Thanks for your help.. I fell a lot better now.. --- poeml@cmdline.net wrote:
Hello All,
I have a SuSE server that that have apache as the Webserver on it ... I was going through the acces_log and I found sone curiuos entry... there are many lines that start with "SEARCH /\x90\x90\x90 pages of that.. some other string contain \xc9, \xb1, \x02
On Mon, Mar 14, 2005 at 06:34:52AM -0800, MindBender wrote: that
ended with 414 339 ....
Can some body please help to anderstang what happen.. is this a Hack attempt?
The server is on a intranet.
It is a stupid tool trying to overflow a stupid webserver (nothing that apache should be susceptible to, no such vulnerability is known). You might want to investigate where the requrests originate from, but only if it comes from your intranet, because otherwise it is quite pointless. (just usual Internet scatter)
Peter -- the little cardinal imitated the big cardinal
|__|___|___|__\\|// - ?__|___|_____|___|_____| |__|___|___|__(o o)______|___|_____|___|_____| |__|___|___oOOO(_)OOOo____|___|_____|___|_____| email : ephlodur@rocketmail.com What we need is Awareness we can't get carelless. __________________________________ Do you Yahoo!? Yahoo! Mail - Easier than ever with enhanced search. Learn more. http://info.mail.yahoo.com/mail_250
On Mon, 2005-03-14 at 13:16, MindBender wrote:
Thanks for your help.. I fell a lot better now..
I hope it didn't hurt to much when you fell. :-) -- Ken Schneider UNIX since 1989, linux since 1994, SuSE since 1998 * Only reply to the list please* "The day Microsoft makes something that doesn't suck is probably the day they start making vacuum cleaners." -Ernst Jan Plugge
participants (2)
-
Ken Schneider
-
MindBender