Login ProductsSalesSupportDownloadsAbout |
Home » Technical Support » DBISAM Technical Support » Support Forums » DBISAM Client/Server » View Thread |
Messages 1 to 4 of 4 total |
Confusing Server Log Entry |
Tue, Jun 6 2006 12:05 AM | Permanent Link |
Dondi | Win98SE
Delphi 5 DBISAM 3.27 Below is a section of the Server log I am referring to : This entry is legitimate -- I am the Admin and the Address is dynamic and it is indeed mine for the session. 6/5/2006 11:31:44 AM Admin connection closed [Address: 68.237.39.85 Version: 3.27 Thread: 1984 Session: 0] The entries below are not my Address and I could not locate anywhere in the log an entry for a login or connection accepted or a logout for this IP Address. Have I been hacked? 6/5/2006 11:47:12 AM Admin connection closed [Address: 167.216.252.47 Version: 0.00 Thread: 31956 Session: 0] 6/5/2006 11:48:53 AM Admin connection closed [Address: 167.216.252.47 Version: 0.00 Thread: 31956 Session: 0] 6/5/2006 11:48:51 AM Admin connection closed [Address: 167.216.252.47 Version: 0.00 Thread: 30292 Session: 0] 6/5/2006 11:48:53 AM Admin connection closed [Address: 167.216.252.47 Version: 3.27 Thread: 1984 Session: 0] 6/5/2006 11:48:51 AM Admin connection closed [Address: 167.216.252.47 Version: 0.00 Thread: 32572 Session: 0] 6/5/2006 11:48:54 AM Admin connection closed [Address: 167.216.252.47 Version: 0.00 Thread: 31896 Session: 0] 6/5/2006 11:48:54 AM Admin connection closed [Address: 167.216.252.47 Version: 0.00 Thread: 29392 Session: 0] 6/5/2006 11:48:54 AM Admin connection closed [Address: 167.216.252.47 Version: 0.00 Thread: 26968 Session: 0] 6/5/2006 11:48:54 AM Admin connection closed [Address: 167.216.252.47 Version: 0.00 Thread: 31356 Session: 0] 6/5/2006 11:49:46 AM Admin connection closed [Address: 167.216.252.47 Version: 3.27 Thread: 1984 Session: 0] I have never seen this before and a NG search has not turned up anything. I did a "Who is" on the IP Address which did not shed any light on the situation. Anyone know what is occurring. Thanks, Dom |
Tue, Jun 6 2006 12:25 PM | Permanent Link |
Tim Young [Elevate Software] Elevate Software, Inc. timyoung@elevatesoft.com | Dom,
<< The entries below are not my Address and I could not locate anywhere in the log an entry for a login or connection accepted or a logout for this IP Address. Have I been hacked? >> Well, you certainly have someone trying to connect to that port, first using just a general connection, but finally actually connecting using 3.27. This is not a problem by itself, since they can't get in without the proper admin password. -- Tim Young Elevate Software www.elevatesoft.com |
Wed, Jun 7 2006 12:34 PM | Permanent Link |
Dondi | Tim, << Well, you certainly have someone trying to connect to that port, first using just a general connection, but finally actually connecting using 3.27. This is not a problem by itself, since they can't get in without the proper admin password. >> I understand what you are saying. On 6th June 2006 I got a series of similar log entries but two in particular that have me worried. I highlighted them below. These are the ones <<<< 6/6/2006 6:23:18 AM Admin connection closed [Address: 167.216.252.46 Version: 3.27 Thread: 1984 Session: 0] 6/6/2006 6:23:18 AM Connection closed [Address: 167.216.252.46 Version: 3.27 Thread: 16124 Session: 0] 6/6/2006 6:23:18 AM Engine error - DBISAM Engine Error # 15002 Error uncompressing data [Address: 167.216.252.46 Version: 3.27 Request: REQUEST_RECONNECT Thread: 15704 Session: 0] >>>> The rest are the same as this one. 6/6/2006 6:20:59 AM Connection closed [Address: 167.216.252.46 Version: 3.27 Thread: 2468 Session: 0] and there are a lot. I have Version 4 but have not installed it yet. I believe I read in the docs that this version stops this type of abuse. Correct? Thanks again for your help, again. Dom |
Wed, Jun 7 2006 4:52 PM | Permanent Link |
Tim Young [Elevate Software] Elevate Software, Inc. timyoung@elevatesoft.com | Dom,
<< I have Version 4 but have not installed it yet. I believe I read in the docs that this version stops this type of abuse. Correct? >> Version 3.27 or higher won't allow a reconnect without the proper process, thread, and session IDs from the prior session. -- Tim Young Elevate Software www.elevatesoft.com |
This web page was last updated on Thursday, March 28, 2024 at 06:05 PM | Privacy PolicySite Map © 2024 Elevate Software, Inc. All Rights Reserved Questions or comments ? E-mail us at info@elevatesoft.com |