By Colombo Telegraph –
Yesterday morning Colombo Telegraph monitored attacks against the website. Hackers are attempting to unlawfully gain access to or take down the Colombo Telegraph website by trying to crack the password of the site.
Attempts of password cracking have been logged from the Internet Protocol (IP) address 146.0.79.23, which originates from the Netherlands.
Colombo Telegraph logged more than 100 attempts before blocking the IP.
For those of Colombo Telegraphs more technically interested readers, please find below information on the hacking attempts.
146.0.79.23 – – [08/Aug/2012:02:52:31 +0200] “GET /wp-login.php
HTTP/1.1” 200 3950 “-” “Mozilla/5.0 (Windows; U; Windows NT 5.1;
en-US; rv:1.9.1.3) Gecko/20090824 Firefox/3.5.3 GTB5”
146.0.79.23 – – [08/Aug/2012:02:52:31 +0200] “GET /wp-login.php
HTTP/1.1” 200 3950 “-” “Mozilla/5.0 (Windows; U; Windows NT 5.1;
en-US; rv:1.9.1.3) Gecko/20090824 Firefox/3.5.3 GTB5”
146.0.79.23 – – [08/Aug/2012:02:52:31 +0200] “GET /wp-login.php
HTTP/1.1” 200 3950 “-” “Mozilla/5.0 (Windows; U; Windows NT 5.1;
en-US; rv:1.9.1.3) Gecko/20090824 Firefox/3.5.3 GTB5”
146.0.79.23 – – [08/Aug/2012:02:52:32 +0200] “GET /wp-login.php
HTTP/1.1” 200 3950 “-” “Mozilla/5.0 (Windows; U; Windows NT 5.1;
en-US; rv:1.9.1.3) Gecko/20090824 Firefox/3.5.3 GTB5”
146.0.79.23 – – [08/Aug/2012:02:52:32 +0200] “GET /wp-login.php
HTTP/1.1” 200 3950 “-” “Mozilla/5.0 (Windows; U; Windows NT 5.1;
en-US; rv:1.9.1.3) Gecko/20090824 Firefox/3.5.3 GTB5”
146.0.79.23 – – [08/Aug/2012:02:52:32 +0200] “GET /wp-login.php
HTTP/1.1” 200 3950 “-” “Mozilla/5.0 (Windows; U; Windows NT 5.1;
en-US; rv:1.9.1.3) Gecko/20090824 Firefox/3.5.3 GTB5”
146.0.79.23 – – [08/Aug/2012:02:52:32 +0200] “GET /wp-login.php
HTTP/1.1” 200 3950 “-” “Mozilla/5.0 (Windows; U; Windows NT 5.1;
en-US; rv:1.9.1.3) Gecko/20090824 Firefox/3.5.3 GTB5”
146.0.79.23 – – [08/Aug/2012:02:52:32 +0200] “GET /wp-login.php
HTTP/1.1” 200 3950 “-” “Mozilla/5.0 (Windows; U; Windows NT 5.1;
en-US; rv:1.9.1.3) Gecko/20090824 Firefox/3.5.3 GTB5”
146.0.79.23 – – [08/Aug/2012:02:52:32 +0200] “GET /wp-login.php
HTTP/1.1” 200 3950 “-” “Mozilla/5.0 (Windows; U; Windows NT 5.1;
en-US; rv:1.9.1.3) Gecko/20090824 Firefox/3.5.3 GTB5”
146.0.79.23 – – [08/Aug/2012:02:52:33 +0200] “GET /wp-login.php
HTTP/1.1” 200 3950 “-” “Mozilla/5.0 (Windows; U; Windows NT 5.1;
en-US; rv:1.9.1.3) Gecko/20090824 Firefox/3.5.3 GTB5”
146.0.79.23 – – [08/Aug/2012:02:52:32 +0200] “GET /wp-login.php
HTTP/1.1” 200 3950 “-” “Mozilla/5.0 (Windows; U; Windows NT 5.1;
en-US; rv:1.9.1.3) Gecko/20090824 Firefox/3.5.3 GTB5”
146.0.79.23 – – [08/Aug/2012:02:52:32 +0200] “GET /wp-login.php
HTTP/1.1” 200 3950 “-” “Mozilla/5.0 (Windows; U; Windows NT 5.1;
en-US; rv:1.9.1.3) Gecko/20090824 Firefox/3.5.3 GTB5”
146.0.79.23 – – [08/Aug/2012:02:52:33 +0200] “GET /wp-login.php
HTTP/1.1” 200 3950 “-” “Mozilla/5.0 (Windows; U; Windows NT 5.1;
en-US; rv:1.9.1.3) Gecko/20090824 Firefox/3.5.3 GTB5”
146.0.79.23 – – [08/Aug/2012:02:52:32 +0200] “GET /wp-login.php
HTTP/1.1” 200 3950 “-” “Mozilla/5.0 (Windows; U; Windows NT 5.1;
en-US; rv:1.9.1.3) Gecko/20090824 Firefox/3.5.3 GTB5”
146.0.79.23 – – [08/Aug/2012:02:52:34 +0200] “GET /wp-login.php
