> This guy (64.242.88.50) is back again. 14,702 times and > counting since last midnight. He apparently ignors > robots.txt I asked my ISP to block him at the firewall early > this morning, but he apparently did not. (Today's log file > for this URL is 27MB and counting.) > > But another character started out: > > 208.27.31.145 www.smarteryellowpages.com - > [31/Jan/2005:11:35:46 -0800] "GET > /MSOffice/cltreq.asp?UL=1&ACT=4&BUILD=5606&STRMVER=4&CAPREQ=0 > HTTP/1.1" 302 233 "" "Mozilla/4.0 (compatible; MSIE 6.0; > Windows NT 5.1; .NET CLR 1.1.4322)" > > and then did > > 208.27.31.145 www.smarteryellowpages.com - > [31/Jan/2005:11:35:47 -0800] "GET /MSOffice/index.cfm > HTTP/1.1" 302 233 "" "Mozilla/4.0 (compatible; MSIE 6.0; > Windows NT 5.1; .NET CLR 1.1.4322)" > > 31,758 times and counting. The first 208.27.31.145 looks > like an attempt at SQL Injection. Is it? We don't run asp > here (perhaps fortunately). The second looks something like > a DOS attack.
Neither of these contains an SQL injection attack string. SQL injection attacks contain, well, SQL. Dave Watts, CTO, Fig Leaf Software http://www.figleaf.com/ Fig Leaf Software provides the highest caliber vendor-authorized instruction at our training centers in Washington DC, Atlanta, Chicago, Baltimore, Northern Virginia, or on-site at your location. Visit http://training.figleaf.com/ for more information! ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~| Logware (www.logware.us): a new and convenient web-based time tracking application. Start tracking and documenting hours spent on a project or with a client with Logware today. Try it for free with a 15 day trial account. http://www.houseoffusion.com/banners/view.cfm?bannerid=67 Message: http://www.houseoffusion.com/lists.cfm/link=i:4:192579 Archives: http://www.houseoffusion.com/cf_lists/threads.cfm/4 Subscription: http://www.houseoffusion.com/lists.cfm/link=s:4 Unsubscribe: http://www.houseoffusion.com/cf_lists/unsubscribe.cfm?user=89.70.4 Donations & Support: http://www.houseoffusion.com/tiny.cfm/54
