I got the following error this morning during my logwatch processing
which I run daily and I would like to know if there is anything I can
should do about it? Seems to me it could be serious, if someone has
penetrated my server.
A total of 4 possible successful probes were detected (the following
URLs
contain strings that match one or more of a listing of strings that
indicate a possible exploit):
/?f=../../../../../../../../../etc/passwd HTTP Response 200
/?file=../../../../../../../../../etc/passwd HTTP Response 200
/?filename=../../../../../../../../../etc/passwd HTTP
Response 200
/?id=../../../../../../../../../etc/passwd HTTP Response
200
Thanks in advance for any suggestions.
--
Your life is like a penny. You're going to lose it. The question is:
How do
you spend it?
John Covici wb2una
[email protected]
