there are files in the last directory, each 25,001 bytes called MOHDAEF.001 - .031 and a final MOHDAEF.cue file.
strange. tw On 9/7/05, Matthew Blatchley <[EMAIL PROTECTED]> wrote: > Would a SQL injection attack and creating a folder are two different acts > right? SQL injection attack is through the web form...and the creation of a > folder is by someone getting into the box...yeah? > > ----- Original Message ----- > From: "Jerry Johnson" <[EMAIL PROTECTED]> > To: "CF-Community" <[email protected]> > Sent: Wednesday, September 07, 2005 10:08 PM > Subject: Re: help!! > > > > Yes, of course you should bw worried. (Which you know) > > > > Could it have been a SQL injection attack going through your blog > > comments? > > Is your cfide structure in a non-standard place? > > I assume you have all patches in place for SQL, IIS, CF and your OS, yes? > > > > Can you tell what user created the folder? > > Is there anything in the folder? > > Can you tell what time the folder was created, and then match that up > > to SQL logs, IIS logs and CF logs? > > > > FWIW: > > Bender is a windows virus (W32.Bender.1363) > > Bender is a character from Futurama. In The Honking, Bender is > > infected with a virus that turns him into a murderous car each evening > > at midnight. They also mention K.I.T.T. in this episode (from Knight > > Rider) > > Medal of Honnor En Formation looks like the french spelling > > lpt5, lpt4 and com0 are communication ports (printer, serial) > > > > > > On 9/7/05, Tony <[EMAIL PROTECTED]> wrote: > >> D:\webserver\.tag4\ . lpt5\ .ΓΏ lpt4\ . com0\ [EMAIL PROTECTED] > >> [[Bender scan -- K.I.T.T tagg]]\ .K.I.T.T\Medal of Honnor-En > >> Formation > >> > >> is a path on my new dedicated box on my server that just magically showed > >> up. > >> > >> i ran a full scan on the box, came up with nothing. > >> > >> question: should i be worried? > >> > >> also, today, i noticed a BUTTLOAD of traffic from a certain group of > >> ipaddresses... > >> they all came from: > >> > >> 203.28.159.135 - 203.28.15.138 > >> > >> to my blog page. > >> > >> and i just dont know wtf to do, or where to start, ive googled most > >> parts of the path, the TAG of the fucknut who did something, but im > >> not sure where to go with this one. > >> > >> thanks. > >> tony > >> > >> > >> -- > >> ....tony > >> > >> Tony Weeg > >> tonyweeg [at] gmail [dot] com > >> > >> > > > > > > ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~| Discover CFTicket - The leading ColdFusion Help Desk and Trouble Ticket application http://www.houseoffusion.com/banners/view.cfm?bannerid=48 Message: http://www.houseoffusion.com/lists.cfm/link=i:5:173229 Archives: http://www.houseoffusion.com/cf_lists/threads.cfm/5 Subscription: http://www.houseoffusion.com/lists.cfm/link=s:5 Unsubscribe: http://www.houseoffusion.com/cf_lists/unsubscribe.cfm?user=11502.10531.5 Donations & Support: http://www.houseoffusion.com/tiny.cfm/54
