-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 aldiones wrote:
> Could you please share how you prevented this from happening in > your server? > > It would be greatly appreciated. > > Thanks! > > On 10/16/06, *rowland onobrauche * > <[EMAIL PROTECTED] > <mailto:[EMAIL PROTECTED]>> wrote: > > > > Aubs wrote: > >> Care to share with all? on the list - After all you did ask for >> help :) > >> On 13/10/06, *rowland onobrauche* < >> [EMAIL PROTECTED] > <mailto:[EMAIL PROTECTED]> >> <mailto:[EMAIL PROTECTED] > <mailto:[EMAIL PROTECTED]>>> wrote: > > >> Digital Ebola wrote: > >>> On 10/13/06, rowland onobrauche >>> <[EMAIL PROTECTED] > <mailto:[EMAIL PROTECTED]> >>> >> <mailto: [EMAIL PROTECTED] > <mailto:[EMAIL PROTECTED]>>> >>> wrote: > > >>> Hi all. > >>> Im getting logs such as > >>> "GET >>> http://www.escorts-etc.com/cgi-bin/ftop100/rankem.cgi?id=gagvault >>> HTTP/1.0" 200 147 " http://www.gagvault.com/linkspage.html"; >>> "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1)" > >>> In some of my httpd access logs, even though this type of site >>> is not existant on the server. Anyone seen this before?? > >>>> >>>> >> - >> > ------------------------------------------------------------------------------ > >> This List Sponsored by: Black Hat >>>> >> Attend the Black Hat Briefings & Training USA, July 29-August 3 >> in Las Vegas. World renowned security experts reveal tomorrow's >> threats today. Free of vendor pitches, the Briefings are designed >> to be pragmatic regardless of your security environment. >> Featuring 36 hands-on training courses and 10 conference tracks, >> networking opportunities with over 2,500 delegates from 40+ >> nations. >>>> >> http://www.blackhat.com - >> > ------------------------------------------------------------------------------ > > >>>> >>>> > >>> Are you running any type of proxy configuration? > > > > > >> No proxy, but someone has explained what the problem is. > >> thanks very much to all > > > - > ------------------------------------------------------------------------------ > This List Sponsored by: Black Hat > > Attend the Black Hat Briefings & Training USA, July 29-August 3 in > Las Vegas. World renowned security experts reveal tomorrow's > threats today. Free of vendor pitches, the Briefings are designed > to be pragmatic regardless of your security environment. Featuring > 36 hands-on training courses and 10 conference tracks, networking > opportunities with over 2,500 delegates from 40+ nations. > > http://www.blackhat.com - > ---------------------------------------------------------------------------- > > > > > > > Thanks to all for the help. > > I have since found that it was someone scanning for an open proxy. > > > regards > > rowlando - ------------------------------------------------------------------------------ This List Sponsored by: Black Hat Attend the Black Hat Briefings & Training USA, July 29-August 3 in Las Vegas. World renowned security experts reveal tomorrow's threats today. Free of vendor pitches, the Briefings are designed to be pragmatic regardless of your security environment. Featuring 36 hands-on training courses and 10 conference tracks, networking opportunities with over 2,500 delegates from 40+ nations. http://www.blackhat.com - ------------------------------------------------------------------------------ > -- Good design adds value faster than it adds cost. All i could do was block the ip from the whole network and installed mod_security on this particular server. rowlando -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.5 (GNU/Linux) Comment: Using GnuPG with Fedora - http://enigmail.mozdev.org iD8DBQFFNK+Hn71Wg8vs0SURAqVwAJ9idgF6L8KBSnIBjtYuaZ0geZmVkQCgoe7N jObgBm3CqkASSUBvRj3tkFY= =Vp2w -----END PGP SIGNATURE----- ------------------------------------------------------------------------------ This List Sponsored by: Black Hat Attend the Black Hat Briefings & Training USA, July 29-August 3 in Las Vegas. World renowned security experts reveal tomorrow's threats today. Free of vendor pitches, the Briefings are designed to be pragmatic regardless of your security environment. Featuring 36 hands-on training courses and 10 conference tracks, networking opportunities with over 2,500 delegates from 40+ nations. http://www.blackhat.com ------------------------------------------------------------------------------
