Strange apache log entry
Hi, my logfiles reports 404 requests to /_vti_bin/shtml.exe/_vti_rpc and similar. Is this a kind of hacker attack? Thanks Thom -- ------------------------------------------------------------------- bye bye (c) by Thom | Thorsten Marquardt | EMail: THOM@kaupp.chemie.uni-oldenburg.de | Member of the pzt project. | http://kaupp.chemie.uni-oldenburg.de/pzt -------------------------------------------------------------------
On 31-May-01 Thorsten Marquardt wrote:
Hi, my logfiles reports 404 requests to /_vti_bin/shtml.exe/_vti_rpc and similar.
Is this a kind of hacker attack?
Maybe. Somebody tried to find out wether you have FrontPage 2000 server extensions installed, or just mistyped his request with his FrontPage client, which should have connected to an other host. You should monitor this closely for a while.
Thanks
Thom
[...] --- Boris Lorenz <bolo@lupa.de> System Security Admin *nix - *nux ---
Hi, ----- Original Message ----- From: "Thorsten Marquardt" <thom@kaupp.chemie.uni-oldenburg.de> To: <suse-security@suse.com> Sent: Thursday, May 31, 2001 1:45 PM Subject: [suse-security] Strange apache log entry
my logfiles reports 404 requests to /_vti_bin/shtml.exe/_vti_rpc and similar.
Is this a kind of hacker attack?
Maybe you find it out by yourself using a search engine: http://www.google.de/search?q=_vti_bin%2Fshtml.exe%2F_vti_rpc++crack&hl=de&s afe=off then you get results like this: http://www.insecure.org/sploits/Microsoft.frontpage.insecurities.html Ciao Sören
participants (3)
-
Boris Lorenz -
Soeren Todt -
Thorsten Marquardt