Could someone help explain this Please?
davejpeacock at btinternet.com
Thu Oct 17 21:19:48 BST 2002
On Thu, Oct 17, 2002 at 07:53:22PM +0100, redjupiter wrote:
> Hi guys,
> While checking my httpd-access.log I came across this entry:
> 126.96.36.199 - - [17/Oct/2002:09:41:52 +0100] "GET
> /default.ida?NNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNN%u9090%u6858%ucbd3%u7801%u9090%u6858%ucbd3%u7801%u9090%u6858%ucbd3%u7801%u9090%u9090%u8190%u00c3%u0003%u8b00%u531b%u53ff%u0078%u0000%u00=a HTTP/1.0" 400 309 "-" "-"
> Are these guys trying to buffer overflow apache httpd server?
Yep, looks like code red to me.
I had a lot of this about a year ago. Many many many attacks every day.
> Am I safe with Apache 2.0.42 version?
Yes, this is where you get to laugh at the Windows/ISS weenies ;-)
> thanks for any input.
Chill man, you're clear ;-)
Dave Peacock - davejpeacock at btinternet.com - http://darkcorner.org/
A: Top posting
Q: What is the most irritating thing on Usenet?
- "Gordon" on apihna
More information about the Ukfreebsd