Security Incidents mailing list archives

RE: Weird apache logs

From: "NESTING, DAVID M (SBCSI)" <dn3723 () sbc com>
Date: Wed, 26 Feb 2003 13:15:59 -0600

This outwar.com thing is an annoying little game, where people get "points"
for getting (tricking) other people into following the link.  This is
probably some kid's attempt at racking up points by relaying the hits
through a proxy (e.g. you) to make it seem like someone else is following
the links.

I'd send a note to the outwar.com folks.

-----Original Message-----
From: Travis Read [mailto:travisr () rave iinet net au]
Sent: Tuesday, 25 February, 2003 19:57
To: incidents () securityfocus com
Subject: Weird apache logs



Over the last few days I've noticed a number of weird GET requests in my
apache logs. Has anybody else seen this kind of traffic or have any idea
what's causing it?

66.31.196.92 - - [26/Feb/2003:05:51:24 +0800] "GET
http://www.outwar.com/page.php?x=155098&pro=1e14c3925f8337fcb0d9b447f816493d
HTTP/1.1" 404 291 "-" "Mozilla/4.0 (compatible; MSIE 4.01; Windows 95)"

----------------------------------------------------------------------------

<Pre>Lose another weekend managing your IDS?
Take back your personal time.
15-day free trial of StillSecure Border Guard.</Pre>
<A href="http://www.securityfocus.com/stillsecure";> http://www.securityfocus.com/stillsecure </A>

Current thread:

Weird apache logs Travis Read (Feb 26)
- RE: Weird apache logs Carmen Tache (Feb 26)
- <Possible follow-ups>
- RE: Weird apache logs NESTING, DAVID M (SBCSI) (Feb 26)