 |
Home
| Calendar
| Mail Lists
| List Archives
| Desktop SIG
| Hardware Hacking SIG
Wiki | Flickr | PicasaWeb | Video | Maps & Directions | Installfests | Keysignings Linux Cafe | Meeting Notes | Blog | Linux Links | Bling | About BLU |
|
Home
| Calendar
| Mail Lists
| List Archives
| Desktop SIG
| Hardware Hacking SIG
Wiki | Flickr | PicasaWeb | Video | Maps & Directions | Installfests | Keysignings Linux Cafe | Meeting Notes | Blog | Linux Links | Bling | About BLU |
I just turned on snort for the first time. It's so cool... Within fifteen minutes I got something to see. Log Date: 09/10 04:46:01 Name: WEB-IIS ISAPI .ida attempt Priority: 1 Type: Web Application Attack IP info: 24.43.216.154:3351 -> 24.60.178.249:80 References: 1 2 3 Date: 09/10 04:46:01 Name: WEB-IIS cmd.exe access Priority: 1 Type: Web Application Attack IP info: 24.43.216.154:3351 -> 24.60.178.249:80 References: none found Date: 09/10 04:59:51 Name: WEB-IIS ISAPI .ida attempt Priority: 1 Type: Web Application Attack IP info: 24.60.228.112:4462 -> 24.60.178.249:80 References: 1 2 3 Date: 09/10 04:59:51 Name: WEB-IIS cmd.exe access Priority: 1 Type: Web Application Attack IP info: 24.60.228.112:4462 -> 24.60.178.249:80 References: none found New stuff to check out! But why would someone do that? I'm obviously not using windows... Is this automated? And do you guys see this stuff constantly? ===== D. Eric Chadbourne http://caffeinated.homelinux.net/ "Shadowman doesn't know what the heck you just said, but you moved him." - Shadowman. _______________________________ Do you Yahoo!? Shop for Back-to-School deals on Yahoo! Shopping. http://shopping.yahoo.com/backtoschool
 |
|
| BLU is a member of BostonUserGroups | |
| We also thank MIT for the use of their facilities. | |