HTTP/1.1” 200 3950 “-” “Mozilla/5.0 (Windows; U; Windows NT 5.1;
en-US; rv:1.9.1.3) Gecko/20090824 Firefox/3.5.3 GTB5”
146.0.79.23 – – [08/Aug/2012:02:52:33 +0200] “GET /wp-login.php
HTTP/1.1” 200 3950 “-” “Mozilla/5.0 (Windows; U; Windows NT 5.1;
en-US; rv:1.9.1.3) Gecko/20090824 Firefox/3.5.3 GTB5”
146.0.79.23 – – [08/Aug/2012:02:52:34 +0200] “GET /wp-login.php
HTTP/1.1” 200 3950 “-” “Mozilla/5.0 (Windows; U; Windows NT 5.1;
en-US; rv:1.9.1.3) Gecko/20090824 Firefox/3.5.3 GTB5”
146.0.79.23 – – [08/Aug/2012:02:52:34 +0200] “GET /wp-login.php
HTTP/1.1” 200 3950 “-” “Mozilla/5.0 (Windows; U; Windows NT 5.1;
en-US; rv:1.9.1.3) Gecko/20090824 Firefox/3.5.3 GTB5”
146.0.79.23 – – [08/Aug/2012:02:52:33 +0200] “GET /wp-login.php
HTTP/1.1” 200 3950 “-” “Mozilla/5.0 (Windows; U; Windows NT 5.1;
en-US; rv:1.9.1.3) Gecko/20090824 Firefox/3.5.3 GTB5”
146.0.79.23 – – [08/Aug/2012:02:52:34 +0200] “GET /wp-login.php
HTTP/1.1” 200 3950 “-” “Mozilla/5.0 (Windows; U; Windows NT 5.1;
en-US; rv:1.9.1.3) Gecko/20090824 Firefox/3.5.3 GTB5”
146.0.79.23 – – [08/Aug/2012:02:52:33 +0200] “GET /wp-login.php
HTTP/1.1” 200 3950 “-” “Mozilla/5.0 (Windows; U; Windows NT 5.1;
en-US; rv:1.9.1.3) Gecko/20090824 Firefox/3.5.3 GTB5”
146.0.79.23 – – [08/Aug/2012:02:52:33 +0200] “GET /wp-login.php
HTTP/1.1” 200 3950 “-” “Mozilla/5.0 (Windows; U; Windows NT 5.1;
en-US; rv:1.9.1.3) Gecko/20090824 Firefox/3.5.3 GTB5”
146.0.79.23 – – [08/Aug/2012:02:52:34 +0200] “GET /wp-login.php
HTTP/1.1” 200 3950 “-” “Mozilla/5.0 (Windows; U; Windows NT 5.1;
en-US; rv:1.9.1.3) Gecko/20090824 Firefox/3.5.3 GTB5”
146.0.79.23 – – [08/Aug/2012:02:52:33 +0200] “GET /wp-login.php
HTTP/1.1” 200 3950 “-” “Mozilla/5.0 (Windows; U; Windows NT 5.1;
en-US; rv:1.9.1.3) Gecko/20090824 Firefox/3.5.3 GTB5”
146.0.79.23 – – [08/Aug/2012:02:52:34 +0200] “GET /wp-login.php
HTTP/1.1” 200 3950 “-” “Mozilla/5.0 (Windows; U; Windows NT 5.1;
en-US; rv:1.9.1.3) Gecko/20090824 Firefox/3.5.3 GTB5”
146.0.79.23 – – [08/Aug/2012:02:52:33 +0200] “GET /wp-login.php
HTTP/1.1” 200 3950 “-” “Mozilla/5.0 (Windows; U; Windows NT 5.1;
en-US; rv:1.9.1.3) Gecko/20090824 Firefox/3.5.3 GTB5”
146.0.79.23 – – [08/Aug/2012:02:52:35 +0200] “GET /wp-login.php
HTTP/1.1” 200 3950 “-” “Mozilla/5.0 (Windows; U; Windows NT 5.1;
en-US; rv:1.9.1.3) Gecko/20090824 Firefox/3.5.3 GTB5”
146.0.79.23 – – [08/Aug/2012:02:52:34 +0200] “GET /wp-login.php
HTTP/1.1” 200 3950 “-” “Mozilla/5.0 (Windows; U; Windows NT 5.1;
en-US; rv:1.9.1.3) Gecko/20090824 Firefox/3.5.3 GTB5”
146.0.79.23 – – [08/Aug/2012:02:52:33 +0200] “GET /wp-login.php
HTTP/1.1” 200 3950 “-” “Mozilla/5.0 (Windows; U; Windows NT 5.1;
en-US; rv:1.9.1.3) Gecko/20090824 Firefox/3.5.3 GTB5”
146.0.79.23 – – [08/Aug/2012:02:52:37 +0200] “GET /wp-login.php
HTTP/1.1” 200 3950 “-” “Mozilla/5.0 (Windows; U; Windows NT 5.1;
en-US; rv:1.9.1.3) Gecko/20090824 Firefox/3.5.3 GTB5”
146.0.79.23 – – [08/Aug/2012:02:52:36 +0200] “GET /wp-login.php
HTTP/1.1” 200 3950 “-” “Mozilla/5.0 (Windows; U; Windows NT 5.1;
en-US; rv:1.9.1.3) Gecko/20090824 Firefox/3.5.3 GTB5”
146.0.79.23 – – [08/Aug/2012:02:52:34 +0200] “GET /wp-login.php
HTTP/1.1” 200 3950 “-” “Mozilla/5.0 (Windows; U; Windows NT 5.1;
en-US; rv:1.9.1.3) Gecko/20090824 Firefox/3.5.3 GTB5”
