Helkern through my port UDP 1434 my local UDP port 1434 has been previously attacked from 218.23.37.51 a...

18.01.2010 22:36:38 Gefunden: Intrusion.Win.MSSQL.worm.Helkern UDP von 218.75.95.244 auf lokalen Port 1434 Nicht vorhanden...

18.01.2010 22:29:18 Gefunden: Intrusion.Win.MSSQL.worm.Helkern UDP von 218.204.137.156 auf lokalen Port 1434 Nicht vorhanden ...

16.01.2010 13:08:54 Gefunden: Intrusion.Win.MSSQL.worm.Helkern UDP von 212.252.124.15 auf lokalen Port 1434 Nicht vorhanden...

16.01.2010 13:08:54 Gefunden: Intrusion.Win.MSSQL.worm.Helkern UDP von 212.252.124.15 auf lokalen Port 1434 Nicht vorhanden...

TCP Packet - Source:119.147.24.83,6000 Destination:90.136.144.60,1433...

UDP Packet - Source:60.190.49.243,56981 Destination:90.136.144.60,1434...

UDP Packet - Source:124.173.184.18,4861 Destination:90.136.144.60,1434...

15.01.2010 07:09:28 Gefunden: Intrusion.Win.MSSQL.worm.Helkern UDP von 210.109.111.187 auf lokalen Port 1434 Nicht vorhanden ...

13/01/2010 18:47:04 Intrusion.Win.MSSQL.worm.Helkern 200.142.96.106 UDP 1434...

13.01.2010 12:11:06 Gefunden: Intrusion.Win.MSSQL.worm.Helkern UDP von 212.252.124.15 auf lokalen Port 1434 Nicht vorhanden...

13.01.2010 07:42:23 Gefunden: Intrusion.Win.MSSQL.worm.Helkern UDP von 60.190.49.243 auf lokalen Port 1434 Nicht vorhanden ...

Intrusion.Win.MSSQL.worm.Helkern UDP von 218.200.186.20 auf lokalen Port 1434 Nicht vorhanden...

Attempted intrusion. UDP from 58.209.15.253 to port 1434. Kaspersky shows it as Detected: Intrusion.win.MSSQL.worm.Helkern I've been getting a good number of these from various Chinese addresses f...

06.01.2010 19:28:10 Gefunden: Intrusion.Win.MSSQL.worm.Helkern UDP von 211.100.229.252 auf lokalen Port 1434 Nicht vorhanden...

06.01.2010 19:28:10 Gefunden: Intrusion.Win.MSSQL.worm.Helkern UDP von 211.100.229.252 auf lokalen Port 1434 Nicht vorhanden...

06.01.2010 19:28:10 Gefunden: Intrusion.Win.MSSQL.worm.Helkern UDP von 211.100.229.252 auf lokalen Port 1434 Nicht vorhanden...

06.01.2010 01:05:18 Gefunden: Intrusion.Win.MSSQL.worm.Helkern UDP von 219.149.53.239 auf lokalen Port 1434 Nicht vorhanden ...

04.01.2010 19:10:09 Gefunden: Intrusion.Win.MSSQL.worm.Helkern UDP von 113.107.3.94 auf lokalen Port 1434 Nicht vorhanden...

04.01.2010 23:49:44 Gefunden: Intrusion.Win.MSSQL.worm.Helkern UDP von 211.154.136.196 auf lokalen Port 1434 Nicht vorhanden ...

Thank You Kaspersky for the protection again....

30.12.2009 19:34:54 Gefunden: Intrusion.Win.MSSQL.worm.Helkern UDP von 61.132.132.162 auf lokalen Port 1434 Nicht vorhanden...

Above intrusion detected by Norton and blocked....

This Ukraine IP tried 9 times attempting to do some SQL injection into my wordpress account. I think he was trying to guess which plugin or wordpress itself has security flaws....

28.12.2009 06:35:00 Gefunden: Intrusion.Win.MSSQL.worm.Helkern UDP von 122.225.100.154 auf lokalen Port 1434 Nicht vorhanden ...

28.12.2009 08:27:20 Gefunden: Intrusion.Win.MSSQL.worm.Helkern UDP von 218.204.137.156 auf lokalen Port 1434 Nicht vorhanden...

