> -----Original Message----- > From: Maxime Ducharme [mailto:[EMAIL PROTECTED] > Sent: Wednesday, October 22, 2003 12:40 PM > To: [EMAIL PROTECTED] > Subject: [Full-Disclosure] Need help to find web server > attacks signature > > > Hi all, > i'd need help to identify an attack that happened on one > of our customer's web server yesterday, I put the log file > here : > http://www.pandore-design.com/security/2003-10-21-IIS-attack.t xt
Looks like a vuln scanner that's designed to try a number of default install mistakes to see if anything works. The previous poster may be correct that it was NIKTO. Could also be whisker or stealth. Paul Schmehl ([EMAIL PROTECTED]) Adjunct Information Security Officer The University of Texas at Dallas AVIEN Founding Member http://www.utdallas.edu/~pauls/ _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html
