[Sysadmin] SQL Injection
Dean Mah
dean.mah at gmail.com
Fri Aug 22 13:21:50 CDT 2008
Some script kiddies have been running an SQL-injection attack on w.e.o
since Jul 17. Each attempt causes a hit on the database which drives
the CPU load. We were sitting in the 30s making it painful to even
use a terminal session on tempest. I've put in a naive rewrite rule
so that a static page is return rather than a dynamic one. Load is
back down to a reasonable level. If there's any problems in the
short-term, check that first as a source.
Dean
More information about the Sysadmin
mailing list