Community mailing list archives

community@mail.odoo.com

Re: Seems Odoo just got hacked

by
Dave Ellison
- 09/25/2015 04:07:39
Hi,

Whilst it does look that way, it is not, note the 404's. What you'll find is bots hitting IP's, finding a web server and spamming it with known scripts and vulnerabilities. I can fire up a VPS with Apache and within days I can see these attempts. This is not even a specific attack against you, it is just a script with a set attack, to find anything that will allow them access etc. This is the unfortunate life of a web server on the internet. If you look further into a server exposed to the internet, certainly a Linux server. You will find bots attempting SSH accessing on a regular basis. That's why any server on the internet needs securing and programs like fail2ban adding. Though these days, most people get in on weak passwords or un-patched OS

Thanks
Dave

On 24/09/15 18:25, David Arnold wrote:
<blockquote cite="mid:CAOLEt-E=9D7m=UswxJdAb4bzFDKNGnQW=Q50AYZRLxkM6eUs_Q@mail.gmail.com" type="cite">
Hi All

A client's odoo seems to just got hacked:

please find attached log files for your prudent analysis>


Best

David

_______________________________________________
Mailing-List: https://www.odoo.com/groups/community-59
Post to: mailto:community@mail.odoo.com
Unsubscribe: https://www.odoo.com/groups?unsubscribe