Muahahahah

[vegas]

Well a few weeks ago I posted a reply to a thread and then a VIP thread on how to bypass CL's phone system. Well someone is a sneaky person!! As now I am watching my one server get scanned looking for nothing else then Asterisk , the PBX system.

So whoever you are, you have done some good detective work, you have found server #1 . But this is NOT the server with the PBX setup.

You are at the wrong DC. Keep trying who ever you are.

And yeah I could post the IP, but I'm sure its a proxy of some sorts.

Hehaw! This is fun!

Ill give anyone who can find my PBX box, and give me the main IP all of my credits here!!

[NCMedia]

FTW!?

This is where I start getting lost re tech ish. But I'll say it outloud that if you're caught fucking around with fellow choppers stuff you're indeed going to feel the wrath of the collective.

[lemonarian]

NC... WTF means something different backwards, lol.

As for the post... uh, okay... uh... yeah... didn't really get that part...

[Vadym]

Bansticks upside someone's behind.

And ftw = for the win, Norb

[vegas]

As for the post... uh, okay... uh... yeah... didn't really get that part...

Ok yeah uh let me explain more..

People create bots to scan IP's for various things, such as forgotten readme.txt files or config.sample.php all the way to exploitable scripts.

In general if you have a few sites, and you are checking the logs you will notice that you get scanned for different files, which are always the same.
Open source scripts that have exploits.
So you get used to these type of scans.

This time someone was scanning for a PBX software that is used to setup VOIP accounts. And out of my 3 servers I currently have for myself (1 @ liquidweb / 1@ burst.net / 1@ theplanet) I never have once seen someone scan for files related to this software.

So that is why I posted this thread, because when I posted how to get around CL's phone verification system someone ended up scanning me.

How do I know it was because of my CL thread and or CL answer to Norbs thread ?

Because they scanned the whole server that has to do with the website in my SIG.

This is how I know it was from someone who comes here or reads here.

I would think different if I saw the same scans happen with my other 2 servers, and until I do see the same type of scans I will still know it was someone who reads here.

I hope this explains more.

One of my employees who works out of my local office here is certified with InfoSec Institute's for Computer Forensics Training. He is the one who brought this to my attention today.