BAD stuff happens

[sqlnoob]

I'm not sure where to put this is, as I've looked around the forum and couldn't find the category where this belongs to, but here goes...

 

 

 

first some statistics of my site....

 

404 ERRORS

 

url; times occured; from url

//phpmyadmin/main.php; 3; unknown

//admin/main.php; 1; unknown

//php-my-admin/main.php; 1; unknown

//myadmin/main.php; 1; unknown

//mysql/main.php; 1; unknown

//pma/main.php; 1; unknown

//dbadmin/main.php; 1; unknown

/crests/ishida.gif; 8; http://kcm.456room.org/index.php

 

BUG TRACKING INFORMATION

 

account; IP; bugtype

Shimazu; 68.199.104.145; 1

Shiba; 24.6.193.199; 1

Togashi; 99.11.163.51; 1

Asakura; 81.191.191.203; 1

Bessho; 24.146.17.21; 2

Wada; 70.105.134.155; 2

Shimazu; 68.199.104.145; 2

Ito; 99.166.33.131; 2

Togashi; 24.98.105.125; 8

 

ACCOUNT INFORMATION

ID; account; IP

266; Oda; 142.161.25.176

30; Satake; 142.161.25.176

226; Satake; 142.161.59.220 

242; Akamatsu; 142.161.59.220

65; Oda; 141.161.21.165

275; Akamatsu; 141.161.21.165

[sqlnoob]

The more thoughtful and knowledgable reader will of course realize what is going on with these statistics. And If you happen to realize what is going on with these statistics and know a solution, then PLEASE tell me

 

the first 404 errors from my hosting account statistics defenitely show that someone is trying to hack into the phpadmin database, as he or she is trying to find the url.

There was this Norwegian guy who oddly enough registered without a password. I checked the script of the registration and couldn't find an error in it. I suspect it is him who made this sad hacking attempt. Trouble is I don't know for sure, because the stats that came with the account don't track who caused the 404 error.

 

The last 404 error is someone who linked the url of a picture i uploaded on my site to some eastern european forum. This is bad because he is mooching of bandwidth and i have very limited bandwidth with this account (its a really cheap reseller virtual webhost). Ever since i detected this i deleted the pictures and relocated them to a different directory. However I need a more permanent solution.

 

The rows i showed from the bug tracking table, are people who open up multiple windows, either because of ease, or in an attempt to lag the server (don't know for sure). My site hosts a small browser based game i designed myself as a hobby, the downside of the game is that turns are only refreshed once a day and in some cases there is an advantage to whoever attacks first. This causes people to rush login at midnight local time, when the turns refresh. I can't do a cronjob with this account, so refreshing more times a day is out of the question.

 

The last table shows account information. I store the IP adresses of the users who login. Whenever the IP changes it is stored in another sql table. I sorted these IP's and found out that some of these IP's matched with other accounts on 3 occasions, indicating that 1 person holds 3 accounts in my game. I've traced these IP's to Winnipeg Manitoba in Canada. the IP adress keeps changing, but whenever i trace it, it traces to Winnipeg Manitoba. I've contacted the person and he contacted me on my forum. He says the Oda account is him, the Satake account is his roommate and the Akamatsu account is a friend who happens to live in the same town. Is he lying? And if so how do I prove he's a liar (i.e. how do i show the accounts are held by one and the same person)?