Full Disclosure mailing list archives

Re: .hash=

From: Joris De Donder <fulld-j () digitaldefense be>
Date: Wed, 21 Apr 2004 16:27:13 +0200

can someone tell me what this attack is trying to accomplish:

212.56.240.47 - - [20/Apr/2004:14:37:07 +0200] "GET 
.hash=a577b8c9de273fe7ac21276fe3dd318de6b010bc HTTP/1.1" 404 324 "-" -"
http://thum.ath.cx/Security/what.hash


Looks like Fasttrack traffic (Kazaa and friends) and probably is.


Joris


_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html

Current thread:

Re: Super Worm, (continued)
- Re: Super Worm Willem Koenings (Apr 18)
  - Re: Super Worm Valdis . Kletnieks (Apr 19)
    - Re: [FD] Super Worm Andrew J Caines (Apr 19)
    - Re: [FD] Super Worm Andrew J Caines (Apr 19)
    - Re: Re: [FD] Super Worm Valdis . Kletnieks (Apr 19)
    - Re: Re: [FD] Super Worm Gregory A. Gilliss (Apr 19)
    - Re: Re: [FD] Super Worm Dave Horsfall (Apr 19)
    - Re: Re: [FD] Super Worm Bruce Ediger (Apr 20)
    - Re: Re: [FD] Super Worm Dave Horsfall (Apr 20)
  - .hash= fd (Apr 21)
    - Re: .hash= Joris De Donder (Apr 21)
- RE: Super Worm Randal, Phil (Apr 19)
  - RE: Super Worm Sean Crawford (Apr 19)
    - Re: Super Worm Aschwin Wesselius (Apr 19)
    - RE: Super Worm Curt Purdy (Apr 19)
    - RE: Super Worm Bart . Lansing (Apr 19)
    - Re: Super Worm Aschwin Wesselius (Apr 19)
    - Re: Super Worm Paul Schmehl (Apr 19)
    - Re: Super Worm Valdis . Kletnieks (Apr 19)
    - Re: Super Worm Bart . Lansing (Apr 20)
- RE: Super Worm Jos Osborne (Apr 20)