Websense attempting to hack WordPress blogs?

[crazypenguin]

Almost daily one of my websites is being attacked by an attempted SQL injection.  The IP is 208.80.194.34.  Interesting enough the IP resolves back to as13448.com or Websense.com.  When I go to the Websense website they claim they are an internet security company. 

Websense:

Websense Web Security solutions provide the industry’s best security against modern threats at the lowest total cost of ownership.

Even more interesting Websense discusses WordPress injections several times on their website one example is listed  below:

Websense® Security Labs™ ThreatSeeker™ Network has been monitoring the latest WordPress injection attack for over 2 weeks and has found over 250,000 injections occurring in the past half month. Moreover, over 37,000 URLs in the wild are still being injected according to our observations.

So what in the heck is going on here!?  Has anyone else heard of Websense attempting to hack a WordPress blog by SQL injection?

[ldcdc]

I have no idea what this means. Did you try contacting them directly, and ask for an explanation of their actions?

They seem to be a serious company. 

[crazypenguin]

I haven't contacted them.  I was curious to see what others thought about what I noticed.  Yes from their web appearance they seem to be a legitimate company.  Very interesting!  I will ask around a bit more concerning this situation to see what other people have to say.

Other IP's they have used are 208.80.194.26, 208.80.194.27, 208.80.194.28, 208.80.194.30, 208.80.194.33, 208.80.194.36, 208.80.194.47, 208.80.194.50, 208.80.194.51 which all lead back to 13448.com or Websense.com.  So it appears they are coming from the same IP block. They have been visiting my site since 09/01/2010.

I am not the only one having issues with as13448.com.
as13448.com traffic
How to exclude: .as13448.com
Is there a benefit in having as13448.com trawling my forum?
Content scraper or spam harvester bot 208.80.195.38
Websense and how to Block Web Sense’s Constant Abuse

For now I blocked the IP range 208.80.193.26/59.  I will see what that does for me.  It looks like I made a new internet friend.    After I do some more investigating I think I will write a blog post on Websense.

[WebHostBuyer]

crazypenguin- The worry about WordPress sites constantly being hacked is something everyone with a WordPress should be concerned about. From the stuff I have read over the years it has to do with a few vulnerabilities  that when you think about them make perfect sense:

One has to do with the ever-present default admin being the primary user website builder, the answer (or solution to this problem although being presented as being simple) has sent me into a frenzy and deleting almsot every single sql user associated with my WordPress sites. Needless to to say this type of "cure"was far worse than the problem!

Perhaps this "security" company is legit as ldcdc pointed out, and this is simply their way of doing the research for the development of their producr?

 

[WebHostBuyer]

product?

[crazypenguin]

Perhaps this "security" company is legit as ldcdc pointed out, and this is simply their way of doing the research for the development of their producr?

Any entity which is attempting a SQL injection and is aggressively probing my site with bots is not welcome.  It doesn't matter if they are a security company, masquerading as a security company, or some low life running kiddie scripts.  Such practices are immoral and unethical IMO.  And I will take all measures to keep them from harming my sites.

For now I have blocked the entire IP 208.80.193.xxx range.  Installing a plug in called Bad Behavior may have been effective to keep such pests at bay  also.

I haven't sent an inquiry to Websense asking them what their intentions were with their actions.  I, probably, should as I feel an explanation is in order for their practices.

[crazypenguin]

product?

What are are you asking?

[Nilsons]

havent noticed any such attacks on my WP blogs yet and that company (websense) seems to be a decent one.
Try getting some solution from them or take some help from some expert