Could someone help explain this Please?

Dave Peacock davejpeacock at btinternet.com
Thu Oct 17 21:19:48 BST 2002


On Thu, Oct 17, 2002 at 07:53:22PM +0100, redjupiter wrote:
> Hi guys,
> 
> While checking my httpd-access.log I came across this entry:
> 
> 
> 200.13.240.94 - - [17/Oct/2002:09:41:52 +0100] "GET
> /default.ida?NNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNN%u9090%u6858%ucbd3%u7801%u9090%u6858%ucbd3%u7801%u9090%u6858%ucbd3%u7801%u9090%u9090%u8190%u00c3%u0003%u8b00%u531b%u53ff%u0078%u0000%u00=a  HTTP/1.0" 400 309 "-" "-"
> Are these guys trying to buffer overflow apache httpd server?

Yep, looks like code red to me.
I had a lot of this about a year ago. Many many many attacks every day.

> Am I safe with Apache 2.0.42 version?

Yes, this is where you get to laugh at the Windows/ISS weenies ;-)

> thanks for any input.

Chill man, you're clear ;-)

-- 
Dave Peacock - davejpeacock at btinternet.com - http://darkcorner.org/
A: Top posting
Q: What is the most irritating thing on Usenet?
                    - "Gordon" on apihna




More information about the Ukfreebsd mailing list