Global Resonance Network/LightPages

From: Betty Albright
Date: Friday, August 8, 2008
Previous | Next | Print | Return

GLOBAL COHERENCE

Bruce and All,

Had a hard time finding these messages... so glad we're still "standing"!

Dreams have been very intense lately -- am feeling we've all been connected on other levels (and working very hard). Would hate to lose this tangible level -- we must keep the place afloat!

Namaste, and much Love,

Betty

--- On Fri, Aug 8, 2008, in msg263309, Bruce Schuman wrote ---

Well -- good morning. Hmm. Looks like the house didn't get blown down by the big bad wolf last night -- despite all that huffing and puffing....

I am currently downloading my email.... why is it taking so long....

I have that script set up to send me an email warning every time it detects an injection attack through a URL. And wow, there is a ton of emails coming through, what are they all...

Ok, it stopped downloading, I got them filtered. Over 2,600 emails since last night warning me of a particular injection attack, on just three web systems -- not even including Global Resonance, which I took entirely offline because I had no idea how to defend it....

So, it looks like this attack is ramping up. It's very organized, it knows about Cold Fusion everywhere, and it just finds some web page from a search engine somewhere (like Google), and starts hammering on that page.

So -- pretty clearly, I got to be very careful about getting things back online. We cannot have one web page up on our system that is not defended, because one undefended opening anywhere is enough to take down the entire system. It's like a big ship with thousands of passengers, and one hole in the hull sinks the entire ship...

So -- I am encouraged that the system is still running -- as far as I can tell (!). But I don't see any signs at the moment that any of these attacks have not been rejected. So -- let's just -- hang out a bit, and see if things keep working as they seem to be.

This is just one more lesson along the way -- but it's been a total handful for me, and if I had not found that protection script yesterday, written by another programmer who generously offered it to other CF programmers for no charge -- we'd still be looking at some rubble...

Anyway. Let's see if I can post this. I guess we could call this exciting and educational -- and not merely nerve-wracking. This is something I have needed to do -- to learn how to do -- for a long time. And more protection will be needed, from the next class of attack that comes along. We are just going to ride the wave straight into the sun, one step at a time. Thanks.