OMG! I visited your site unwittingly this morning; I had googled some IPs I saw hitting the forums here :)

I think its a fabulous idea as long as you are confident that that the attacks are as you say they are, ie, that IP actually made "that" request.

I would, in fact, love it if you shared the script, it would sure do me well :)

You have visited my site today, whoo ? - What a coincidence ;)

Anyhow, I am glad to hear that you find my [url=http://www.ng-ethernet.com/ethernet_forum/]NG Ethernet[/url] / [url=http://www.ng-sdh.com/ng-sdh-forum/]NG SDH[/url] and [url=http://www.transport-mpls.com/t-mpls-forum/]T-MPLS[/url] log useful and I am really considering to post the script lines.

You were concerned of whether I am catching the right IP addresses. Well, I am using the >> $_SERVER["REMOTE_ADDR"] << variable and assume that this gets the IP of the requesting host. Did I make a mistake here ?

I will certainly keep you up-to-date in the [url=http://www.ng-ethernet.com/ethernet_forum/viewtopic.php?t=61]phpBB section[/url] of my forum. This is also the place where I will possibly post [url=http://www.ng-ethernet.com/ethernet_forum/viewtopic.php?t=62]my script[/url] once it is cleaned up and ready for disclosure.

No, i wasnt concerned about the IP adresses, I was "concerned" about how you are 'catching' the attacks ..

This is also the place where I will possibly post my script..

Im not too sure why you wouldnt make the script public, if the intent is to reduce spam and exploit attempts. If on the other hand, youre merely looking for accolades, well thats another story :P You could always covet it.

The visitors are "caught" by the URL string. An extended POST version is in work.
However, posting script lines always opens a new and possibly weak spot for further attacks. You see, what I am concerned about.
Believe me or not, there are people around, who are not happy about [url=http://www.ng-ethernet.com/ethernet_forum/phpBB_exploit.php]this page[/url]...

So, give me some days to double check the lines beforehand.

Cheers,
Thomas
P.S. The best accolade would be to [url=http://www.ng-ethernet.com/ethernet_forum/profile.php?mode=register]join my forum[/url] or to support it in some other way...
The Next Generation Ethernet is concerned with highspeed Ethernet links. So, whenever you catch some news about 10G or 100G Ethernet, please drop a line in the [url=http://www.ng-ethernet.com/ethernet_forum/index.php?c=2]forum[/url].

The code snippet is posted [url=http://www.ng-ethernet.com/ethernet_forum/viewtopic.php?t=62]here[/url] (members only).

The forum user "whoo" requested more details about my filter code in order to extend the viewtopic.php file.
Hence, I've uploaded the complete code [url=http://www.ng-ethernet.com/ethernet_forum/viewtopic.php?t=62]there[/url].
Furthermore, I have put my php source online for the page that displays the logged information.
http://www.ng-ethernet.com/ethernet_forum/phpBB_exploit.src.php

Feel free to use this code as long as you keep a link back to the [url=http://www.ng-ethernet.com/ethernet_forum/index.php?c=2]100 Gigabit Ethernet Forum[/url].

Cheers,
Thomas