Well, they always are. That’s the lovely thing about script kiddies.
So here are two specific attacks I’m running across in my logs:
http://www.spontaneousderivation.com/wp-content/uploads/2008/01/spec-22.jpg &imgrefurl=http://holmes.spontaneousderivation.com/page/2/&usg=__oXqahCshP1XcZZqnIAJHIBmna8s= &h=258&w=180&sz=14&hl=de&start=6&tbnid=IgIMoSnmg_6FuM:&
God knows where the hell this is coming from, but it’s streamed in 9 times on a low-traffic blog over the last few days. I think it’s some sort of specific plugin attack.
The second type:
http://www.spontaneousderivation.com/page/2/ &usg=__oXqahCshP1XcZZqnIAJHIBmna8s=&h=258&w=180&sz=14&hl=de&start=6 &tbnid=IgIMoSnmg_6FuM:&tbnh=112&tbnw=78&prev=/ images%3Fq%3DSpeckled%2BBand%26gbv%3D2%26hl%3Dde%26sa%3
And this is just a typical ramming nonsense at the server and see if it trips over itself and opens access.
Seal up with the WordPress release, I suspect, or you shall seriously regret….
Off to sleep now. Not operating at great efficiently right now.