146.0.79.23 – – [08/Aug/2012:02:52:37 +0200] “GET /wp-login.php
HTTP/1.1” 200 3950 “-” “Mozilla/5.0 (Windows; U; Windows NT 5.1;
en-US; rv:1.9.1.3) Gecko/20090824 Firefox/3.5.3 GTB5”
146.0.79.23 – – [08/Aug/2012:02:52:36 +0200] “GET /wp-login.php
HTTP/1.1” 200 3950 “-” “Mozilla/5.0 (Windows; U; Windows NT 5.1;
en-US; rv:1.9.1.3) Gecko/20090824 Firefox/3.5.3 GTB5”
146.0.79.23 – – [08/Aug/2012:02:52:38 +0200] “GET /wp-login.php
HTTP/1.1” 200 3950 “-” “Mozilla/5.0 (Windows; U; Windows NT 5.1;
en-US; rv:1.9.1.3) Gecko/20090824 Firefox/3.5.3 GTB5”
links:
“password cracking” – http://en.wikipedia.org/wiki/Password_cracking
“Internet Protocol” – http://en.wikipedia.org/wiki/Internet_Protocol
Panda / August 9, 2012
Some people are irritated and mad at Colombo Telegraph. The truth might be hurting them. Why else should any idiot want to take a website down?
They cannot handle the truth, because the truth sets us free.
/
Dilan / August 9, 2012
Who else is doing this type of 3rd grade job!
Rjapaksas are terrible, how long they can do this.
/
DAS / August 9, 2012
The Rajapakse Tribe are hurting due to the truth being divulged/discussed on CT and have hired brainless idiots like themselves to stop it.
/
gamini / August 10, 2012
On behalf of MR, Bell Pottinger & Co. must be using their International contacts to do the dirty, as it affects their bread and butter. These British Scum are no different to the local scum as the Rajapaksas. How they try to distort and hide the TRUTH. So affraid of CT!
/
American Lanka Lover / August 10, 2012
This could be a rival website (Daily mirror?) trying to eliminate competition, it could be bored hackers practicing their craft, it could be a lot of things besides an attempt by GOSL to interfere with a website that is unduly critical. Was the official LTTE website (Tamilnet) hacked? Were CT’s competitors hacked?
This rush to judgment with ZERO evidence is typical of the scapegoating of the Rajapaksas in some quarters.
/
Patriot / August 10, 2012
Attack came from a commercial company based in Netherlands, it has nothing to do with govt of SL.
Stop pedding lies you are not that important. If you are smart you can find out the company that attack came from… Shame on you.
/
Sarath / August 10, 2012
LankaLeaks has been hacked. Two attempts on websites critical to the government.
Will LankaeNews be next.
/
Tinker of Colombo / August 10, 2012
i don;t think Rajapakshas would go to the trouble of hacking a web if they are pissed with the content. they’ll use more ‘direct’ methods than a hacking attack from Netherlands..if you doubt me, pls ask Sunday Leader..this sounds more like a Europe based org.trying to get in..and we all know GoSL ,overseas is utterly incompetent when comes to even mailing a letter on time,let along a sophisticated cyber attack.but then LTTE is one Org.that hacked even a satellite!!!
/
American Lanka Lover / August 10, 2012
To its’ credit, CT does not make any accusation as to the identity of the culprits. The accusations by the usual suspects are predictable as they blame the Rajapaksas for everything, poverty, disease, rainy days you name it and they blame it on their antagonists who defeated their champions.
/