228.12.2009 07:25:59 Gefunden: Intrusion.Win.MSSQL.worm.Helkern UDP von 212.252.124.15 auf lokalen Port 1434 Nicht vorhanden ...

28.12.2009 19:35:50 Gefunden: Intrusion.Win.MSSQL.worm.Helkern UDP von 109.86.206.10 auf lokalen Port 1434 Nicht vorhanden...

28.12.2009 19:35:50 Gefunden: Intrusion.Win.MSSQL.worm.Helkern UDP von 109.86.206.10 auf lokalen Port 1434 Nicht vorhanden...

28.12.2009 06:35:00 Gefunden: Intrusion.Win.MSSQL.worm.Helkern UDP von 122.225.100.154 auf lokalen Port 1434 Nicht vorhanden...

when i'm navigating on internet, my kaspersky Internet security antivirus block this ip 219.149.53.239 and alert Intrusion.Win.MSSQL.worm.Hellkern...

this one tried to inject some kind of worm into my system my firewall blocked it saying that ip address is possibly spoofed!!! please help it is the 15th time i got this sttack from this ip ...

26.12.2009 13:44:06 Gefunden: Intrusion.Win.MSSQL.worm.Helkern UDP von 219.149.53.239 auf lokalen Port 1434 Nicht vorhanden ...

25.12.2009 22:17:45 Gefunden: Intrusion.Win.MSSQL.worm.Helkern UDP von 219.149.53.239 auf lokalen Port 1434 Nicht vorhanden...

25.12.2009 22:17:45 Gefunden: Intrusion.Win.MSSQL.worm.Helkern UDP von 219.149.53.239 auf lokalen Port 1434 Nicht vorhanden...

25.12.2009 22:17:45 Gefunden: Intrusion.Win.MSSQL.worm.Helkern UDP von 219.149.53.239 auf lokalen Port 1434 Nicht vorhanden...

24.12.2009 22:28:38 Gefunden: Intrusion.Win.MSSQL.worm.Helkern UDP von 218.204.137.156 auf lokalen Port 1434 Nicht vorhanden...

trying to hacking...

trying to hacking ........

trying to hacking ......

trying to hacking ......

trying to hacking ......

trying to hacking ......

Intrusion.Win.MSSQL.worm.Helkern from 190.2.29.193 UDP on local port 1434 Absent......

21.12.2009 18:57:21 Found: Intrusion.Win.MSSQL.worm.Helkern from 190.2.29.193 UDP on local port 1434 Absent......

21.12.2009 18:57:21 Found: Intrusion.Win.MSSQL.worm.Helkern from 190.2.29.193 UDP on local port 1434 Absent...

21.12.2009 18:57:21 Found: Intrusion.Win.MSSQL.worm.Helkern from 190.2.29.193 UDP on local port 1434 Absent...

21.12.2009 18:57:21 Found: Intrusion.Win.MSSQL.worm.Helkern from 190.2.29.193 UDP on local port 1434 Absent...

Above intrusion attempted, picked up by Norton....

GEO Location for 20.12.2009 12:01:01 Gefunden: Intrusion.Win.MSSQL.worm.Helkern UDP von 218.22.244.45 auf lokalen Port 1434 Nicht vorhanden ...

I was the last person to report this IP, and I took of KIS to defragment my hard drive. Bad Idea. I immediately got a Stop Error from a MSSQL Error. Is there any way to block this IP?...

trying to hacking...

trying to hacking ...

Win.MSSQL.worm...

Registered as attacked and blocked on Norton. Title block describes specific transgression....

Win.MSSQL.worm...

Win.MSSQL.worm...

Win.MSSQL.worm...

Win.MSSQL.worm...

Win.MSSQL.worm...

Win.MSSQL.worm...

2.2009 14:07:53 Gefunden: Intrusion.Win.MSSQL.worm.Helkern UDP von 219.149.53.239...

2.2009 14:07:53 Gefunden: Intrusion.Win.MSSQL.worm.Helkern UDP von 219.149.53.239...

Kaspersky report "IntrusionWin.MSSQL.worm.Helkern"...

Intrusion.Win.MSSQL.worm.Helkern Absent UDP from 211.100.229.252 to local port 1434...

