3 Replies Latest reply on Aug 16, 2006 5:50 AM by dianashere!

    Hacker Attack

    dianashere!
      Hi all,

      I hope that someone can give me some ideas as to where I should start with this problem. We have a coldfusion site created mainly in MX 7 on a windows platform. We have recently had a spoof attack with one person signing up 1300+ times. I'm not sure how he is doing this. He seems to be bypassing all of our front-end verification and created a form that uses our cfc's to write to the database. Does that seem plausible? How would he even know what our cfc's are named? What are some basic steps that I need to do to ensure that this guy is stopped?

      Any adivse is greatly appreciated.

      THX
      -Diana
        • 1. Re: Hacker Attack
          Wilgeno_wnt Level 1
          Try make sure the form submission is coming from your site.

          cfif cgi.server_name eq "your ip address"

          You can also check the to make sure the form is being submitted by your form

          cfif cgi.http_referer eq "your_form_page.cfm"

          You can also record the ip address of the remote computer that creates an account and only allow one account per IP address. This is not the best since there are proxy servers where every uses ip address is reported as the same address.

          Once this that I do is to generate a unique key that gets passed as a hidden field in the form and saved as a temporary session variable and then on the action page I compare the form value to the session value to see if they match. A hacker submitting a form from a remote server will not have the proper unique id.
          • 2. Re: Hacker Attack
            <newbie /> Level 1
            Are you aware of this method to ensure that there is a human on the other end?

            http://en.wikipedia.org/wiki/CAPTCHA
            • 3. Re: Hacker Attack
              dianashere! Level 1
              All great suggestions! thank you so much! To the person who asked me about CAPTCHA; yes, I am familiar with that method but as of yet have been unsuccessful in getting it to work. I found two ColdFusion freebies on the web but haven't had any luck with them so far:

              Open Source Captcha CFC
              LylaCAPTCHA

              I think that I will continue to try to get these to work and if I can't figure them out by the end of the day I will resort to Wil's excellent suggestions. Thanks again!!!