tag:forums.movabletype.org,2011://24/tag:www.movabletype.org,2008:/documentation//1.6226- 2011-09-01T02:28:22Z Comments for Hacker activity in Activity Log? Movable Type 4.292 tag:www.movabletype.org,2008:/documentation//1.6226 2008-05-26T18:29:24Z 2008-05-30T06:59:29Z Hacker activity in Activity Log? I just noticed this morning that I have been getting strange activity in my Activity Log. There are several entries that look like this (it's the Dutch version, translation followe): Update van geplande taken (IP: 24.14.223.183) YWAM Europe 24.14.223.183 12... Rodney Blevins http://blevins.nl I just noticed this morning that I have been getting strange activity in my Activity Log.

There are several entries that look like this (it's the Dutch version, translation followe):

Update van geplande taken (IP: 24.14.223.183) YWAM Europe 24.14.223.183 12 minutes ago Volgende taken moesten uitgevoerd worden: Vervaldatum spam-map

Which translated to "Update to planned tasks", IP, blog name, etc. and then: "The following tasks should be carried out: Spam folder expiration date"

Does anyone know what this is? Has anyone else had this? It makes me think that someone is trying to hack my blog to allow spam in some way.

]]> tag:www.movabletype.org,2008:/documentation//1.6226-comment:5058 Comment from Byrne Reese on 2008-05-29 Byrne Reese This is almost certainly *not* a hacker attack. It looks as if a task is failing for some reason.

What is the category or type of log entry for this record in your activity log? Is it an error record or something else?

]]> 2008-05-29T23:55:43Z tag:www.movabletype.org,2008:/documentation//1.6226-comment:5059 Comment from Byrne Reese on 2008-05-29 Byrne Reese According to Brad Choate, "that's just a normal system message. the 'The following tasks were run: ...'"

]]> 2008-05-29T23:56:24Z tag:www.movabletype.org,2008:/documentation//1.6226-comment:5071 Comment from Rodney Blevins on 2008-05-29 Rodney Blevins Thanks for your reply. I didn't think the message had been published, since I got an MT error about custom fields or something when I tried to post. I tried it three times, so I may have posted this message several times.

I contacted support about it and got pretty much the same message.

The only strange thing is, that the IP addresses are all different and none of them are related to me or to the website in anyway. It was probably just some bot crawling through the site. On the other hand, that bot would have had to know about the scheduled tasks script, wouldn't it? Therefore it seems to me like it was a deliberate visit to the scheduled tasks script.

Anyway, I'm not worried about it, but it does seem strange. I just hope that no code can be injected into the scheduled tasks script and run on my system. Is there anyway I can see all the planned tasks in one list?

]]> 2008-05-30T06:59:29Z