Yes, of course you should bw worried. (Which you know) Could it have been a SQL injection attack going through your blog comments? Is your cfide structure in a non-standard place? I assume you have all patches in place for SQL, IIS, CF and your OS, yes?
Can you tell what user created the folder? Is there anything in the folder? Can you tell what time the folder was created, and then match that up to SQL logs, IIS logs and CF logs? FWIW: Bender is a windows virus (W32.Bender.1363) Bender is a character from Futurama. In The Honking, Bender is infected with a virus that turns him into a murderous car each evening at midnight. They also mention K.I.T.T. in this episode (from Knight Rider) Medal of Honnor En Formation looks like the french spelling lpt5, lpt4 and com0 are communication ports (printer, serial) On 9/7/05, Tony <[EMAIL PROTECTED]> wrote: > D:\webserver\.tag4\ . lpt5\ .ΓΏ lpt4\ . com0\ [EMAIL PROTECTED] > [[Bender scan -- K.I.T.T tagg]]\ .K.I.T.T\Medal of Honnor-En > Formation > > is a path on my new dedicated box on my server that just magically showed up. > > i ran a full scan on the box, came up with nothing. > > question: should i be worried? > > also, today, i noticed a BUTTLOAD of traffic from a certain group of > ipaddresses... > they all came from: > > 203.28.159.135 - 203.28.15.138 > > to my blog page. > > and i just dont know wtf to do, or where to start, ive googled most > parts of the path, the TAG of the fucknut who did something, but im > not sure where to go with this one. > > thanks. > tony > > > -- > ....tony > > Tony Weeg > tonyweeg [at] gmail [dot] com > > ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~| Save $10 Download ZoneAlarm Security Suite http://www.houseoffusion.com/banners/view.cfm?bannerid=66 Message: http://www.houseoffusion.com/lists.cfm/link=i:5:173222 Archives: http://www.houseoffusion.com/cf_lists/threads.cfm/5 Subscription: http://www.houseoffusion.com/lists.cfm/link=s:5 Unsubscribe: http://www.houseoffusion.com/cf_lists/unsubscribe.cfm?user=89.70.5 Donations & Support: http://www.houseoffusion.com/tiny.cfm/54