12/15/2009 Detected: Intrusion.Win.MSSQL.worm.Helkern Absent UDP from 218.204.137.156 to local port 1434 ...

port 1434...

Intrusion.Win.MSSQL.worm.Helkern UDP...

Every half hour, Kapersky alerts me of this worm attemption to get inside of my network. intrusion.win.MYSQL.worm.Helkern 212.252.124.15 UDP 1434...

I get multiple intrusion alerts on Norton from this and multiple other IP addresses (almost exclusively different areas in China)....

Intrusion.Win.MSSQL.worm.Helkern...

Intrusion.Win.MSSQL...

Intrusion.Win.MSSQL.worm.Helkern...

Intrusion.Win.MSSQL.worm.Helkern ...

Intrusion.Win.MSSQL.worm.Helkern Nicht...

11/23/2009 1:17:52 PM 91.213.121.24 /Historiker/wp-admin/index.php 302 0 B [ Unknown ] + 00:00:12 91.213.121.24 /Historiker/wp-admin/post.php 302 0 B [ Unknown ] + 00:00:13 91.213.121.24 /Hist...

I\\\\\\\'ve got a message from the oSCE organisation, a news bulletin and when I opened it there was my Kaspersky Internet Security telling that the Win 32 MSSQL. Helkern worm was sent with it....

I\\\'ve got a message from the oSCE organisation, a news bulletin and when I opened it there was my Kaspersky Internet Security telling that the Win 32 MSSQL. Helkern worm was sent with it....

Kasper-sky Detected: Intrusion.Win.MSSQL.worm.Helkern On 2009/11/16 10:03:19 PM UDP from 190.2.29.193 to local port 1434 On 2009/11/16 1:37:48 AM UDP from 111.171.127.139 to local port 1434 ...

Kaspersky Internet Security -Attack blocked the above Intrusion attempt...

He is dodsing me and hacking my computers and sql injected attempts....

He is dodsing me and hacking my computers and sql injected attempts. ...

08-11-2009 5:01:14 Intrusion.Win.MSSQL.worm.Helkern! Attacker IP address: 212.252.124.15. Protocol/service: UDP on local port 1434. Time: 08-11-2009 5:01:14...

This IP has tried to infect our site with malware through a SQL injection. They created a bogus login and then attempted to gain access. We log all logins, and found this out. WWW.teamdonatelife.com...

This IP has tried to infect our site with malware through a SQL injection. They created a bogus login and then attempted to gain access. We log all logins, and found this out. WWW.teamdonatelife.com...

This guy has made numerious attempts to intrude our systems...

received log in kaspersky stating this attacker from UDP port 1434...

several times a day this type of network attack is shown on kaspersky from the china region just like others are experiencing on here....

This hacker has attacked my PC constantly for the past few months with a MySQL worm of some sorts....

the ip mentioned above is constantly attcaking computers in india .......... it is an attack mentioned as udp attack w32.sql.helkern attack..............

9/28/2009 4:22:45 PM UDP from 122.225.100.154 to local port 1434 Absent Detected: Intrusion.Win.MSSQL.worm.Helkern...

Tried accessing my Network at home. Intrusion. 2009/09/19 07:02:56 PM Intrusion.Win.MSSQL.worm.Helkern 61.145.123.141 UDP 1434 ...

By SQL injection inserting hate messages...

Source IP Address 218.204.137.156 The IP address of the computer that sent the packet which caused the alert. Source Port 1066 The port used by the source computer when sending the packe...

Source IP Address 218.204.137.156 The IP address of the computer that sent the packet which caused the alert. Source Port 1066 The port used by the source computer when sending the packe...

08/17,18/2009 Intrusion.Win.MSSQL.worm.Helkern 202.101.180.165 & 58.42.234.135 UDP 1434...

http://www.wantsfly.com/prx.php shows in my access log but wantsfly is definately not my domain...

http://www.wantsfly.com/prx.php shows in my access log but wantsfly is definately not my domain...

Intrusion.Win.MSSQL.worm.Helkern...

I don\'t know what this is, or what it wants from me, but it keep doing \'\'attacks\'\'. This is a quite popular hacker(just search Helkern on google) I need more information about this, so please hel...

