On Thursday 05 October 2006 12:21 pm, dso wrote: This may shed some light. http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-5152 Or isc.sans.org
> I got an interesting series of 404s on my website from > 211-72-233-10.HINET-IP.hinet.net > > tcnuke appears to be a Chinese web portal system like phpnuke > > I usually get these kind of probes after an exploit has been found. > > In order from last to first 404 > > /tcnuke/bbmpg12418.zip > /images/bbmpeg.html > /tcnuke/asftools310_tw.zip > /images/asftools310.exe > /tcnuke/ttpsetup_cht.exe > /tcnuke/xmplay33.zip > /tcnuke/xmplay.html > /tcnuke/player.php > /tcnuke/cwinamp5094.exe > /tcnuke/winamp53_pro.exe > /tcnuke/downloader.php?plugin=2 > /tcnuke/qcd451.exe > /tcnuke/DLM_2200046_CHT.exe > /tcnuke/mmsetup_10004015c_ENU.exe > /tcnuke/3000-2167_4-10495839.html?tag=pdp_prod > /includes/iTunesSetup.exe > /includes/foobar2000_0.9.4.exe > /hc/qcd451.exe > /hc/bbmpg12418.zip > /hc/asftools310_tw.zip > /hc/FreeMeterSetup.exe > /hc/bitpro.exe > /hc/cwinamp5094.exe > /hc/winamp53_pro.exe > /hc/3000-2121_4-10492453.html > /hc/DLM_2200046_CHT.exe > /hc/mmsetup_10004015c_ENU.exe > /hc/3000-2167_4-10495839.html?tag=pdp_prod > /includes/3DMark06_v102_installer.exe > /de/ > /badfs/badfs/tw2/ > /support/downloads/ > /products/dexp/downloads/ > /arc/ > /lightning/ > /images/heliattack2.php > /images/view.php?nid=64 > /tcnuke/d-6.htm > /FastStone-Image-Viewer/ > /games/cubis2/play/ > /customer/ > > Daniel ------------------------------------------------------------------------------ This List Sponsored by: Black Hat Attend the Black Hat Briefings & Training USA, July 29-August 3 in Las Vegas. World renowned security experts reveal tomorrow's threats today. Free of vendor pitches, the Briefings are designed to be pragmatic regardless of your security environment. Featuring 36 hands-on training courses and 10 conference tracks, networking opportunities with over 2,500 delegates from 40+ nations. http://www.blackhat.com ------------------------------------------------------------------------------
