A website (www.blue*****art.com) is trying to attack my server using Shell Shock vulnerability. After doing an nmap scan on the attacking IP address, I found many open ports. It looks like the website is running Exim, which is vulnerable to GHOST.
The website in question has not been maintained for the past 3 years (from copyright date, twitter and facebook status), possibly the owner passed away. A check with sucuri shows that it is currently not blacklisted because no malware has been found.
Should I retaliate by taking over the website from the hacker and shutting it down to stop it from scanning other people's computers?
Aucun commentaire:
Enregistrer un commentaire