22/07/2009 12:04:22 AM UDP from 218.206.139.152 to local port 1434 Absent Detected: Intrusion.Win.MSSQL.worm.Helkern ...

Had a bot from the same isp scan my network a day prior. It detected my Xampp package and another bot tried to execute SQLi against its MySQL feature. ...

During past week we detected in one of our sites several attacks from this IP: - Several SQL injection attempts, most of them with "hand made" look. - Variable scanning - Brute force attacks to the...

UDP from 202.99.11.99 to local port 1434 Absent Detected: Intrusion.Win.MSSQL.worm.Helkern ...

I\'m happy very good site...

ip address :222.82.249.235. this ip address is contstantly trying to hack my system and it crashes my computer can you please look into this thanks...

this is an intrusive worm operate by a hacker to try gain control from a machine, my advise is get a good firewall, encrypt your machine, and a good anti-virus updated every day, to prevent this kind ...

this is an intrusive worm operate by a hacker to try gain control from a machine, my advise is get a good firewall, encrypt your machine, and a good anti-virus updated every day, to prevent this kind ...

this is an intrusive worm operate by a hacker to try gain control from a machine, my advise is get a good firewall, encrypt your machine, and a good anti-virus updated every day, to prevent this kind ...

Detected: Intrusion.Win.MSSQL.worm.Helkern Detected: Intrusion.Win.MSSQL.worm.Helkern Absent UDP from 211.99.122.18 to local port 1434. This is the message given by Kaspersky Internet Security-networ...

Detected: Intrusion.Win.MSSQL.worm.Helkern Detected: Intrusion.Win.MSSQL.worm.Helkern Absent UDP from 202.99.11.99 to local port 1434. This is the message given by Kaspersky Internet Security-network...

This IP is trying to spam the comment area of my site....

The IP, along with at least three others, is trying to post comment on one of my servers. The comments contains links to trojans infested sites and other nasty stuff. I have blocked them in my firewal...

The IP, along with at least three others, is trying to post comment on one of my servers. The comments contains links to trojans infested sites and other nasty stuff. I have blocked them in my firewal...

The IP, along with at least three others, is trying to post comment on one of my servers. The comments contains links to trojans infested sites and other nasty stuff. I have blocked them in my firewal...

network intruion.win.MSSQL.hienken.worm this is attacking my computer...

5/20/2009 03:56 UDP from 202.99.11.99 to local port 1434 Absent Detected: Intrusion.Win.MSSQL.worm.Helkern ...

This guy registered on my forum just to spam links about how to download photoshop and autocad programs illegally. He was banned.......

Best Site Good Work...

DoS MS-SQL Slammer Worm...

DoS MS-SQL Slammer Worm attempt here at 2009-04-13 11:58:30...

Tried 38 times per second to hack my internal MS-Sql-server on port 1433...

Intrusion.Win.MSSQL.worm.Helkern UDP 1434. is there any people can stop this guy and all of the friend?. i\\\'ll be glad n very tanks to the people who can stop this ipaddress : 218.75.199.50 and al...

Tried to connect on port 1434...

Starting 01.27.09 till now with a frequency of about 3 to 5 days I get blocked incoming for this source on 1434....

intrustion.win.mmsql.worm.helken. yup this is it........

24/02/2009 01:52:37 Intrusion.Win.MSSQL.worm.Helkern! Attacker's IP address: 58.20.154.23. Protocol/service: UDP on local port 1434. Time: 24/02/2009 01:52:37 ...

23/02/2009 23:11:20 Intrusion.Win.MSSQL.worm.Helkern! Attacker\'s IP address: 61.177.196.226. Protocol/service: UDP on local port 1434. Time: 23/02/2009 23:11:20...

219.139.130.139 pls.. block it up block it...

16/04/2008 15:41:49 Intrusion.Win.MSSQL.worm.Helkern! Attacker's IP address: 220.165.8.32. Protocol/service: UDP on local port 1434. Time: 16/04/2008 15:41:49...

Intrusion.Win.MSSQL.worm.Helkern AbsentUDP from 117.103.192.49 to local port 1434...

