|
Strange Access Log data
In Apache 2.0.48 running on XP Pro I got the following in the access log:
XXX.XXX.XXX.XXX - - [16/Feb/2004:07:42:23 -0500] "GET http://dc.tickerbar.net/tld/pxy.m?nc=15277856 HTTP/1.0" 404 290 (IP Removed) A Whois search on this IP located it in China. Is this a problem I need to worry about, maybe a hacker? This web address that the access tried to reach does not exist on my server and I have never heard of it. |
Re: Strange Access Log data
Yes, its hacker activity, I get a lot on my apache logs as well.
Don't need to worry with apache, all the exploits are for IIS. Derek On Sat, 21 Feb 2004 02:57:15 GMT, "Andrew Watiker" <DmctNY8@optonline.net> wrote: >In Apache 2.0.48 running on XP Pro I got the following in the access log: > >XXX.XXX.XXX.XXX - - [16/Feb/2004:07:42:23 -0500] "GET >http://dc.tickerbar.net/tld/pxy.m?nc=15277856 HTTP/1.0" 404 290 > >(IP Removed) > >A Whois search on this IP located it in China. Is this a problem I need to >worry about, maybe a hacker? This web address that the access tried to >reach does not exist on my server and I have never heard of it. > |
Re: Strange Access Log data
derek / nul <spamtrap@sgrail.org> wrote in message news:<mr3e30p8pkusdqs1g0v5rd3ne014bkfdg2@4ax.com>. ..
> Yes, its hacker activity, I get a lot on my apache logs as well. > > Don't need to worry with apache, all the exploits are for IIS. > <SNIP> Yo, folks, any links to definitive explanations of this hack? What's the affected application/DLL? etc., etc. tks, PH |
| All times are GMT. The time now is 08:12 AM. |
Powered by vBulletin®. Copyright ©2000 - 2013, vBulletin Solutions, Inc.
SEO by vBSEO ©2010, Crawlability, Inc.