Protocol - UDP Port - 1434 Intrusion.Win.MSSQL.Worm.Helkern Detected by AntiHacker System...

Protocol - UDP Port - 1434 Intrusion.Win.MSSQL.Worm.Helkern Detected by AntiHacker System...

Intrusion.Win.MSSQL.worm.Helkern...

Kaspersky Internet Security found on 11/19/2008 6:07:30 PM, UDP from 202.99.11.99 to local port 1434 Absent Detected: Intrusion.Win.MSSQL.worm.Helkern...

We have seen multiple SQL injection attacks coming from that IP address. they are trying to attack our web site by adding SQL code to the url and trying to retrieve table structures and usernames. ...

KIS 2009 report on 11/19/2008 11:09:49 PM UDP from 61.139.54.94 to local port 1434 Absent Detected: Intrusion.Win.MSSQL.worm.Helkern ...

Kaspersky Internet Security found on 11/19/2008 6:07:30 PM, UDP from 202.99.11.99 to local port 1434 Absent Detected: Intrusion.Win.MSSQL.worm.Helkern...

Kaspersky is blockig multiple UDP's from 222.82.249.235 to local port 1434 Detected: Intrusion.Win.MSSQL.worm.Helkern. Other IP's: 220.250.21.226 61.177.196.226 218.22.244.45 58.20.154.23 ...

My firewall repeatedly detects intrusions coming from and the warning is: detected intrusion win mssql worm helkern coming from ip: 218.75.84.150 and port 1434...

this user is using a script to check if you are running any versions of phpMyAdmin, upon checking my error log there are 100's of entries in the last hour...

11/06/2008 21:53:11 PM Detected: SQL worm from 59.63.157.142 to local port 1434...

intrusion.Win.MSSQL.worm.Helkern! Attacker IP address: 218.23.142.157. Protocol/service: UDP on local port 1394...

Host has been trying to feed malicious url variables, for example: [url removed]=2;DECLARE%20@S%20CHAR(4000);SET%20@S=CAST(0x4445434C415245204054207661726368617228323535292C40432076617263686172283...

Host has been tryinmg to feed malicious url variables, for example: [url removed]=4\';DECLARE%20@S%20CHAR(4000);SET%20@S=CAST(0x4445434C415245204054207661726368617228323535292C40432076617263686172...

This ip is showen in my mysql databse and has banned all the people who are in my community. and also has hacked in to my system. and has said many bad words. also this ip is keep doing that to me and...

This IP is trying to hack our site with sql injection attacks, setting URL querystring vars to sql scripting. For details: http://www.developersdex.com/sql/message.asp?p=580&r=6338912...

5/23/2008 5:01:39 PM Intrusion.Win.MSSQL.worm.Helkern! Attacker\'s IP address: 221.6.90.130. Protocol/service: UDP on local port 1434. Time: 5/23/2008 5:01:39 PM ...

5/23/2008 1:07:52 AM Intrusion.Win.MSSQL.worm.Helkern! Attacker\'s IP address: 61.132.223.14. Protocol/service: UDP on local port 1434. Time: 5/23/2008 1:07:52 AM ...

5/23/2008 11:50:23 AM Intrusion.Win.MSSQL.worm.Helkern! Attacker\'s IP address: 218.22.5.108. Protocol/service: UDP on local port 1434. Time: 5/23/2008 11:50:23 AM ...

5/23/2008 11:50:47 AM Intrusion.Win.MSSQL.worm.Helkern! Attacker\'s IP address: 218.7.160.84. Protocol/service: UDP on local port 1434. Time: 5/23/2008 11:50:47 AM ...

Network attacks detected: 3 Last attack: 5/24/2008 5:32:05 PM Start time: 5/24/2008 1:21:03 PM Duration: 04:18:05 Network attacks --------------- Time Attack description Source Protocol Local port ...

My website, hosting in Brasil it was attacked by this IP 221.206.20.143 and change the content of the MS-SQL database containing a EXPLOIT script....

Hello I want to report abuser with IP adress 208.70.24.232 on our joomla site www.oathrecords.com. Our JGuard report 15 The attacks of type Mysql Injection in 1hour....

This guy from shangai is trying to attack through a worm named helkern. The above posted details are from my antivirus reports....